Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   wurm.P2P gefunden, was soll ich tun? (https://www.trojaner-board.de/95054-wurm-p2p-gefunden-tun.html)

Riad1299 13.03.2011 19:10
Ich weiss nicht warum, aber ich kann das zipArchiev nicht uploaden, anti vir und kaspersky sind ausgeschaltet.

ich weiss nicht obs hilfst, aber hier ist jedenfalls das log von OTL:

All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTO.WAV moved successfully.
C:\autoexec.bat moved successfully.
E:\autorun.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee482216-5ea9-11df-b2f6-001b381b7fae}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ee482216-5ea9-11df-b2f6-001b381b7fae}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee482216-5ea9-11df-b2f6-001b381b7fae}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ee482216-5ea9-11df-b2f6-001b381b7fae}\ not found.
File Z:\Autorun.exe not found.
C:\found.003\dir0000.chk\tr_TR\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\tr_TR folder moved successfully.
C:\found.003\dir0000.chk\tc_TC\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\tc_TC folder moved successfully.
C:\found.003\dir0000.chk\sw_SW\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\sw_SW folder moved successfully.
C:\found.003\dir0000.chk\sh_SH\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\sh_SH folder moved successfully.
C:\found.003\dir0000.chk\ru_RU\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\ru_RU folder moved successfully.
C:\found.003\dir0000.chk\ro_RO\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\ro_RO folder moved successfully.
C:\found.003\dir0000.chk\po_PO\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\po_PO folder moved successfully.
C:\found.003\dir0000.chk\pl_PL\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\pl_PL folder moved successfully.
C:\found.003\dir0000.chk\pe_PE\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\pe_PE folder moved successfully.
C:\found.003\dir0000.chk\ja_JA\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\ja_JA folder moved successfully.
C:\found.003\dir0000.chk\it_IT\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\it_IT folder moved successfully.
C:\found.003\dir0000.chk\hb_HB\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\hb_HB folder moved successfully.
C:\found.003\dir0000.chk\fr_FR\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\fr_FR folder moved successfully.
C:\found.003\dir0000.chk\es_ES\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\es_ES folder moved successfully.
C:\found.003\dir0000.chk\el_EL\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\el_EL folder moved successfully.
C:\found.003\dir0000.chk\du_DU\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\du_DU folder moved successfully.
C:\found.003\dir0000.chk\de_DE\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\de_DE folder moved successfully.
C:\found.003\dir0000.chk\cz_CZ\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\cz_CZ folder moved successfully.
C:\found.003\dir0000.chk\bg_BG\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\bg_BG folder moved successfully.
C:\found.003\dir0000.chk\ar_AR\LC_MESSAGES folder moved successfully.
C:\found.003\dir0000.chk\ar_AR folder moved successfully.
C:\found.003\dir0000.chk folder moved successfully.
C:\found.003 folder moved successfully.
C:\ProgramData\6C6C710F0D.sys moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: holger
->Temp folder emptied: 69758654 bytes
->Temporary Internet Files folder emptied: 14642311 bytes
->Java cache emptied: 12317698 bytes
->FireFox cache emptied: 75097368 bytes
->Google Chrome cache emptied: 205755461 bytes
->Flash cache emptied: 1291 bytes

User: Mari
->Temp folder emptied: 1091489344 bytes
->Temporary Internet Files folder emptied: 5542097 bytes
->Java cache emptied: 26263654 bytes
->FireFox cache emptied: 90588158 bytes
->Google Chrome cache emptied: 37395739 bytes
->Flash cache emptied: 6969 bytes

User: Mariß

User: Public

User: RPGVX

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 199168 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 37111488 bytes
RecycleBin emptied: 81822929 bytes

Total Files Cleaned = 1.667,00 mb


OTL by OldTimer - Version 3.2.22.3 log created on 03132011_130051

cosinus 13.03.2011 19:21
Versuch das ZIP-Archiv hier hochzuladen => File-Upload.net - Ihr kostenloser File Hoster!
und verlinke die Datei hier.

Riad1299 13.03.2011 19:29
geht auch nicht.
hier wie es abläuft:

1) ich kopiere MovedFiles in das zip archiev
, da kommt schon ein fehler;
"Kann den Inhalt von C:\_OTL\MovedFiles\03132011_130051\C_found.003\* nicht lesen"
2) es ist trotzdem allees verpackt. also versuch ichs upzuloaden, aber FEHLER...

cosinus 14.03.2011 09:07
Dann lass es sein. Bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
http://saved.im/mtm0nzyzmzd5/cofi.jpg
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:34 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130