Rechner Langsam und viel Spyware
11 Beiträge • Seite 1 von 1
Rechner Langsam und viel Spyware
von gfxclub am 18.02.2005, 13:18
Hi ergent wie ist mein Rechner immer langsammer und ich denke da ist auch bissel Spyware drauf! Kriege sie aber nicht weg.
Allso was ich weis das ist das Windowsservead drauf ist:
Bitte um Hilfe!
Habe Norton Fierwall drauf und Norton Antivirus sind die beiden ok oder sollte ich mir ein anderes zulegen?
Allso was ich weis das ist das Windowsservead drauf ist:
Logfile of HijackThis v1.99.1
Scan saved at 12:24:27, on 18.02.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe
C:\Programme\PestPatrol\PPMemCheck.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows ServeAd\WinServAd.exe
C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\Windows ServeAd\WinServSuit.exe
C:\uptime\client.exe
C:\WINDOWS\NCLAUNCH.EXe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
C:\Programme\Canon\MultiPASS4\MPSERVIC.EXE
C:\mysql\bin\mysqld-nt.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\alg.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\DOKUME~1\admin\LOKALE~1\Temp\Rar$EX00.500\HijackThis.exe
C:\WINDOWS\notepad.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Microsoft Office\Office10\OUTLOOK.EXE
C:\Programme\Microsoft Office\Office10\WINWORD.EXE
C:\Programme\Norton Internet Security\Norton AntiVirus\OPScan.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://proxy20.safersurf.com:8001
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: ToolHelper - {AAAE1C1A-89F7-4AF6-ABD1-F8FBCFA47408} - C:\PROGRA~1\DELOBA~1.1\deloba24.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O3 - Toolbar: Deloba24-Toolbar V1.1 - {D502E40C-65A8-4EC5-8838-36C0DE739A88} - C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Programme\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [PPMemCheck] C:\Programme\PestPatrol\PPMemCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Tools1] C:\Programme\surfbar.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [Windows ServeAd] C:\Program Files\Windows ServeAd\WinServAd.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvtrl32.exe
O4 - HKLM\..\Run: [msnappau] "C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe"
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKCU\..\Run: [Uptime-Project] C:\uptime\client.exe
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKCU\..\Run: [NCLaunch] C:\WINDOWS\NCLAUNCH.EXe
O4 - HKCU\..\Run: [SFS6] "C:\Programme\Steganos Secure FileSharing 6\sfs.exe" /booting
O4 - HKCU\..\Run: [AntiSpyware7] "C:\Programme\Steganos AntiSpyware 7\aspy7.exe" /0
O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - Startup: HanseNet.lnk = ?
O4 - Startup: Xfire.lnk = C:\Programme\Xfire\Xfire.exe
O9 - Extra button: Deloba24-Toolbar V1.1 - {D502E40C-65A8-4EC5-8838-36C0DE739A88} - C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
O9 - Extra 'Tools' menuitem: Deloba24-Toolbar V1.1 - {D502E40C-65A8-4EC5-8838-36C0DE739A88} - C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {31BD4DA3-256D-4C39-8E83-469F085EED0C} - C:\Programme\PicGrab\iestarter.exe (HKCU)
O9 - Extra 'Tools' menuitem: &PicGrab starten - {31BD4DA3-256D-4C39-8E83-469F085EED0C} - C:\Programme\PicGrab\iestarter.exe (HKCU)
O9 - Extra button: PicGrab - {C711CF16-B4D0-4498-8F34-BE61C73B5F60} - C:\Programme\PicGrab\iestarter.exe (HKCU)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplat ... curity.cab
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://www.pussyharem.com/stream/mmp.cab
O16 - DPF: {9076A11F-5EA6-4A67-BDE9-8D3C7C453DAC} - http://www.fizzlewizzle.com/installfiles/popblocker.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C943A301-3731-4BBF-A2E0-D3F5B8C6C13B}: NameServer = 213.191.74.19 213.191.92.86
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe
O23 - Service: MpService - Canon Inc. - C:\Programme\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: Norton AntiVirus Auto-Protect-Dienst (navapsvc) - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programme\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\GEMEIN~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
Bitte um Hilfe!
Habe Norton Fierwall drauf und Norton Antivirus sind die beiden ok oder sollte ich mir ein anderes zulegen?
- gfxclub
- Beiträge: 6
- Registriert: 18.02.2005, 13:13
von Nikita am 18.02.2005, 14:30
Hallo@gfxclub
C:\WINDOWS\notepad.exe
Eventuell Böse! Laut unserer Datenbank läuft dieser Prozess nomalerweise in c:\windows\system32\! Überprüfen Sie, ob Sie die Datei kennen und führen Sie ggf. einen Virencheck durch.
Jotti's malware scan 2.4 - einzelne "exe" ueberpruefen
http://virusscan.jotti.dhs.org/
reinkopieren:
C:\WINDOWS\notepad.exe
poste mir, was angezeigt wird
#öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://proxy20.safersurf.com:8001
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: ToolHelper - {AAAE1C1A-89F7-4AF6-ABD1-F8FBCFA47408} - C:\PROGRA~1\DELOBA~1.1\deloba24.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O3 - Toolbar: Deloba24-Toolbar V1.1 - {D502E40C-65A8-4EC5-8838-36C0DE739A88} - C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O4 - HKLM\..\Run: [Tools1] C:\Programme\surfbar.exe
O4 - HKLM\..\Run: [Windows ServeAd] C:\Program Files\Windows ServeAd\WinServAd.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvtrl32.exe
O4 - HKLM\..\Run: [msnappau] "C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe"
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKCU\..\Run: [Uptime-Project] C:\uptime\client.exe ????
O9 - Extra button: Deloba24-Toolbar V1.1 - {D502E40C-65A8-4EC5-8838-36C0DE739A88} - C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
O9 - Extra 'Tools' menuitem: Deloba24-Toolbar V1.1 - {D502E40C-65A8-4EC5-8838-36C0DE739A88} - C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
O9 - Extra button: (no name) - {31BD4DA3-256D-4C39-8E83-469F085EED0C} - C:\Programme\PicGrab\iestarter.exe (HKCU)
O9 - Extra 'Tools' menuitem: &PicGrab starten - {31BD4DA3-256D-4C39-8E83-469F085EED0C} - C:\Programme\PicGrab\iestarter.exe (HKCU)
O9 - Extra button: PicGrab - {C711CF16-B4D0-4498-8F34-BE61C73B5F60} - C:\Programme\PicGrab\iestarter.exe (HKCU)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplat ... curity.cab
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://www.pussyharem.com/stream/mmp.cab
O16 - DPF: {9076A11F-5EA6-4A67-BDE9-8D3C7C453DAC} - http://www.fizzlewizzle.com/installfiles/popblocker.cab
PC neustarten
KillBox
http://www.bleepingcomputer.com/files/killbox.php
<Delete File on Reboot--> anhaken
kopiere rein:
C:\Programme\surfbar.exe
C:\Programme\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\windows\system32\kalvtrl32.exe
C:\Programme\PicGrab\iestarter.exe
C:\Program Files\Windows ServeAd\WinServSuit.exe
C:\Program Files\Windows ServeAd\WinServAd.exe
C:\WINDOWS\Downloaded Program Files\WinServAdX.dll
und klick auf das rote Kreuz,
wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes"
PC neustarten
#ClaerProg..lade die neuste Version <1.4.1
http://www.clearprog.de/downloads.php
<und saeubere den Browser.
Das Programm löscht die Surfspuren des Internet Explorers ab Version 5.0, des Netscape/Mozilla und des Opera:
- Cookies
- Verlauf
- Temporäre Internetfiles (Cache)
eScan-Erkennungstool
eSan ist hier unter dem Namen Free eScan Antivirus Toolkit Utility kostenlos erhältlich:
http://www.mwti.net/antivirus/free_utilities.asp
oeffne den Scanner--> noch nicht scannen--> gehe in Start<Ausfuehren< schreib rein: %temp% und suche
kavupd.exe, die klickst du an--> (Update- in DOS) ausführen
-->mwav.exe oeffnen-->alle Haekchen setzen-->scannen-->View Log anklicken--> Bearbeiten anklicken--> "infected" reinschreiben
und nun alles rauskopieren, was angezeigt wird-->
dann die "infected" mit der Killbox oder manuell loeschen
#RegCleaner
(Tip: Lade RegCleaner, stelle das Tool in Deutsch ein und saeubere ueber <Tools<Registry saeubern<alles durchfuehren < den PC (du kannst alles angezeigte Loeschen, denn es verbleibt eine Sicherung)
http://www.chip.de/downloads/c_downloads_8830516.html
#Ad-aware SE Personal 1.05 Updated
http://fileforum.betanews.com/detail/965718306/1
Laden--> Updaten-->scannen-->PC neustarten--> noch mal scannen-
C:\WINDOWS\notepad.exe
Eventuell Böse! Laut unserer Datenbank läuft dieser Prozess nomalerweise in c:\windows\system32\! Überprüfen Sie, ob Sie die Datei kennen und führen Sie ggf. einen Virencheck durch.
Jotti's malware scan 2.4 - einzelne "exe" ueberpruefen
http://virusscan.jotti.dhs.org/
reinkopieren:
C:\WINDOWS\notepad.exe
poste mir, was angezeigt wird
#öffne das HijackThis-->> Button "scan" -->> Häkchen setzen -->> Button "Fix checked" -->> PC neustarten
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://proxy20.safersurf.com:8001
O2 - BHO: (no name) - {28CAEFF3-0F18-4036-B504-51D73BD81ABC} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programme\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: ToolHelper - {AAAE1C1A-89F7-4AF6-ABD1-F8FBCFA47408} - C:\PROGRA~1\DELOBA~1.1\deloba24.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O3 - Toolbar: Deloba24-Toolbar V1.1 - {D502E40C-65A8-4EC5-8838-36C0DE739A88} - C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
O4 - HKLM\..\Run: [Tools1] C:\Programme\surfbar.exe
O4 - HKLM\..\Run: [Windows ServeAd] C:\Program Files\Windows ServeAd\WinServAd.exe
O4 - HKLM\..\Run: [kalvsys] C:\windows\system32\kalvtrl32.exe
O4 - HKLM\..\Run: [msnappau] "C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe"
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKCU\..\Run: [Uptime-Project] C:\uptime\client.exe ????
O9 - Extra button: Deloba24-Toolbar V1.1 - {D502E40C-65A8-4EC5-8838-36C0DE739A88} - C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
O9 - Extra 'Tools' menuitem: Deloba24-Toolbar V1.1 - {D502E40C-65A8-4EC5-8838-36C0DE739A88} - C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
O9 - Extra button: (no name) - {31BD4DA3-256D-4C39-8E83-469F085EED0C} - C:\Programme\PicGrab\iestarter.exe (HKCU)
O9 - Extra 'Tools' menuitem: &PicGrab starten - {31BD4DA3-256D-4C39-8E83-469F085EED0C} - C:\Programme\PicGrab\iestarter.exe (HKCU)
O9 - Extra button: PicGrab - {C711CF16-B4D0-4498-8F34-BE61C73B5F60} - C:\Programme\PicGrab\iestarter.exe (HKCU)
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplat ... curity.cab
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://www.pussyharem.com/stream/mmp.cab
O16 - DPF: {9076A11F-5EA6-4A67-BDE9-8D3C7C453DAC} - http://www.fizzlewizzle.com/installfiles/popblocker.cab
PC neustarten
KillBox
http://www.bleepingcomputer.com/files/killbox.php
<Delete File on Reboot--> anhaken
kopiere rein:
C:\Programme\surfbar.exe
C:\Programme\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
C:\Programme\Deloba24-Toolbar V1.1\deloba24.dll
C:\Programme\MSN Apps\MSN Toolbar\01.02.3000.1001\de\msntb.dll
C:\Programme\MSN Apps\Updater\01.02.3000.1001\de\msnappau.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\windows\system32\kalvtrl32.exe
C:\Programme\PicGrab\iestarter.exe
C:\Program Files\Windows ServeAd\WinServSuit.exe
C:\Program Files\Windows ServeAd\WinServAd.exe
C:\WINDOWS\Downloaded Program Files\WinServAdX.dll
und klick auf das rote Kreuz,
wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes"
PC neustarten
#ClaerProg..lade die neuste Version <1.4.1
http://www.clearprog.de/downloads.php
<und saeubere den Browser.
Das Programm löscht die Surfspuren des Internet Explorers ab Version 5.0, des Netscape/Mozilla und des Opera:
- Cookies
- Verlauf
- Temporäre Internetfiles (Cache)
eScan-Erkennungstool
eSan ist hier unter dem Namen Free eScan Antivirus Toolkit Utility kostenlos erhältlich:
http://www.mwti.net/antivirus/free_utilities.asp
oeffne den Scanner--> noch nicht scannen--> gehe in Start<Ausfuehren< schreib rein: %temp% und suche
kavupd.exe, die klickst du an--> (Update- in DOS) ausführen
-->mwav.exe oeffnen-->alle Haekchen setzen-->scannen-->View Log anklicken--> Bearbeiten anklicken--> "infected" reinschreiben
und nun alles rauskopieren, was angezeigt wird-->
dann die "infected" mit der Killbox oder manuell loeschen
#RegCleaner
(Tip: Lade RegCleaner, stelle das Tool in Deutsch ein und saeubere ueber <Tools<Registry saeubern<alles durchfuehren < den PC (du kannst alles angezeigte Loeschen, denn es verbleibt eine Sicherung)
http://www.chip.de/downloads/c_downloads_8830516.html
#Ad-aware SE Personal 1.05 Updated
http://fileforum.betanews.com/detail/965718306/1
Laden--> Updaten-->scannen-->PC neustarten--> noch mal scannen-
Zuletzt geändert von Nikita am 19.02.2005, 01:52, insgesamt 1-mal geändert.
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von gfxclub am 18.02.2005, 14:56
Service load:
0% 100%
File: notepad.exe
Status:
OK
Packers detected:
None
AntiVir
No viruses found (0.39 seconds taken)
Avast
No viruses found (1.53 seconds taken)
AVG Antivirus
No viruses found (0.74 seconds taken)
BitDefender
No viruses found (0.47 seconds taken)
ClamAV
No viruses found (0.58 seconds taken)
Dr.Web
No viruses found (0.89 seconds taken)
F-Prot Antivirus
No viruses found (0.10 seconds taken)
Fortinet
No viruses found (0.40 seconds taken)
Kaspersky Anti-Virus
No viruses found (0.98 seconds taken)
mks_vir
No viruses found (0.23 seconds taken)
NOD32
No viruses found (0.48 seconds taken)
Norman Virus Control
No viruses found (0.81 seconds taken)
O4 - HKCU\..\Run: [Uptime-Project] C:\uptime\client.exe ???? = Ist ok
C:\windows\system32\kalvtrl32.exe Die Datei giebt es nicht.
Starte jetzt neu und melde mich denn wieder!
- gfxclub
- Beiträge: 6
- Registriert: 18.02.2005, 13:13
von gfxclub am 18.02.2005, 17:17
So das sagt der Viren Scan was muss ich nun machen? Ich kann die ja schlecht alle per Hand raus löschen :/
File C:\windows\system32\kalvtrl32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\sideb.exe infected by "not-a-virus:AdWare.ToolBar.EliteBar.v" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteavi32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteclr32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteehc32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteevl32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteewg32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitefeg32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteflf32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitefmj32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteggs32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitegov32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitehxt32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteiif32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitejho32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitekex32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitekpc32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitektl32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitelgl32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitemoa32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteotd32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitepys32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliterdj32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitesuz32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitetcd32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitevam32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitevte32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitewfy32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitewgf32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitexwy32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteycr32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteyfd32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteyuy32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\error32.dat infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\H@tKeysH@@k.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\WINDOWS\system32\SahHtml.exe infected by "not-a-virus:AdWare.Sahat.i" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\admin\.jpi_cache\jar\1.0\archive.jar-43dbc402-47e19a10.zip infected by "Trojan.Java.Binny.a" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\admin\.jpi_cache\jar\1.0\archive.jar-5b09783b-46c0c6d2.zip infected by "Trojan.Java.Binny.a" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\admin\.jpi_cache\jar\1.0\loaderadv156.jar-8e3574-2105cd88.zip infected by "Trojan-Downloader.Java.OpenStream.c" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\admin\Eigene Dateien\Eigene Downloads\eCards[gag-10192,1].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\admin\Eigene Dateien\mircmania\mirc.exe tagged as not-a-virus:RiskWare.mIRC.6.0. No Action Taken.
File C:\ejay\HipHop4_Demo\eJay\eJay\oset.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\02552AE4.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\03985765.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\03A1555B.class infected by "Trojan.Java.Femad" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\03C33140.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\052659AF.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\05D95B0F.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\076C640A.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\07733802.class infected by "Trojan.Java.Femad" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\084A3FC5.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\092F061A.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\0A6E4D69.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\0A8F1C30.class infected by "Trojan-Downloader.Java.OpenConnection.k" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\0ACB6BD4.class infected by "Trojan.Java.Femad" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\0B1F28A7.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\0B5D11B3.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\0B9F596B.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\0BA52D64.class infected by "Trojan.Java.Femad" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\0CDF4056.class infected by "Trojan-Dropper.Java.Beyond.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\0DA534FD.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\10D5425E.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\110A4385.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\11D52BCA.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\12EF7224.tmp infected by "Trojan-Downloader.Win32.Small.vq" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\136E5798.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\13752B91.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\137B7F8A.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\13825382.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\138F7B74.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\13A2775F.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\13A6215B.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\13F922CF.class infected by "Trojan-Downloader.Java.OpenConnection.v" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\14917058.class infected by "Trojan.Java.Femad" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\14917058.exe infected by "Trojan-Spy.Win32.Agent.w" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\157049C2.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\15C33C42.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\160403FA.class infected by "Trojan.Java.Femad" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\160B57F3.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\161B29E1.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\16634592.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\169E4A63.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\16B57DFC.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\16B927F9.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\16BC51F5.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\16D377DC.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\16D94BD5.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\16E01FCE.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\1A685313.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\1A9005BF.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\1A9D2DB1.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\1DD0582B.class infected by "Trojan.Java.ClassLoader.l" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\1E86689E.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\1FD10A44.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\1FF37E5B.EXE infected by "Virus.Win9x.CIH.dam" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\20667D47.class infected by "Trojan-Downloader.Java.OpenConnection.k" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\211C2B52.exe infected by "Backdoor.Win32.SdBot.gen" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\24060C16.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\272972AD.class infected by "Trojan.Java.ClassLoader.o" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\272C1CA9.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\2733211F.exe infected by "Trojan-PSW.Win32.DummyLock.20" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\2BF202EA.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\2FFF2718.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\31225508.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\350E7DF4.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\351775ED.class infected by "Trojan.Java.ClassLoader.o" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\35B93FFE.class infected by "Trojan.Java.Femad" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\35D21B70.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\36060B35.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3A3369E7.exe infected by "P2P-Worm.Win32.Tibick.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3A7B10DB.class infected by "Trojan-Dropper.Java.Beyond.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3C6D3389.class infected by "Trojan-Downloader.Java.OpenConnection.v" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3D0541BD.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3D3E648E.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3EE55023.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3EF230C7.exe infected by "Backdoor.Win32.SdBot.gen" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3EFF58B8.exe infected by "P2P-Worm.Win32.Purol.b" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3F062CB1.exe infected by "Backdoor.Win32.SdBot.gen" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3F173FFA.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\3F291E66.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\40395EAD.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\41CC709A.zip infected by "Trojan-Downloader.Java.OpenStream.p" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\41D24493.class infected by "Trojan-Downloader.Java.OpenStream.p" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\41D56E8F.class infected by "Trojan.Java.ClassLoader.l" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\41EE117E.exe infected by "Backdoor.Win32.SdBot.gen" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\42822E15.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\456A55B0.class infected by "Trojan-Downloader.Java.OpenConnection.k" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\4A58774A.class infected by "Trojan-Downloader.Java.OpenConnection.v" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\4C1761C1.class infected by "Trojan.Java.ClassLoader.o" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\4E0F3232.exe infected by "P2P-Worm.Win32.Darby.o" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\4E3E1D40.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\516E44D7.class infected by "Trojan.Java.Femad" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\5517487F.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\576C65B0.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\58760420.class infected by "Trojan.Java.ClassLoader.Dummy.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\587A2E1C.class infected by "Trojan.Java.ClassLoader.Dummy.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\5973355B.class infected by "Trojan.Java.ClassLoader.Dummy.a" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\59736B7E.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\5B68120A.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\5B83683E.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\62935263.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\67285A44.class infected by "Trojan.Java.ClassLoader.o" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\672C0440.class infected by "Trojan-Downloader.Java.OpenConnection.k" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\699A3D93.class infected by "Trojan.Java.ClassLoader.o" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\6BF83328.class infected by "Trojan-Downloader.Java.OpenConnection.k" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\6CE70A7B.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\6EEF5794.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\715378E5.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\736B0C06.zip infected by "Email-Worm.Win32.NetSky.q" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\78FC3BEE.htm infected by "Trojan-Downloader.JS.Small.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\79160BD1.class infected by "Trojan.Java.Femad" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\794F61FA.class infected by "Trojan.Java.Binny.a" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\7AB464CD.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\7AB70EC9.class infected by "Trojan.Java.ClassLoader.h" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\7ABA38C6.class infected by "Trojan.Java.ClassLoader.d" Virus. Action Taken: No Action Taken.
File C:\Programme\Norton Internet Security\Norton AntiVirus\Quarantine\7E7833B3.VBS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: No Action Taken.
File C:\Programme\WebCracker\WebCrack4.exe tagged as not-a-virus:Cracker.WebCracker.40. No Action Taken.
File C:\Spiele\Sierra\Counter-Strike\hltv.exe tagged as not-a-virus:RiskWare.Proxy.Hltv. No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP213\A0109697.dll infected by "not-a-virus:AdWare.Relevance.b" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP213\A0109772.exe infected by "not-a-virus:AdWare.SaveNow.af" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP216\A0111247.dll infected by "not-a-virus:AdWare.Relevance.b" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP216\A0111258.exe infected by "not-a-virus:AdWare.ShopAtHome.b" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP227\A0116893.dll tagged as not-a-virus:RiskWare.RemoteAdmin.WinVNC.4. No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP227\A0116894.exe tagged as not-a-virus:RiskWare.RemoteAdmin.WinVNC.4. No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP227\A0116895.exe tagged as not-a-virus:RiskWare.RemoteAdmin.WinVNC.4. No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP227\A0116900.exe tagged as not-a-virus:RiskWare.RemoteAdmin.WinVNC.4. No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP261\A0153493.exe infected by "Trojan-Downloader.Win32.Agent.il" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP261\A0167992.exe infected by "Trojan-Downloader.Win32.Dyfuca.du" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP261\A0167993.exe infected by "not-a-virus:AdWare.WinAD.f" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP261\A0167994.exe infected by "not-a-virus:AdWare.WinAD.h" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{05B8079A-4476-426A-A67F-59AFF0BAEDA4}\RP261\A0168010.dll infected by "not-a-virus:AdWare.WinAD.f" Virus. Action Taken: No Action Taken.
File C:\temp\optimize.exe infected by "Trojan-Downloader.Win32.Dyfuca.du" Virus. Action Taken: No Action Taken.
File C:\temp\sahagent.exe infected by "not-a-virus:AdWare.Sahat.h" Virus. Action Taken: No Action Taken.
File C:\temp\SAHPackage.exe infected by "not-a-virus:AdWare.Sahat.h" Virus. Action Taken: No Action Taken.
File C:\temp\SearchRelevancy.exe infected by "not-a-virus:AdWare.Relevance.b" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\ActiveSecurity.ocx infected by "VirTool.Win32.Collector" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\SAHAgent_.exe infected by "not-a-virus:AdWare.ShopAtHome.b" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\SahHtml_.exe infected by "not-a-virus:AdWare.Sahat.i" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\WinServAdX.dll infected by "not-a-virus:AdWare.WinAD.f" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\sideb.exe infected by "not-a-virus:AdWare.ToolBar.EliteBar.v" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\DXEXMQN8\protector_update[1].exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\Z5GQZ6PZ\dl[1].exe infected by "Trojan-Downloader.Win32.Agent.il" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\Z5GQZ6PZ\silent_install[1].exe infected by "not-a-virus:AdWare.ToolBar.EliteBar.q" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteavi32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteclr32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteehc32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteevl32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteewg32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitefeg32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteflf32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitefmj32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteggs32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitegov32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitehxt32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteiif32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitejho32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitekex32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitekpc32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitektl32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitelgl32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitemoa32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteotd32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitepys32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliterdj32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitesuz32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitetcd32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitevam32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitevte32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitewfy32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitewgf32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\elitexwy32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteycr32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteyfd32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\eliteyuy32.exe infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\error32.dat infected by "Trojan.Win32.StartPage.nk" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\H@tKeysH@@k.DLL tagged as not-a-virus:Cracker.Game.HotHook.dll. No Action Taken.
File C:\WINDOWS\system32\SahHtml.exe infected by "not-a-virus:AdWare.Sahat.i" Virus. Action Taken: No Action Taken.
- gfxclub
- Beiträge: 6
- Registriert: 18.02.2005, 13:13
von Nikita am 19.02.2005, 01:31
Hallo@
Deaktivieren Wiederherstellung
«XP
Arbeitsplatz-->rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.
(dann aktiviere sie wieder)
KillBox
http://www.bleepingcomputer.com/files/killbox.php
<Delete File on Reboot--> anhaken
und klick auf das rote Kreuz,
wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes"
-->"you want to reboot" auf "yes" gehen dann kommt die Meldung : "PendingFileRenameOperations Registry Data has been Removed by External Process".
C:\windows\system32\kalvtrl32.exe
C:\WINDOWS\sideb.exe
C:\WINDOWS\system32\eliteavi32.exe
C:\WINDOWS\system32\eliteclr32.exe
C:\WINDOWS\system32\eliteehc32.exe
C:\WINDOWS\system32\eliteevl32.exe
C:\WINDOWS\system32\eliteewg32.exe
C:\WINDOWS\system32\elitefeg32.exe
C:\WINDOWS\system32\eliteflf32.exe
C:\WINDOWS\system32\elitefmj32.exe
C:\WINDOWS\system32\eliteggs32.exe
C:\WINDOWS\system32\elitegov32.exe
C:\WINDOWS\system32\elitehxt32.exe
C:\WINDOWS\system32\eliteiif32.exe
C:\WINDOWS\system32\elitejho32.exe
C:\WINDOWS\system32\elitekex32.exe
C:\WINDOWS\system32\elitekpc32.exe
C:\WINDOWS\system32\elitektl32.exe
C:\WINDOWS\system32\elitelgl32.exe
C:\WINDOWS\system32\elitemoa32.exe
C:\WINDOWS\system32\eliteotd32.exe
C:\WINDOWS\system32\elitepys32.exe
C:\WINDOWS\system32\eliterdj32.exe
C:\WINDOWS\system32\elitesuz32.exe
C:\WINDOWS\system32\elitetcd32.exe
C:\WINDOWS\system32\elitevam32.exe
C:\WINDOWS\system32\elitevte32.exe
C:\WINDOWS\system32\elitewfy32.exe
C:\WINDOWS\system32\elitewgf32.exe
C:\WINDOWS\system32\elitexwy32.exe
C:\WINDOWS\system32\eliteycr32.exe
C:\WINDOWS\system32\eliteyfd32.exe
C:\WINDOWS\system32\eliteyuy32.exe
C:\WINDOWS\system32\error32.dat
C:\WINDOWS\system32\SahHtml.exe
C:\Dokumente und Einstellungen\admin\.jpi_cache\jar\1.0\archive.jar-43dbc402-47e19a10.zip
C:\Dokumente und Einstellungen\admin\.jpi_cache\jar\1.0\archive.jar-5b09783b-46c0c6d2.zip
C:\Dokumente und Einstellungen\admin\.jpi_cache\jar\1.0\loaderadv156.jar-8e3574-2105cd88.zip
C:\Dokumente und Einstellungen\admin\Eigene Dateien\Eigene Downloads\eCards[gag-10192,1].exe
C:\temp\optimize.exe
C:\temp\sahagent.exe
C:\temp\SAHPackage.exe
C:\temp\SearchRelevancy.exe
C:\WINDOWS\Downloaded Program Files\ActiveSecurity.ocx
C:\WINDOWS\Downloaded Program Files\SAHAgent_.exe
C:\WINDOWS\Downloaded Program Files\SahHtml_.exe
C:\WINDOWS\Downloaded Program Files\WinServAdX.dll
C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\DXEXMQN8\protector_update[1].exe
C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\Z5GQZ6PZ\dl[1].exe
C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\Z5GQZ6PZ\silent_install[1].exe
PC neustarten
Ueberpruefe : (ob auch wirklich alles geloescht ist IN:8nicht die Ordner selbst loeschen))
C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\
C:\temp\
#ClaerProg..lade die neuste Version <1.4.1
http://www.clearprog.de/downloads.php
<und saeubere den Browser.
Das Programm löscht die Surfspuren des Internet Explorers ab Version 5.0, des Netscape/Mozilla und des Opera:
- Cookies
- Verlauf
- Temporäre Internetfiles (Cache)
#RegCleaner
(Tip: Lade RegCleaner, stelle das Tool in Deutsch ein und saeubere ueber <Tools<Registry saeubern<alles durchfuehren < den PC (du kannst alles angezeigte Loeschen, denn es verbleibt eine Sicherung)
http://www.chip.de/downloads/c_downloads_8830516.html
________________________________________________________________________________________________
Deaktivieren Wiederherstellung
«XP
Arbeitsplatz-->rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.
(dann aktiviere sie wieder)
KillBox
http://www.bleepingcomputer.com/files/killbox.php
<Delete File on Reboot--> anhaken
und klick auf das rote Kreuz,
wenn gefragt wird, ob "Do you want to reboot? "----> klicke auf "no",und kopiere das naechste rein, erst beim letzten auf "yes"
-->"you want to reboot" auf "yes" gehen dann kommt die Meldung : "PendingFileRenameOperations Registry Data has been Removed by External Process".
C:\windows\system32\kalvtrl32.exe
C:\WINDOWS\sideb.exe
C:\WINDOWS\system32\eliteavi32.exe
C:\WINDOWS\system32\eliteclr32.exe
C:\WINDOWS\system32\eliteehc32.exe
C:\WINDOWS\system32\eliteevl32.exe
C:\WINDOWS\system32\eliteewg32.exe
C:\WINDOWS\system32\elitefeg32.exe
C:\WINDOWS\system32\eliteflf32.exe
C:\WINDOWS\system32\elitefmj32.exe
C:\WINDOWS\system32\eliteggs32.exe
C:\WINDOWS\system32\elitegov32.exe
C:\WINDOWS\system32\elitehxt32.exe
C:\WINDOWS\system32\eliteiif32.exe
C:\WINDOWS\system32\elitejho32.exe
C:\WINDOWS\system32\elitekex32.exe
C:\WINDOWS\system32\elitekpc32.exe
C:\WINDOWS\system32\elitektl32.exe
C:\WINDOWS\system32\elitelgl32.exe
C:\WINDOWS\system32\elitemoa32.exe
C:\WINDOWS\system32\eliteotd32.exe
C:\WINDOWS\system32\elitepys32.exe
C:\WINDOWS\system32\eliterdj32.exe
C:\WINDOWS\system32\elitesuz32.exe
C:\WINDOWS\system32\elitetcd32.exe
C:\WINDOWS\system32\elitevam32.exe
C:\WINDOWS\system32\elitevte32.exe
C:\WINDOWS\system32\elitewfy32.exe
C:\WINDOWS\system32\elitewgf32.exe
C:\WINDOWS\system32\elitexwy32.exe
C:\WINDOWS\system32\eliteycr32.exe
C:\WINDOWS\system32\eliteyfd32.exe
C:\WINDOWS\system32\eliteyuy32.exe
C:\WINDOWS\system32\error32.dat
C:\WINDOWS\system32\SahHtml.exe
C:\Dokumente und Einstellungen\admin\.jpi_cache\jar\1.0\archive.jar-43dbc402-47e19a10.zip
C:\Dokumente und Einstellungen\admin\.jpi_cache\jar\1.0\archive.jar-5b09783b-46c0c6d2.zip
C:\Dokumente und Einstellungen\admin\.jpi_cache\jar\1.0\loaderadv156.jar-8e3574-2105cd88.zip
C:\Dokumente und Einstellungen\admin\Eigene Dateien\Eigene Downloads\eCards[gag-10192,1].exe
C:\temp\optimize.exe
C:\temp\sahagent.exe
C:\temp\SAHPackage.exe
C:\temp\SearchRelevancy.exe
C:\WINDOWS\Downloaded Program Files\ActiveSecurity.ocx
C:\WINDOWS\Downloaded Program Files\SAHAgent_.exe
C:\WINDOWS\Downloaded Program Files\SahHtml_.exe
C:\WINDOWS\Downloaded Program Files\WinServAdX.dll
C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\DXEXMQN8\protector_update[1].exe
C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\Z5GQZ6PZ\dl[1].exe
C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\Z5GQZ6PZ\silent_install[1].exe
PC neustarten
Ueberpruefe : (ob auch wirklich alles geloescht ist IN:8nicht die Ordner selbst loeschen))
C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\
C:\temp\
#ClaerProg..lade die neuste Version <1.4.1
http://www.clearprog.de/downloads.php
<und saeubere den Browser.
Das Programm löscht die Surfspuren des Internet Explorers ab Version 5.0, des Netscape/Mozilla und des Opera:
- Cookies
- Verlauf
- Temporäre Internetfiles (Cache)
#RegCleaner
(Tip: Lade RegCleaner, stelle das Tool in Deutsch ein und saeubere ueber <Tools<Registry saeubern<alles durchfuehren < den PC (du kannst alles angezeigte Loeschen, denn es verbleibt eine Sicherung)
http://www.chip.de/downloads/c_downloads_8830516.html
________________________________________________________________________________________________
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von gfxclub am 19.02.2005, 14:39
Pending file rename operations Registry data has been removed by external process!
Sagt Killbox..
Und die Datei sind immer noch da :/
Sagt Killbox..
Und die Datei sind immer noch da :/
- gfxclub
- Beiträge: 6
- Registriert: 18.02.2005, 13:13
von Nikita am 19.02.2005, 15:58
1.) HijackThis starten:
2.) den Config Button klicken - MiscTools - "Delete a file on reboot" .
3.) In dem Fenster bei Dateiname einfügen\reinkopieren:
.....
4.) wenn dann die Frage kommt, ob neugestartet werden soll (will be deleted by Windows when the system restarts....Do you want to restart your computer now?" )-->>klicke "No"
5.)und füge das Nächste ein.
......
......
......
Erst beim letzten klickst du "Yes" und startest den PC neu.
2.) den Config Button klicken - MiscTools - "Delete a file on reboot" .
3.) In dem Fenster bei Dateiname einfügen\reinkopieren:
.....
4.) wenn dann die Frage kommt, ob neugestartet werden soll (will be deleted by Windows when the system restarts....Do you want to restart your computer now?" )-->>klicke "No"
5.)und füge das Nächste ein.
......
......
......
Erst beim letzten klickst du "Yes" und startest den PC neu.
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von gfxclub am 19.02.2005, 17:56
2.) den Config Button klicken - MiscTools - "Delete a file on reboot" .
Äm was für nen Config Button ich sehe leider keinen?
Äm was für nen Config Button ich sehe leider keinen?
- gfxclub
- Beiträge: 6
- Registriert: 18.02.2005, 13:13
von Nikita am 19.02.2005, 19:03
Open the Misc Tools section-->delete a file of reboot
dann alles reinkopieren
4.) wenn dann die Frage kommt, ob neugestartet werden soll (will be deleted by Windows when the system restarts....Do you want to restart your computer now?" )-->>klicke "No"
5.)und füge das Nächste ein.
Erst beim letzten klickst du "Yes" und startest den PC neu.
dann alles reinkopieren
4.) wenn dann die Frage kommt, ob neugestartet werden soll (will be deleted by Windows when the system restarts....Do you want to restart your computer now?" )-->>klicke "No"
5.)und füge das Nächste ein.
Erst beim letzten klickst du "Yes" und startest den PC neu.
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
von gfxclub am 20.02.2005, 00:27
Ja und dar kommt der fehler: Pending file rename operations Registry data has been removed by external process!
- gfxclub
- Beiträge: 6
- Registriert: 18.02.2005, 13:13
von Nikita am 20.02.2005, 00:57
im Prinzip ist das o.k., du musst danach den PC neustarten.
Beim Hochfahren wird die Malware geloescht.
Mache es also bitte noch einmal.
und dann scanne noch mal mit escan
Beim Hochfahren wird die Malware geloescht.
Mache es also bitte noch einmal.
und dann scanne noch mal mit escan
- Nikita
- Moderator
- Beiträge: 11478
- Registriert: 07.12.2003, 16:53
- Wohnort: Lissabon
11 Beiträge • Seite 1 von 1
Zurück zu Online- und PC-Sicherheit
Wer ist online?
Mitglieder in diesem Forum: 0 Mitglieder und 1 Gast