![]() |
@sill Ein andere Lösung Erstelle diese exefix.reg datei in einem Anderem PC oder bei einen Kumpel auf Diskette oder USB Stick speichern dann bei dir ausführen,dann sollte funktionieren Oder wenn du willst schicke ich dir die Datei per mail. Melde dich Gruss Expert |
Zitat:
Jedoch bekomme ich die selbe Fehlermeldung "sysrnj.exe konnte nicht gefunden werden." |
@sill Ich melde mich Gruss Expert |
Achso ich hab gestern Nacht den escan durchgeführt, und folgendes wurde laut der *.log gefunden: Tue Nov 29 23:28:02 2005 => Total Objects Scanned: 49109 Tue Nov 29 23:28:02 2005 => Total Virus(es) Found: 52 Tue Nov 29 23:28:03 2005 => Total Disinfected Files: 0 Tue Nov 29 23:28:03 2005 => Total Files Renamed: 0 Tue Nov 29 23:28:03 2005 => Total Deleted Objects: 0 Tue Nov 29 23:28:03 2005 => Total Errors: 206 Tue Nov 29 23:28:03 2005 => Time Elapsed: 00:27:35 Tue Nov 29 23:28:03 2005 => Virus Database Date: 2005/11/28 Tue Nov 29 23:28:03 2005 => Virus Database Count: 161878 Tue Nov 29 23:28:03 2005 => Scan Completed. Tue Nov 29 23:29:24 2005 => Virus Database Date: 2005/11/28 Tue Nov 29 23:29:24 2005 => Virus Database Count: 161878 Tue Nov 29 23:29:37 2005 => AV Library Unloaded (3)... |
Ok, die Signaturen sind aktuell aber Zitat:
Zitat:
stupormundi |
'Offending' Tue Nov 29 23:00:44 2005 => ***** Scanning Registry and File system for Adware/Spyware ***** Tue Nov 29 23:00:44 2005 => Loading Spyware Signatures from new External Database (Size: 145347). Tue Nov 29 23:00:44 2005 => Indexed Spyware Databases Successfully Created... Tue Nov 29 23:00:44 2005 => System found infected with bearshare Spyware/Adware ({558ec983-bedb-9168-b2de-31dbf0ee543e})! Action taken: No Action Taken. Tue Nov 29 23:00:44 2005 => System found infected with bearshare Spyware/Adware ({9f95f736-0f62-4214-a4b4-caa6738d4c07})! Action taken: No Action Taken. Tue Nov 29 23:00:44 2005 => System found infected with flashfxp Spyware/Adware ({e5a1691b-d188-4419-ad02-90002030b8ee})! Action taken: No Action Taken. Tue Nov 29 23:00:44 2005 => System found infected with flashfxp Spyware/Adware ({e5a1691b-d188-4419-ad02-90002030b8ee})! Action taken: No Action Taken. Tue Nov 29 23:00:44 2005 => System found infected with bearshare Spyware/Adware ({5f95e1af-2620-4f15-bdf9-7fdce4607e17})! Action taken: No Action Taken. Tue Nov 29 23:00:44 2005 => System found infected with bearshare Spyware/Adware ({905d0df2-3a0a-4d94-853c-54a12a745905})! Action taken: No Action Taken. Tue Nov 29 23:00:44 2005 => System found infected with whenu.savenow Spyware/Adware ({c285d18d-43a2-4aef-83fb-bf280e660a97})! Action taken: No Action Taken. Tue Nov 29 23:00:45 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\bearshare !!! Tue Nov 29 23:00:45 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:45 2005 => Offending Key found: HKCU\appevents\eventlabels\bearsharechatnotifymsg !!! Tue Nov 29 23:00:45 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:45 2005 => Offending Key found: HKCU\appevents\schemes\apps\bearshare !!! Tue Nov 29 23:00:45 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:45 2005 => Offending Key found: HKLM\Software\magnet\handlers\bearshare !!! Tue Nov 29 23:00:45 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:45 2005 => Offending Key found: HKLM\Software\bearshare !!! Tue Nov 29 23:00:45 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:45 2005 => Offending Key found: HKLM\Software\freshdevices !!! Tue Nov 29 23:00:46 2005 => Object "fresh devices Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:46 2005 => Offending Key found: HKCU\Software\freshdevices !!! Tue Nov 29 23:00:46 2005 => Object "fresh devices Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:46 2005 => Offending Key found: HKCU\Software\gnu !!! Tue Nov 29 23:00:46 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:46 2005 => Offending value found in HKLM\Software\Microsoft\Windows\CurrentVersion\Run: powerstrip !!! Tue Nov 29 23:00:46 2005 => Object "powerstrip Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:46 2005 => Offending value found in HKLM\Software\Licenses: {i56b3cf0d9ab991e1} !!! Tue Nov 29 23:00:46 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:46 2005 => Offending value found in HKLM\Software\Licenses: {056b3cf0d9ab991e1} !!! Tue Nov 29 23:00:46 2005 => Object "bearshare Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:46 2005 => Offending Folder found: C:\Programme\freshdevices Tue Nov 29 23:00:46 2005 => Object "fresh devices Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:46 2005 => Offending Folder found: C:\Programme\powerstrip Tue Nov 29 23:00:46 2005 => Object "powerstrip Spyware/Adware" found in File System! Action Taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Desktop\apps\bearshare.lnk Tue Nov 29 23:00:47 2005 => System found infected with bearshare Spyware/Adware (bearshare.lnk)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Eigene Dateien\stronghold 2\config.dat Tue Nov 29 23:00:47 2005 => System found infected with startsurfing Spyware/Adware (config.dat)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\lbddy93v\aol[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\lbddy93v\aol[2].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[2].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\qivk6lox\adswrapper[1].js Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\qivk6lox\ads[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\qivk6lox\aol[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\qivk6lox\aol[2].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[2].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\sgy5unaf\aol[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\sgy5unaf\aol[2].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[2].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\sgy5unaf\show_ads[2].js Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\ubx2n695\aol[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\temporary internet files\content.ie5\ubx2n695\aol[2].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[2].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\lbddy93v\aol[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\lbddy93v\aol[2].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[2].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\qivk6lox\adswrapper[1].js Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\qivk6lox\ads[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\qivk6lox\aol[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\qivk6lox\aol[2].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[2].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\sgy5unaf\aol[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\sgy5unaf\aol[2].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[2].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\sgy5unaf\show_ads[2].js Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\ubx2n695\aol[1].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[1].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\sill\Lokale Einstellungen\Temporary Internet Files\content.ie5\ubx2n695\aol[2].htm Tue Nov 29 23:00:47 2005 => System found infected with whenu.savenow Spyware/Adware (aol[2].htm)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\bearshare.lnk Tue Nov 29 23:00:47 2005 => System found infected with bearshare Spyware/Adware (bearshare.lnk)! Action taken: No Action Taken. Tue Nov 29 23:00:47 2005 => Offending file found: C:\Dokumente und Einstellungen\All Users\Startmenü\programme\bearshare.lnk Tue Nov 29 23:00:47 2005 => System found infected with bearshare Spyware/Adware (bearshare.lnk)! Action taken: No Action Taken. Tue Nov 29 23:00:48 2005 => Offending file found: C:\WINDOWS\iun6002.exe Tue Nov 29 23:00:48 2005 => System found infected with zipitpro Spyware/Adware (C:\WINDOWS\iun6002.exe)! Action taken: No Action Taken. Und es geht noch lange weiter zB mit "entry" Einträge Beispiel: Tue Nov 29 23:00:51 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Folders" refers to invalid object "G:\Dawn of War\Engine\Locale\Italian\". Action Taken: No Action Taken. |
@sill W32.Blebla.B.Worm Gehe auf Start/Suchen #Folgende Dateien falls vorhanden löschen: xromeo.exe und xromeo *. * xjuliet.chm und xjuliet *. * 001.txt 002.txt Sysrnj.exe und sysrnj *. * xromeo.lgc xromeo(1).exe xjuliet(2).chm Falls diese Dateien im gleichem Ordner sind,lösche den Ordner Melde dich wieder Gruss Expert |
Zitat:
sorry jedoch findet er keine einzige datei davon :( |
Die 'offending' Funde sind nicht die Welt - die verursachen Deine Probleme nicht! Bitte auch 'tagged' und 'infected' posten! Das kannst Du auf jeden Fall schon im abgesicherten Modus mal löschen Zitat:
|
tagged ist nichts vorhanden und infected sind die oben schon gepostet :) ich weiß nimma weiter |
Tja- in diesen Funden ist kein Grund für Deine *.exe Probleme zu finden! Ich nehme an, dass Deine Systemsteuerung immer noch nicht funktioniert? Btw: Deine Temporärdaten auch mal löschen, dann sind hier die meisten escan Funde mal weg! stupormundi |
Zitat:
|
@sill Gehe auf Start/Programme/Zubehör/Eingabeaufforderung Kopiere folgende: C:\windows > Kopie regedit.exe regedit.com,wenn erfolgreicht ist einfach regedit.com eingeben OK,dann öffnet Registry Fenster.gehe auf HKEY_CLASSES_ROOT\.exe,schaue mal in der rechten Seite des Fenster auf Standard,ob exefile vorhanden ist ? Gruss Expert |
zuerst wollte cmd.exe nicht, habs aber nun geschafft alles zum laufen zu bringen ! .exe ist eingetragen, folgene Schlüssel und Werte sind drin (Standart) REG_SZ rnjfile Content Type REG_SZ application/x-msdownload Unterordner: PersistentHandler: (Standart) REG_SZ {098f2470-bae0-11cd-b579-08002b30bfeb} |
@sill Kannst du auch das machen: #Scane mit Symantec Security Check ---->klicke auf Viren-erkennung (Virus Detection) dann Start. Downloading ActiveX erlauben,das Ergebnis hier posten. Symantec Security Check Ergebnis hier posten. Gruss Expert |
Alle Zeitangaben in WEZ +1. Es ist jetzt 10:05 Uhr. |
Copyright ©2000-2025, Trojaner-Board