| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Problem mit BlasterwormWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.02.2011, 15:38
| #1 |
 |  Problem mit Blasterworm Hallo liebes Trojaner Board. Wie im Titel bereits erwähnt hab ich anscheinend Probleme mit dem W32.Blaster  Hab das NT Autoritätsfenster mit dem Befehl "shutdown -a" schliessen können und habe dann daraufhin mein System (Windows XP Home Edition) mit Antivir gecheckt. Antivir hatte 3 Warnungen aber keine Viren oder verdächtige Dateien gefunden. Danach hab ich mit dem McAffee-Stinger mein System gescannt, das Ergebnis waren über 2200 infizierte Dateien. XP Patch hab ich ebenfalls gedownloaded aber bringt mir nichts da mein System neuer als die Patch sein soll. Nach Neustart meines PCs traten die selben Probleme wieder auf. Zusätzlich zu dem Countdown Fenster kommt noch eine Meldung bei der "dww...0x00000 Anwendungsfehler" steht. An die genaue Meldung kann ich mich nicht mehr entsinnen. Könnt ihr mir helfen diesen Wurm zu entfernen? Liegt das Problem vielleicht daran dass ich die Systemwiederherstellung von XP nicht deaktiviert habe? Angeblich soll sich der Wurm dort festsetzen und somit neu installieren. Vielen Dank schonmal |
|
18.02.2011, 16:02
| #2 | ||
| /// Helfer-Team    | Problem mit Blasterworm Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
► Protokoll wurde von McAfee Labs Stinger erstellt? bitte unbedingt posten! 1. lade Dir HijackThis 2.0.4 von *von hier* herunter HijackThis starten→ "Do a system scan and save a logfile" klicken→ das erhaltene Logfile "markieren" → "kopieren"→ hier in deinem Thread (rechte Maustaste) "einfügen" 2. Bitte Versteckte - und Systemdateien sichtbar machen den Link hier anklicken: System-Dateien und -Ordner unter XP und Vista sichtbar machen Am Ende unserer Arbeit, kannst wieder rückgängig machen! 3. → Lade Dir HJTscanlist.zip herunter → entpacke die Datei auf deinem Desktop → Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren → per Doppelklick starten → Wähle dein Betriebsystem aus - bei Win7 wähle Vista → Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen → Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren → Bitte kopiere den Inhalt hier in Deinen Thread. ** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten 4. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool Ccleaner herunter → "Download"→ " Download from FileHippo.com" installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein Zitat:
Coverflow
__________________ |
|
18.02.2011, 16:25
| #3 |
| | Problem mit Blasterworm Hallo Coverflow.
__________________Vielen Dank für deine Antwort. Bevor ich die anderen Schritte befolge poste ich zunächst den Bericht von McAffee. Ich komme auf Grund von unserem ehemaligen EDV Kurs zu der Annahme das es sich um den W32. handelt. Kann mich allerdings auch irren^^. Vorsicht sehr lang: AdClicker-EV!mem Adclicker-GV!mem AFXRootkit!mem Apropos BackDoor-ALI.dll BackDoor-ALI.svr BackDoor-ALI.sys BackDoor-ALI.sys.b BackDoor-ALI.sys.c BackDoor-AQJ BackDoor-AQJ.b BackDoor-AWQ!rootkit BackDoor-AWQ.b!mem BackDoor-AXO!rootkit BackDoor-BAC!rootkit BackDoor-CEB BackDoor-CEB!bat BackDoor-CEB!hosts BackDoor-CEB.b BackDoor-CEB.b.sys BackDoor-CEB.c BackDoor-CEB.c.sys BackDoor-CEB.d BackDoor-CEB.dll BackDoor-CEB.dr BackDoor-CEB.e BackDoor-CEB.f BackDoor-CEB.f.sys BackDoor-CEB.sys BackDoor-CFB BackDoor-CSX!rootkit BackDoor-CSY!rootkit BackDoor-CUX!rootkit BackDoor-CWD!rootkit BackDoor-DIX!rootkit BackDoor-DJF!rootkit BackDoor-DJZ!rootkit BackDoor-DKI!mem Backdoor-DOI!mem BackDoor-DOQ!rootkit BackDoor-EMI!mem BackDoor-JZ BackDoor-JZ.dam BackDoor-JZ.dr BackDoor-JZ.gen BackDoor-JZ.gen.b BackDoor-Spyeye!rootkit Bat/Autorun.worm.aabi Bat/Autorun.worm.h Bat/Autorun.worm.ni Bat/Autorun.worm.zr Bat/Autorun.worm.zr!vbs Bat/Autorun.worm.zw Bat/Autorun.worm.zw!lnk Bat/Mumu.worm Bredolab.gen.a Bredolab.gen.c Cleanup CoreFlood Coreflood!psexec Coreflood.dldr CoreFlood.dll CoreFlood.dll.gen CoreFlood.dr CoreFlood.dr.gen Cutwail Danmec DNSChanger.f!rootkit Downloader-ARR!mem Downloader-AUE!rootkit Downloader-AXJ!mem Downloader-BAI!rootkit Downloader-BCS Downloader-BCS.demo Downloader-BVV Downloader-CEV Downloader-CEW Downloader-CEW.a Downloader-CEW.b Downloader-CEW.c Downloader-CEW.d Downloader-CEW.e Downloader-CEW.f Downloader-CEW.g Downloader-CEW.h Downloader-CIP Downloader-CJX Downloader-CJX!env Downloader-CJX!lnk Downloader-CJX.gen.a Downloader-CJX.gen.b Downloader-CJX.gen.c Downloader-CJX.gen.d Downloader-CJX.gen.e Downloader-CJX.gen.f Downloader-CJX.gen.g Downloader-CJX.gen.g!dll Downloader-CJX.gen.h Downloader-CJX.gen.i Downloader-CJX.gen.j Downloader-CJX.gen.k Downloader-CJX.gen.l Downloader-CJX.gen.m Downloader-CJX.gen.n Downloader-CJX.gen.o Downloader-CJX.gen.p Downloader-CJX.gen.q Downloader-CJX.gen.r Downloader-DN.a Downloader-DN.b Downloader-QO!mem Downloader-ZQ!rootkit Exploit-CVE-2010-2562 Exploit-CVE2010-2568 Exploit-CVE-2010-2568 Exploit-CVE-2010-2568.a Exploit-CVE-2010-2738 Exploit-CVE-2010-2883 Exploit-DcomRpc Exploit-DcomRpc.b.demo Exploit-DcomRpc.dll Exploit-Lsass Exploit-Lsass.dll Exploit-Lsass.gen Exploit-MS04-011 Exploit-MS04-011.gen Exploit-MSExcel.k Exploit-MSExcel.l Exploit-MSExcel.m Exploit-MSExcel.n Exploit-MSExcel.o Exploit-MSExcel.p Exploit-MSExcel.q Exploit-MSExcel.r Exploit-PDF.b Exploit-PDF.b.gen Exploit-PDF.b.gen.a Exploit-PDF.b.gen.b Exploit-PDF.c Exploit-PDF.ca Exploit-PDF.ca!stream Exploit-PDF.cd Exploit-PDF.d Exploit-PDF.e Exploit-PDF.f Exploit-PDF.g Exploit-PDF.h Exploit-PDF.i Exploit-PDF.i.gen Exploit-PDF.j Exploit-PDF.k Exploit-PDF.l Exploit-XMLhttp.d Exploit-XMLhttp.d.gen Exploit-XMLhttp.d.gen.b Exploit-XMLhttpd.d Exploit-XMLhttpd.gen.c FakeAlert FakeAlert!grb FakeAlert-AA FakeAlert-AB FakeAlert-AB!htm FakeAlert-AB!lnk FakeAlert-AB!rootkit FakeAlert-AB.dldr FakeAlert-AB.dldr.gen FakeAlert-AB.dldr.gen.a FakeAlert-AB.dldr.gen.b FakeAlert-AB.dldr.gen.c FakeAlert-AB.dr FakeAlert-AB.gen FakeAlert-AB.gen.a FakeAlert-AB.gen.b FakeAlert-AB.gen.c FakeAlert-AB.gen.d FakeAlert-AB.gen.e FakeAlert-AB.gen.f FakeAlert-AB.gen.h FakeAlert-AC FakeAlert-AD FakeAlert-AE FakeAlert-AF FakeAlert-AG FakeAlert-AG.gen FakeAlert-AG.gen.a FakeAlert-AG.gen.b FakeAlert-AG.gen.c FakeAlert-AH FakeAlert-AI FakeAlert-AJ FakeAlert-AK FakeAlert-AL FakeAlert-AL.gen FakeAlert-AM FakeAlert-AN FakeAlert-AntiMalwareDoc.dldr FakeAlert-AntiSpywarePro FakeAlert-AntiSpywarePro.dll FakeAlert-AntiVirusPlus FakeAlert-AntiVirusPro FakeAlert-AntiVirusPro!hosts FakeAlert-AntiVirusPro.gen.a FakeAlert-AntiVirusPro.gen.b FakeAlert-AntiVirusPro.gen.c FakeAlert-AntiVirusPro.gen.d FakeAlert-AntiVirusPro.gen.e FakeAlert-AntiVirusPro.gen.f FakeAlert-AntiVirusXP FakeAlert-AO FakeAlert-AO.gen FakeAlert-AP FakeAlert-AQ FakeAlert-AR FakeAlert-AS FakeAlert-AT FakeAlert-AU FakeAlert-av2009 FakeAlert-av2009.gen.a FakeAlert-av2009.gen.b FakeAlert-av360 FakeAlert-av360!lnk FakeAlert-av360.dll FakeAlert-av360.dll.gen FakeAlert-av360.gen.a FakeAlert-av360.gen.b FakeAlert-AV7 FakeAlert-AVPsec!env FakeAlert-AVPSec!env.a FakeAlert-AVPSec!env.b FakeAlert-AVPSec!env.c FakeAlert-AVPSec!env.d FakeAlert-AVPSec!env.e FakeAlert-AVPSec!env.f FakeAlert-AVPSec!env.g FakeAlert-AVPSec!env.h FakeAlert-AVPSec!mof FakeAlert-AVPSec.a FakeAlert-AVPSec.f FakeAlert-AVPSec.g FakeAlert-AVPSec.h FakeAlert-AVPSec.i FakeAlert-AVPSec.j FakeAlert-AVPSec.k FakeAlert-AVPSec.l FakeAlert-AVPSec.m FakeAlert-AVPSec.n FakeAlert-AVPSec.p FakeAlert-AVSoft FakeAlert-AVSoft!env FakeAlert-AW FakeAlert-AZ FakeAlert-AZ!htm FakeAlert-B FakeAlert-B.c FakeAlert-B.dldr FakeAlert-B.dr FakeAlert-BA FakeAlert-BB FakeAlert-BC.dldr FakeAlert-BD FakeAlert-BE FakeAlert-BE.dldr FakeAlert-BE.gen FakeAlert-BF FakeAlert-BF.dldr FakeAlert-BF.dr FakeAlert-BG.dldr FakeAlert-BH.dldr FakeAlert-BI FakeAlert-BJ FakeAlert-BK FakeAlert-BL.php FakeAlert-BM FakeAlert-BN FakeAlert-BO FakeAlert-BO.dldr FakeAlert-BO.dll FakeAlert-BP FakeAlert-BQ FakeAlert-BR FakeAlert-BS FakeAlert-BS.dll FakeAlert-BT FakeAlert-BU FakeAlert-BV FakeAlert-BV.dldr FakeAlert-BW FakeAlert-BW.dr FakeAlert-BX FakeAlert-BY FakeAlert-BZ FakeAlert-C FakeAlert-C.dldr FakeAlert-C.dr FakeAlert-C.gen FakeAlert-CA FakeAlert-CB FakeAlert-CC FakeAlert-CC.dr FakeAlert-CD FakeAlert-CE FakeAlert-CF FakeAlert-CG FakeAlert-CH FakeAlert-CI FakeAlert-CJ FakeAlert-CK FakeAlert-CK.dll FakeAlert-CL FakeAlert-CleanUpAv FakeAlert-CleanUpAv!vbs FakeAlert-CM FakeAlert-CN FakeAlert-CN.gen.a FakeAlert-CN.gen.b FakeAlert-CN.gen.c FakeAlert-CN.gen.d FakeAlert-CN.gen.e FakeAlert-CN.gen.f FakeAlert-CN.gen.g FakeAlert-CN.gen.h FakeAlert-CN.gen.i FakeAlert-CN.gen.k FakeAlert-CN.gen.l FakeAlert-CN.gen.m FakeAlert-CN.gen.n FakeAlert-CN.gen.o FakeAlert-CN.gen.p FakeAlert-CN.gen.q FakeAlert-CN.gen.r FakeAlert-CN.gen.s FakeAlert-CN.gen.t FakeAlert-CN.gen.u FakeAlert-CN.gen.w FakeAlert-CO FakeAlert-CoreGuard FakeAlert-CoreGuard.dll FakeAlert-CP FakeAlert-CP.dll FakeAlert-CPA FakeAlert-CQ FakeAlert-CR FakeAlert-CS FakeAlert-CT FakeAlert-CU FakeAlert-CV FakeAlert-CW FakeAlert-CX FakeAlert-CY FakeAlert-CZ FakeAlert-D FakeAlert-D.dldr FakeAlert-DA FakeAlert-DB FakeAlert-DC FakeAlert-DD FakeAlert-DE FakeAlert-DefCnt!env.a FakeAlert-DefCnt!env.b FakeAlert-DefCnt.a FakeAlert-DefCnt.a.dldr FakeAlert-DefCnt.a.dll FakeAlert-DefCnt.b FakeAlert-DefCnt.c FakeAlert-DefCnt.d FakeAlert-DefenceLab.a FakeAlert-DeskTopSec!grb FakeAlert-DeskTopSec!lnk FakeAlert-DeskTopSec.gen FakeAlert-DeskTopSecurity2010 FakeAlert-DF FakeAlert-DG FakeAlert-DH FakeAlert-DHA FakeAlert-DI FakeAlert-DI.dll FakeAlert-DJ FakeAlert-DK FakeAlert-DL FakeAlert-DM FakeAlert-DN FakeAlert-DO FakeAlert-DP FakeAlert-DQ FakeAlert-DR FakeAlert-DS FakeAlert-DT FakeAlert-DU FakeAlert-DV FakeAlert-DW FakeAlert-DX FakeAlert-DY FakeAlert-DZ FakeAlert-E FakeAlert-EA FakeAlert-EarthAV FakeAlert-EarthAV!bat FakeAlert-EB FakeAlert-EC FakeAlert-EcoAV FakeAlert-ED FakeAlert-EE FakeAlert-EF FakeAlert-EG FakeAlert-EH FakeAlert-EI FakeAlert-EJ FakeAlert-EJA FakeAlert-EJB FakeAlert-EK FakeAlert-EL FakeAlert-EM FakeAlert-EN FakeAlert-EO FakeAlert-EQ FakeAlert-EQ.a FakeAlert-EQ.b FakeAlert-EQ.c FakeAlert-EQ.dr FakeAlert-ER FakeAlert-ES FakeAlert-ET FakeAlert-EU FakeAlert-EV FakeAlert-EW FakeAlert-EX FakeAlert-EY FakeAlert-EZ FakeAlert-F FakeAlert-FA FakeAlert-FakeAVBW!env.b FakeAlert-FakeSpy!env FakeAlert-FakeSpy!env.a FakeAlert-FakeSpy!env.b FakeAlert-FakeSpy!env.c FakeAlert-FakeSpy!env.d FakeAlert-FB FakeAlert-FC FakeAlert-FD FakeAlert-FE FakeAlert-FF FakeAlert-FG.dldr FakeAlert-FH FakeAlert-FH.dll FakeAlert-FI FakeAlert-FI.dll FakeAlert-FJ FakeAlert-FK FakeAlert-FL FakeAlert-FM FakeAlert-FN FakeAlert-FO FakeAlert-FP FakeAlert-FQ FakeAlert-FR FakeAlert-FS FakeAlert-FT FakeAlert-FU FakeAlert-FU.dr FakeAlert-FV FakeAlert-FV.dll FakeAlert-FW FakeAlert-FX FakeAlert-FY FakeAlert-FZ FakeAlert-G FakeAlert-GA FakeAlert-GA!htm FakeAlert-GA.a FakeAlert-GA.dll FakeAlert-GA.dll.a FakeAlert-GA.gen FakeAlert-GB FakeAlert-GC FakeAlert-GD FakeAlert-GE FakeAlert-Gen!ini FakeAlert-Gen!lnk FakeAlert-Gen.a!lnk FakeAlert-Gen.b!lnk FakeAlert-Gen.c!lnk FakeAlert-Generalav FakeAlert-Generalav.dldr FakeAlert-GF FakeAlert-GG FakeAlert-GH FakeAlert-GI FakeAlert-GJ FakeAlert-GK FakeAlert-GL FakeAlert-GM FakeAlert-GN FakeAlert-GO FakeAlert-GP FakeAlert-GQ FakeAlert-GR FakeAlert-GreenAV FakeAlert-GS FakeAlert-GT FakeAlert-GT.dr FakeAlert-GU FakeAlert-GV FakeAlert-GW FakeAlert-GX FakeAlert-GY FakeAlert-GZ FakeAlert-H FakeAlert-HA FakeAlert-HB FakeAlert-HC FakeAlert-HD FakeAlert-HDD FakeAlert-HDD.lnk FakeAlert-HE FakeAlert-HF FakeAlert-HG FakeAlert-HH FakeAlert-HI FakeAlert-HJ FakeAlert-HK FakeAlert-HL FakeAlert-HM FakeAlert-HN FakeAlert-HO FakeAlert-HP FakeAlert-HQ FakeAlert-HR FakeAlert-HS FakeAlert-HT FakeAlert-HU FakeAlert-HV FakeAlert-HW FakeAlert-HX FakeAlert-HY FakeAlert-HZ FakeAlert-I FakeAlert-I.dr FakeAlert-IA FakeAlert-IB FakeAlert-IC FakeAlert-ID FakeAlert-IE FakeAlert-IF FakeAlert-IG FakeAlert-IH FakeAlert-II FakeAlert-IJ FakeAlert-IK FakeAlert-IL FakeAlert-IM FakeAlert-IN!dam FakeAlert-IO FakeAlert-IP FakeAlert-IQ FakeAlert-IR FakeAlert-IS FakeAlert-IS2010.dldr FakeAlert-IT FakeAlert-IU FakeAlert-IV FakeAlert-IW FakeAlert-IX FakeAlert-IY FakeAlert-IZ FakeAlert-J FakeAlert-JA FakeAlert-JB FakeAlert-JC FakeAlert-JC!grb FakeAlert-JD FakeAlert-JE FakeAlert-JF FakeAlert-JF!lnk FakeAlert-JG FakeAlert-JH FakeAlert-JI FakeAlert-JJ FakeAlert-JK FakeAlert-JL FakeAlert-JM FakeAlert-JM.dldr FakeAlert-JM.gen.a FakeAlert-JM.gen.b FakeAlert-JM.gen.c FakeAlert-JM.gen.d FakeAlert-JM.gen.e FakeAlert-JM.gen.f FakeAlert-JN FakeAlert-JO FakeAlert-JP FakeAlert-JQ FakeAlert-JR FakeAlert-JT FakeAlert-JU FakeAlert-JV FakeAlert-JV!lnk FakeAlert-JW FakeAlert-JX FakeAlert-JY FakeAlert-JZ FakeAlert-JZ.dll FakeAlert-K FakeAlert-KA FakeAlert-KB FakeAlert-KC FakeAlert-KC.a FakeAlert-KC.b FakeAlert-KC.b.dldr FakeAlert-KC.c FakeAlert-KC.d FakeAlert-KC.e FakeAlert-KC.f FakeAlert-KD FakeAlert-KE FakeAlert-KF FakeAlert-KG FakeAlert-KH FakeAlert-KI FakeAlert-KJ FakeAlert-KK FakeAlert-KL FakeAlert-KM FakeAlert-KN FakeAlert-KN!grb FakeAlert-KN.a FakeAlert-KN.b FakeAlert-KN.c FakeAlert-KN.dldr FakeAlert-KN.dldr.gen FakeAlert-KN.dldr.gen.a FakeAlert-KN.dldr.gen.b FakeAlert-KN.dldr.gen.c FakeAlert-KN.dldr.gen.d FakeAlert-KN.gen FakeAlert-KN.gen.a FakeAlert-KN.gen.b FakeAlert-KO FakeAlert-KP FakeAlert-KQ FakeAlert-KR FakeAlert-Krypt!env.a FakeAlert-Krypt!env.b FakeAlert-Krypt!env.c FakeAlert-Krypt!env.d FakeAlert-Krypt!env.e FakeAlert-Krypt.d Fakealert-KS FakeAlert-KS!lnk FakeAlert-KS.a Fakealert-KS.dldr Fakealert-KS.dll FakeAlert-KT FakeAlert-KU FakeAlert-KV FakeAlert-KW FakeAlert-KW!htm FakeAlert-KW!lnk FakeAlert-KW.a FakeAlert-KW.b FakeAlert-KW.c FakeAlert-KW.d FakeAlert-KW.e FakeAlert-KW.f FakeAlert-KW.g FakeAlert-KW.h FakeAlert-KW.i FakeAlert-KW.j FakeAlert-KW.k FakeAlert-KW.l FakeAlert-KW.m FakeAlert-KX FakeAlert-KY FakeAlert-KYA FakeAlert-KYB FakeAlert-KYC FakeAlert-KYD FakeAlert-KYE FakeAlert-KYF FakeAlert-KYG FakeAlert-KZ FakeAlert-KZA FakeAlert-KZB FakeAlert-KZC FakeAlert-L FakeAlert-LA.a.dll FakeAlert-LA.dll FakeAlert-LastDefender FakeAlert-LB.tmp FakeAlert-LC FakeAlert-LD FakeAlert-LE FakeAlert-LF FakeAlert-LG FakeAlert-LH FakeAlert-LI FakeAlert-LivePCGuard!hosts FakeAlert-LivePCGuard.a FakeAlert-LivePCGuard.b FakeAlert-LivePCGuard.c FakeAlert-LiveSeurity FakeAlert-LJ FakeAlert-LK FakeAlert-LL FakeAlert-LM FakeAlert-LN FakeAlert-LO FakeAlert-LP FakeAlert-LQ FakeAlert-LR FakeAlert-LS FakeAlert-LT FakeAlert-LU FakeAlert-LV FakeAlert-LW FakeAlert-LX FakeAlert-LY FakeAlert-LZ FakeAlert-M FakeAlert-MA FakeAlert-MA.dr FakeAlert-MA.gen FakeAlert-MA.gen.b FakeAlert-MaCatte FakeAlert-MalDef FakeAlert-MalDef.dldr FakeAlert-MalDef.dll FakeAlert-MalDef.gen.a FakeAlert-MalDef.gen.b FakeAlert-MalDef.gen.c FakeAlert-MalDoctor FakeAlert-MalDoctor.a FakeAlert-MalDoctor.b FakeAlert-MalDoctor.c FakeAlert-MalDoctor.d FakeAlert-MalDoctor.e FakeAlert-MalDoctor.f FakeAlert-MalDoctor.g FakeAlert-MalDoctor.h FakeAlert-MalDoctor.i FakeAlert-MalDoctor.j FakeAlert-MalDoctor.k FakeAlert-MalDoctor.l FakeAlert-MalDoctor.m FakeAlert-MalDoctor.n FakeAlert-MalDoctor.o FakeAlert-MalDoctor.p FakeAlert-MalDoctor.q FakeAlert-MalDoctor.r FakeAlert-MB FakeAlert-MC FakeAlert-MCodec FakeAlert-MCodec!htm FakeAlert-MD FakeAlert-ME FakeAlert-MF FakeAlert-MG FakeAlert-MH FakeAlert-MI FakeAlert-MJ FakeAlert-MK FakeAlert-ML FakeAlert-MM FakeAlert-MN FakeAlert-MO FakeAlert-MP FakeAlert-MQ FakeAlert-MR FakeAlert-MS FakeAlert-MSE!job FakeAlert-MT FakeAlert-MU FakeAlert-MV FakeAlert-MW FakeAlert-MX FakeAlert-MY FakeAlert-MY.a FakeAlert-MY.b FakeAlert-MY.c FakeAlert-MY.dldr FakeAlert-MY.gen FakeAlert-MZ FakeAlert-N FakeAlert-N.dldr FakeAlert-NA FakeAlert-NB FakeAlert-NC FakeAlert-ND FakeAlert-NE FakeAlert-NF FakeAlert-NG FakeAlert-NH FakeAlert-NI FakeAlert-NJ FakeAlert-NK FakeAlert-NL FakeAlert-NM FakeAlert-NN FakeAlert-NO FakeAlert-NP FakeAlert-NR FakeAlert-NS FakeAlert-NT FakeAlert-NU FakeAlert-NV FakeAlert-NW FakeAlert-NX FakeAlert-NY FakeAlert-NZ FakeAlert-O FakeAlert-OA FakeAlert-OB FakeAlert-OC FakeAlert-OD FakeAlert-OE FakeAlert-OF FakeAlert-OG FakeAlert-OH FakeAlert-OI FakeAlert-OJ FakeAlert-OK FakeAlert-OK.a FakeAlert-OK.b FakeAlert-OL FakeAlert-OM FakeAlert-ON FakeAlert-OnlineSecurity FakeAlert-OP FakeAlert-OQ FakeAlert-OR FakeAlert-OS FakeAlert-OT FakeAlert-OU FakeAlert-OV FakeAlert-OW FakeAlert-OX FakeAlert-OY FakeAlert-OZ FakeAlert-P FakeAlert-PA FakeAlert-PB FakeAlert-PC FakeAlert-PC-Care FakeAlert-PD FakeAlert-PD.gen FakeAlert-PE FakeAlert-PerfectDefender FakeAlert-PerfectDefender.dll FakeAlert-PersonalAV FakeAlert-PersonalAV!lnk FakeAlert-PersonalSecurity FakeAlert-PF FakeAlert-PG FakeAlert-PH FakeAlert-PI FakeAlert-PJ FakeAlert-PJ!bat FakeAlert-PJ!env FakeAlert-PJ!job FakeAlert-PJ!lnk FakeAlert-PJ.gen FakeAlert-PJ.gen.a FakeAlert-PJ.gen.b FakeAlert-PJ.gen.c FakeAlert-PJ.gen.d FakeAlert-PJ.gen.e FakeAlert-PJ.gen.f FakeAlert-PJ.gen.g FakeAlert-PJ.gen.h FakeAlert-PK FakeAlert-PK!grb FakeAlert-PK.a FakeAlert-PK.b FakeAlert-PK.c FakeAlert-PL FakeAlert-PM FakeAlert-PN FakeAlert-PrivacyCenter FakeAlert-PrivacyCenter.a FakeAlert-Q FakeAlert-R FakeAlert-R.dll FakeAlert-RealAV FakeAlert-RegistryDefender FakeAlert-S FakeAlert-S.dll FakeAlert-SafetyAntiSpy FakeAlert-SafetyCenter FakeAlert-SafetyCenter.dldr FakeAlert-SaftyManager FakeAlert-SaveDefence FakeAlert-SecureKeeper FakeAlert-SecureKeeper.dldr FakeAlert-SecurityAntivirus FakeAlert-SecurityCentral FakeAlert-SecurityCleaner FakeAlert-SecurityMasterAV FakeAlert-SecurityMasterAV.a FakeAlert-SecurityMasterAV.b FakeAlert-SecurityMasterAV.c FakeAlert-SecurityMasterAV.d FakeAlert-SecurityMasterAV.e FakeAlert-SecurityMasterAV.f FakeAlert-SecurityMasterAV.g FakeAlert-SecurityTool FakeAlert-SecurityTool!bat FakeAlert-SecurityTool!dam FakeAlert-SecurityTool.a FakeAlert-SecurityTool.aa FakeAlert-SecurityTool.ab FakeAlert-SecurityTool.ac FakeAlert-SecurityTool.ad FakeAlert-SecurityTool.ae FakeAlert-SecurityTool.af FakeAlert-SecurityTool.ag FakeAlert-SecurityTool.ah FakeAlert-SecurityTool.ai FakeAlert-SecurityTool.aj FakeAlert-SecurityTool.ak FakeAlert-SecurityTool.al FakeAlert-SecurityTool.am FakeAlert-SecurityTool.an FakeAlert-SecurityTool.ao FakeAlert-SecurityTool.ap FakeAlert-SecurityTool.aq FakeAlert-SecurityTool.ar FakeAlert-SecurityTool.as FakeAlert-SecurityTool.at FakeAlert-SecurityTool.au FakeAlert-SecurityTool.av FakeAlert-SecurityTool.aw FakeAlert-SecurityTool.ax FakeAlert-SecurityTool.ay FakeAlert-SecurityTool.az FakeAlert-SecurityTool.b FakeAlert-SecurityTool.ba FakeAlert-SecurityTool.bb FakeAlert-SecurityTool.bc FakeAlert-SecurityTool.bd FakeAlert-SecurityTool.be FakeAlert-SecurityTool.c FakeAlert-SecurityTool.d FakeAlert-SecurityTool.e FakeAlert-SecurityTool.f FakeAlert-SecurityTool.g FakeAlert-SecurityTool.h FakeAlert-SecurityTool.i FakeAlert-SecurityTool.j FakeAlert-SecurityTool.k FakeAlert-SecurityTool.l FakeAlert-SecurityTool.m FakeAlert-SecurityTool.n FakeAlert-SecurityTool.o FakeAlert-SecurityTool.p FakeAlert-SecurityTool.q FakeAlert-SecurityTool.r FakeAlert-SecurityTool.s FakeAlert-SecurityTool.t FakeAlert-SecurityTool.u FakeAlert-SecurityTool.v FakeAlert-SecurityTool.w FakeAlert-SecurityTool.x FakeAlert-SecurityTool.y FakeAlert-SecurityTools FakeAlert-SmartSecurity FakeAlert-SmartSecurity.a FakeAlert-SpyKiller FakeAlert-SpyPro FakeAlert-SpyPro!dam FakeAlert-SpyPro!mem FakeAlert-SpyPro.gen.a FakeAlert-SpyPro.gen.aa FakeAlert-SpyPro.gen.ab FakeAlert-SpyPro.gen.ac FakeAlert-SpyPro.gen.ad FakeAlert-SpyPro.gen.ae FakeAlert-SpyPro.gen.af FakeAlert-SpyPro.gen.ag FakeAlert-SpyPro.gen.ah FakeAlert-SpyPro.gen.ai FakeAlert-SpyPro.gen.aj FakeAlert-SpyPro.gen.ak FakeAlert-SpyPro.gen.al FakeAlert-SpyPro.gen.am!htm FakeAlert-SpyPro.gen.an FakeAlert-SpyPro.gen.ao FakeAlert-SpyPro.gen.ap FakeAlert-SpyPro.gen.aq FakeAlert-SpyPro.gen.ar FakeAlert-SpyPro.gen.as FakeAlert-SpyPro.gen.at FakeAlert-SpyPro.gen.au FakeAlert-SpyPro.gen.av FakeAlert-SpyPro.gen.aw FakeAlert-SpyPro.gen.ax FakeAlert-SpyPro.gen.ay FakeAlert-SpyPro.gen.az FakeAlert-SpyPro.gen.b FakeAlert-SpyPro.gen.ba FakeAlert-SpyPro.gen.bb FakeAlert-SpyPro.gen.bc FakeAlert-SpyPro.gen.bd FakeAlert-SpyPro.gen.be FakeAlert-SpyPro.gen.bf FakeAlert-SpyPro.gen.bg FakeAlert-SpyPro.gen.bh FakeAlert-SpyPro.gen.bi FakeAlert-SpyPro.gen.bj FakeAlert-SpyPro.gen.bk FakeAlert-SpyPro.gen.bl FakeAlert-SpyPro.gen.bm FakeAlert-SpyPro.gen.c FakeAlert-SpyPro.gen.d FakeAlert-SpyPro.gen.dll FakeAlert-SpyPro.gen.dr FakeAlert-SpyPro.gen.e FakeAlert-SpyPro.gen.f FakeAlert-SpyPro.gen.g FakeAlert-SpyPro.gen.h FakeAlert-SpyPro.gen.i FakeAlert-SpyPro.gen.j FakeAlert-SpyPro.gen.k FakeAlert-SpyPro.gen.l FakeAlert-SpyPro.gen.m FakeAlert-SpyPro.gen.n FakeAlert-SpyPro.gen.o FakeAlert-SpyPro.gen.p FakeAlert-SpyPro.gen.q FakeAlert-SpyPro.gen.r FakeAlert-SpyPro.gen.s FakeAlert-SpyPro.gen.t FakeAlert-SpyPro.gen.u FakeAlert-SpyPro.gen.v FakeAlert-SpyPro.gen.x FakeAlert-SpyPro.gen.y FakeAlert-SpyPro.gen.z FakeAlert-SpywareGuard FakeAlert-SpywareGuard.gen.a FakeAlert-SpywareGuard.gen.b FakeAlert-SpywareProtect FakeAlert-SpywareProtect.a FakeAlert-SpywareProtect.b FakeAlert-SysAV FakeAlert-SysAV.a FakeAlert-SysAV.b FakeAlert-SysIntAV!env.a FakeAlert-SysIntAV!env.b FakeAlert-SysIntAV!env.c FakeAlert-SysIntAV!env.d FakeAlert-SystemSecurity FakeAlert-T FakeAlert-TotalPCDefender FakeAlert-U FakeAlert-V FakeAlert-W FakeAlert-WinPolicePro FakeAlert-WinScan FakeAlert-WinWebSec!env.a FakeAlert-WinWebSec!env.b FakeAlert-WinWebSec!env.c FakeAlert-WinWebSec!env.d FakeAlert-WinWebSec!env.e FakeAlert-WinWebSec!env.f FakeAlert-WinwebSecurity FakeAlert-WinwebSecurity.a FakeAlert-WinwebSecurity.b FakeAlert-WinwebSecurity.c FakeAlert-WinwebSecurity.d FakeAlert-WinwebSecurity.dldr FakeAlert-WinwebSecurity.e FakeAlert-WinwebSecurity.f FakeAlert-WinwebSecurity.g FakeAlert-WinwebSecurity.gen FakeAlert-WPS FakeAlert-WPS.gen.a FakeAlert-WPS.gen.b FakeAlert-WPS.gen.c FakeAlert-WPS.gen.d FakeAlert-WPS.gen.d!hosts FakeAlert-WwSec.b FakeAlert-WwSec.c FakeAlert-WwSec.d FakeAlert-WwSec.e FakeAlert-X FakeAlert-XPA!env FakeAlert-XPA!env.a FakeAlert-XPAntivirus FakeAlert-XPPoliceAntivirus FakeAlert-XPSecCenter FakeAlert-XPSecCenter!htm FakeAlert-XPSecCenter!lnk FakeAlert-XPSpy FakeAlert-Y FakeAlert-Y.dr FakeAlert-Z FakeMS FakeMS.a FakeMS.b FileDetections Generic BackDoor.u!rootkit Generic Downloader.ab Generic Downloader.gb Generic Downloader.gc Generic Downloader.gd Generic Downloader.ge Generic Downloader.gf Generic Downloader.gg Generic Downloader.gh Generic Downloader.gi Generic Downloader.gi.dr Generic Downloader.gj Generic Downloader.gk Generic Downloader.gl Generic Downloader.gm Generic Downloader.z Generic Downloader.z!1516DDBD Generic FakeAlert Generic FakeAlert!9F6E4576 Generic FakeAlert!data Generic FakeAlert!htm Generic Fakealert!lnk Generic FakeAlert.a Generic FakeAlert.aa Generic FakeAlert.ab Generic FakeAlert.ac Generic FakeAlert.ad Generic FakeAlert.ae Generic FakeAlert.af Generic FakeAlert.ag Generic FakeAlert.ah Generic FakeAlert.ai Generic FakeAlert.aj Generic FakeAlert.ak Generic FakeAlert.al Generic FakeAlert.am Generic FakeAlert.an Generic FakeAlert.ao Generic FakeAlert.ap Generic FakeAlert.aq Generic FakeAlert.ar Generic FakeAlert.as Generic FakeAlert.at Generic FakeAlert.b Generic FakeAlert.b!50a07926 Generic FakeAlert.b!5CED Generic FakeAlert.c Generic FakeAlert.d Generic FakeAlert.d!gen Generic FakeAlert.d.dr Generic FakeAlert.d.gen Generic FakeAlert.e Generic FakeAlert.f Generic FakeAlert.g Generic Fakealert.gen.a!lnk Generic FakeAlert.h Generic FakeAlert.j Generic FakeAlert.k Generic FakeAlert.l Generic FakeAlert.m Generic FakeAlert.n Generic FakeAlert.o Generic FakeAlert.p Generic FakeAlert.q Generic FakeAlert.r Generic FakeAlert.s Generic FakeAlert.t Generic FakeAlert.u Generic FakeAlert.v Generic FakeAlert.w Generic FakeAlert.x Generic FakeAlert.y.dldr Generic FakeAlert.z Generic PWS.y!mem Generic RootKit.a!rootkit Generic Rootkit.d!rootkit Generic RootKit.e!rootkit Generic RootKit.f!rootkit Generic Rootkit.g!rootkit Generic!atr Generic.dx!rootkit HackerDefender!rootkit HE4Hook Hidden-Process.a HideVault!sys HideWindow HideWindow.dll Htool-SAD HTool-T2W Ilomo!mem IPCScan IRC/Flood.ap IRC/Flood.ap.bat IRC/Flood.ap.dr IRC/Flood.bi IRC/Flood.bi.dr IRC/Flood.cd IRC/Flood.cd.dr IRC/Flood.cd.mirc IRCbot.gen.ah JS/Autorun.worm.ci JS/Downloader-AUE JS/Downloader-BHX JS/FakeAlert JS/FakeAlert.dldr JS/FakeAlert.dldr.a JS/FakeAlert-AB.a JS/FakeAlert-AB.dldr JS/FakeAlert-AB.dldr.a Keylog-Powered Lando!rootkit MadCodeHook!mem NightDragon NTRootkit-E!rootkit NTRootKit-H!rootkit NTRootKit-I!rootkit NTRootKit-J!rootkit NTRootkit-S!mem NTRootkit-U!mem NTRootkit-Z!mem NTServiceLoader Patched-Import.com ProcKill-AA ProcKill-AC ProcKill-AE ProcKill-AF ProcKill-AL ProcKill-AU ProcKill-BJ ProcKill-BO ProcKill-BT ProcKill-BW ProcKill-BX ProcKill-C ProcKill-CG ProcKill-D ProcKill-DU ProcKill-F ProcKill-F.cln ProcKill-H ProcKill-J ProcKill-K ProcKill-L ProcKill-M ProcKill-P ProcKill-Q ProcKill-Q.cfg ProcKill-S Proxy-Agent.af Proxy-Agent.af.dll Proxy-Agent.af.dr Proxy-Agent.af.gen Puper!rootkit PWS-Banker.df!mem PWS-Banker.dldr.c PWS-FireMing PWS-FireMing.dll PWS-FireMing.dr PWS-Gamania.gen.a PWS-Gogo!rootkit PWS-Goldun!rootkit PWS-LDPinch!mem PWS-Narod PWS-Narod.dll PWS-Narod.gen PWS-Onlinegames!rootkit PWS-Progent!rootkit PWS-Sincom PWS-Sincom.dll.gen PWS-Sincom.dr PWS-Sincom.kit QHosts-123 Qoolaid.a!rootkit Ramnit!mem Ramnit!rootkit RegistryDetections RegistryValidations rootkit RootKit-NTIllusion!mem Rscan Rustock Rustock.gen.b!rootkit Spam-Mailbot.c!mem Spy-Agent.bf Spy-Agent.bv!rootkit Spy-Agent.bw!mem Spy-Agent.bw!rootkit Spy-Agent.bw.gen!mem Spy-Agent.de!rootkit Spy-Agent.dn!rootkit Spyware-007 Srizbi!rootkit StartPage-KM!rootkit StealthMBR!rootkit StealthMBR.a!rootkit StealthMBR.b!rootkit StealthMBR.c!rootkit Stuxnet Stuxnet!lnk TDSS.a!mem TDSS.b!mem TDSS.c!mem TDSS.d!mem Vanquish!rootkit Vanti!rootkit VBS/Autorun.bj!link VBS/Autorun.worm.aaay VBS/Autorun.worm.aau VBS/Autorun.worm.aau!inf VBS/Autorun.worm.aau!lnk VBS/Autorun.worm.aau!remnant VBS/Autorun.worm.aav VBS/Autorun.worm.aaw VBS/Autorun.worm.aax VBS/Autorun.worm.au VBS/Autorun.worm.ay VBS/Autorun.worm.bi VBS/Autorun.worm.bj VBS/Autorun.worm.bs VBS/Autorun.worm.by VBS/Autorun.worm.ca VBS/Autorun.worm.cy VBS/Autorun.worm.dm VBS/Autorun.worm.dn VBS/Autorun.worm.dn!atr VBS/Autorun.worm.dn!txt VBS/Autorun.worm.dv VBS/Autorun.worm.dz VBS/Autorun.worm.en VBS/Autorun.worm.ew VBS/Autorun.worm.fu VBS/Autorun.worm.gc VBS/Autorun.worm.gd VBS/Autorun.worm.ge VBS/Autorun.worm.gf VBS/Autorun.worm.k VBS/Autorun.worm.k!bat VBS/Autorun.worm.k!lnk VBS/Autorun.worm.k!reg VBS/Autorun.worm.ni VBS/Autorun.worm.zd VBS/Autorun.worm.ze VBS/Autorun.worm.zl VBS/Autorun.worm.zn VBS/Autorun.worm.zo VBS/Autorun.worm.zo!lnk VBS/Autorun.worm.zs VBS/Autorun.worm.zy VBS/Autorun.worm.zz VBS/FakeAlert-AB VBS/FakeAlert-EY.dr VBS/FakeAV VBS/IE-Title Vundo Vundo!1231E9AC Vundo!grb Vundo.dd Vundo.dldr Vundo.dll Vundo.dr Vundo.gen.a Vundo.gen.aa Vundo.gen.ab Vundo.gen.ac Vundo.gen.ad Vundo.gen.ae Vundo.gen.af Vundo.gen.ag Vundo.gen.ah Vundo.gen.ai Vundo.gen.aj Vundo.gen.ak Vundo.gen.al Vundo.gen.am Vundo.gen.an Vundo.gen.ao Vundo.gen.ao.dam Vundo.gen.ap Vundo.gen.aq Vundo.gen.ar Vundo.gen.as Vundo.gen.at Vundo.gen.au Vundo.gen.av Vundo.gen.aw Vundo.gen.ax Vundo.gen.ay Vundo.gen.az Vundo.gen.b Vundo.gen.ba Vundo.gen.bb Vundo.gen.bc Vundo.gen.bd Vundo.gen.be Vundo.gen.bf Vundo.gen.bg Vundo.gen.bh Vundo.gen.bi Vundo.gen.bj Vundo.gen.bk Vundo.gen.bl Vundo.gen.bm Vundo.gen.bn Vundo.gen.bo Vundo.gen.bp Vundo.gen.bq Vundo.gen.br Vundo.gen.bs Vundo.gen.bt Vundo.gen.bu Vundo.gen.bv Vundo.gen.bw Vundo.gen.bx Vundo.gen.by Vundo.gen.bz Vundo.gen.c Vundo.gen.ca Vundo.gen.cb Vundo.gen.cc Vundo.gen.cd Vundo.gen.ce Vundo.gen.cf Vundo.gen.cg Vundo.gen.ch Vundo.gen.ci Vundo.gen.cj Vundo.gen.ck Vundo.gen.cl Vundo.gen.cm Vundo.gen.cn Vundo.gen.co Vundo.gen.cp Vundo.gen.cq Vundo.gen.cr Vundo.gen.cs Vundo.gen.ct Vundo.gen.cu Vundo.gen.cv Vundo.gen.cw Vundo.gen.cx Vundo.gen.cz Vundo.gen.d Vundo.gen.da Vundo.gen.db Vundo.gen.dc Vundo.gen.de Vundo.gen.df Vundo.gen.dg Vundo.gen.dh Vundo.gen.di Vundo.gen.dj Vundo.gen.dk Vundo.gen.dl Vundo.gen.dm Vundo.gen.dn Vundo.gen.e Vundo.gen.f Vundo.gen.g Vundo.gen.h Vundo.gen.i Vundo.gen.j Vundo.gen.k Vundo.gen.l Vundo.gen.m Vundo.gen.n Vundo.gen.o Vundo.gen.p Vundo.gen.r Vundo.gen.s Vundo.gen.s.dr Vundo.gen.t Vundo.gen.u Vundo.gen.v Vundo.gen.w Vundo.gen.x Vundo.gen.y Vundo.gen.z W32/Almanahe!rootkit W32/Almanahe.a!rootkit W32/Anig.worm.a W32/Anig.worm.b W32/Anig.worm.c W32/Anig.worm.dll W32/Anig.worm.gen W32/Autorun.dam W32/Autorun.fo W32/Autorun.worm!inf W32/Autorun.worm!ini W32/Autorun.worm!vbd W32/Autorun.worm.a W32/Autorun.worm.a.dll W32/Autorun.worm.aa W32/Autorun.worm.aaa W32/Autorun.worm.aaab W32/Autorun.worm.aaac W32/Autorun.worm.aaad W32/Autorun.worm.aaae W32/Autorun.worm.aaaf W32/Autorun.worm.aaag W32/Autorun.worm.aaah W32/Autorun.worm.aaai W32/Autorun.worm.aaai!lnk W32/Autorun.worm.aaaj W32/Autorun.worm.aaak W32/Autorun.worm.aaal W32/Autorun.worm.aaam W32/Autorun.worm.aaan W32/Autorun.worm.aaao W32/Autorun.worm.aaap W32/Autorun.worm.aaaq W32/Autorun.worm.aaar W32/Autorun.worm.aaas W32/Autorun.worm.aaat W32/Autorun.worm.aaau W32/Autorun.worm.aaav W32/Autorun.worm.aaaw W32/Autorun.worm.aaaz W32/Autorun.worm.aab W32/Autorun.worm.aaba W32/Autorun.worm.aabb W32/Autorun.worm.aabc W32/Autorun.worm.aabd W32/Autorun.worm.aabe W32/Autorun.worm.aabf W32/Autorun.worm.aabg W32/Autorun.worm.aabh W32/Autorun.worm.aac W32/Autorun.worm.aad W32/Autorun.worm.aae W32/Autorun.worm.aaf W32/Autorun.worm.aag W32/Autorun.worm.aah W32/Autorun.worm.aai W32/Autorun.worm.aaj W32/Autorun.worm.aaj!inf W32/Autorun.worm.aaj!lnk W32/Autorun.worm.aak W32/Autorun.worm.aal W32/Autorun.worm.aam W32/Autorun.worm.aan W32/Autorun.worm.aao W32/Autorun.worm.aap W32/Autorun.worm.aaq W32/Autorun.worm.aar W32/Autorun.worm.aas W32/Autorun.worm.aat W32/Autorun.worm.aau W32/Autorun.worm.aau!env W32/Autorun.worm.aaw W32/Autorun.worm.aax W32/Autorun.worm.aay W32/Autorun.worm.aaz W32/Autorun.worm.ab W32/Autorun.worm.aba W32/Autorun.worm.abb W32/Autorun.worm.ac W32/Autorun.worm.ad W32/Autorun.worm.ae W32/Autorun.worm.af W32/Autorun.worm.af.gen W32/Autorun.worm.ag W32/Autorun.worm.ai W32/Autorun.worm.ai!htm W32/Autorun.worm.aj W32/Autorun.worm.ak W32/Autorun.worm.al W32/Autorun.worm.am W32/Autorun.worm.an W32/Autorun.worm.ao W32/Autorun.worm.ap W32/Autorun.worm.aq W32/Autorun.worm.ar W32/Autorun.worm.as.gen W32/Autorun.worm.at W32/Autorun.worm.av W32/Autorun.worm.aw W32/Autorun.worm.ax W32/Autorun.worm.az W32/Autorun.worm.b W32/Autorun.worm.b.cfg W32/Autorun.worm.ba W32/Autorun.worm.bb W32/Autorun.worm.bba W32/Autorun.worm.bbb W32/Autorun.worm.bbc W32/Autorun.worm.bbd W32/Autorun.worm.bbe W32/Autorun.worm.bbf W32/Autorun.worm.bbg W32/Autorun.worm.bbh W32/Autorun.worm.bbh!bat W32/Autorun.worm.bbh!job W32/Autorun.worm.bbi W32/Autorun.worm.bbj W32/Autorun.worm.bc W32/Autorun.worm.bd W32/Autorun.worm.be W32/Autorun.worm.bf W32/Autorun.worm.bf.dr W32/Autorun.worm.bg W32/Autorun.worm.bh W32/Autorun.worm.bk W32/Autorun.worm.bl W32/Autorun.worm.bm W32/Autorun.worm.bn W32/Autorun.worm.bo W32/Autorun.worm.bp W32/Autorun.worm.bp!reg W32/Autorun.worm.bq W32/Autorun.worm.br W32/Autorun.worm.bt W32/Autorun.worm.bw W32/Autorun.worm.bx W32/Autorun.worm.bx!atr W32/Autorun.worm.bx!inf W32/Autorun.worm.bx.dll W32/Autorun.worm.bx.gen W32/Autorun.worm.bx.gen.dll W32/Autorun.worm.by W32/Autorun.worm.by!env W32/Autorun.worm.bz W32/Autorun.worm.bz.gen W32/Autorun.worm.c W32/Autorun.worm.cb W32/Autorun.worm.cb.dr W32/Autorun.worm.cc W32/Autorun.worm.cd W32/Autorun.worm.ce W32/Autorun.worm.cf W32/Autorun.worm.cg W32/Autorun.worm.ch W32/Autorun.worm.cj W32/Autorun.worm.ck W32/Autorun.worm.cm W32/Autorun.worm.cn W32/Autorun.worm.co W32/Autorun.worm.cp W32/Autorun.worm.cp!bat W32/Autorun.worm.cq W32/Autorun.worm.cr W32/Autorun.worm.cs W32/Autorun.worm.cs!ini W32/Autorun.worm.cs.bat W32/Autorun.worm.ct W32/Autorun.worm.ct.gen W32/Autorun.worm.cu W32/Autorun.worm.cv W32/Autorun.worm.cw W32/Autorun.worm.cx W32/Autorun.worm.cz W32/Autorun.worm.d W32/Autorun.worm.da W32/Autorun.worm.db W32/Autorun.worm.dc W32/Autorun.worm.dc.bat W32/Autorun.worm.dd W32/Autorun.worm.dd!inf W32/Autorun.worm.de W32/Autorun.worm.df W32/Autorun.worm.dg W32/Autorun.worm.dh W32/Autorun.worm.di W32/Autorun.worm.dj W32/Autorun.worm.dk W32/Autorun.worm.dl W32/Autorun.worm.dn W32/Autorun.worm.do W32/Autorun.worm.dp W32/Autorun.worm.dq W32/Autorun.worm.dq.gen W32/Autorun.worm.ds W32/Autorun.worm.dt W32/Autorun.worm.du W32/Autorun.worm.dw W32/Autorun.worm.dx W32/Autorun.worm.dy W32/Autorun.worm.e W32/Autorun.worm.ea W32/Autorun.worm.eb W32/Autorun.worm.ec W32/Autorun.worm.ec.gen W32/Autorun.worm.ed W32/Autorun.worm.ef W32/Autorun.worm.eg W32/Autorun.worm.ei W32/Autorun.worm.ej W32/Autorun.worm.ek W32/Autorun.worm.el W32/Autorun.worm.em W32/Autorun.worm.eo W32/Autorun.worm.ep W32/Autorun.worm.eq W32/Autorun.worm.er W32/Autorun.worm.es W32/Autorun.worm.et W32/Autorun.worm.eu W32/Autorun.worm.eu!bat W32/Autorun.worm.eu!lnk W32/Autorun.worm.ev W32/Autorun.worm.ex W32/Autorun.worm.ey W32/Autorun.worm.ez W32/Autorun.worm.f W32/Autorun.worm.fa W32/Autorun.worm.fb W32/Autorun.worm.fc W32/Autorun.worm.fc!bat W32/Autorun.worm.fd W32/Autorun.worm.fe W32/Autorun.worm.ff W32/Autorun.worm.fg W32/Autorun.worm.fh W32/Autorun.worm.fi W32/Autorun.worm.fj W32/Autorun.worm.fk W32/Autorun.worm.fl W32/Autorun.worm.fm W32/Autorun.worm.fn W32/Autorun.worm.fp W32/Autorun.worm.fq W32/Autorun.worm.fr W32/Autorun.worm.fs W32/Autorun.worm.ft W32/Autorun.worm.fu W32/Autorun.worm.fv W32/Autorun.worm.fw W32/Autorun.worm.fx W32/Autorun.worm.fy W32/Autorun.worm.fz W32/Autorun.worm.g W32/Autorun.worm.g!0BE8F32E W32/Autorun.worm.g.bat W32/Autorun.worm.ga W32/Autorun.worm.gb W32/Autorun.worm.gc W32/Autorun.worm.gd W32/Autorun.worm.ge W32/Autorun.worm.gen W32/Autorun.worm.gen!job W32/Autorun.worm.gen.ah W32/Autorun.worm.gen.cl W32/Autorun.worm.gen.za W32/Autorun.worm.gen.zb W32/Autorun.worm.gen.zc W32/Autorun.worm.gf W32/Autorun.worm.gg W32/Autorun.worm.gi W32/Autorun.worm.gj W32/Autorun.worm.gk W32/Autorun.worm.gl W32/Autorun.worm.gm W32/Autorun.worm.gn W32/Autorun.worm.go W32/Autorun.worm.gp W32/Autorun.worm.gq W32/Autorun.worm.gr W32/Autorun.worm.gs W32/Autorun.worm.gt W32/Autorun.worm.gu W32/Autorun.worm.h W32/Autorun.worm.h!env W32/Autorun.worm.h!lnk W32/Autorun.worm.h!lnk!lnk W32/Autorun.worm.h.dll W32/Autorun.worm.i W32/Autorun.worm.i.gen W32/Autorun.worm.j W32/Autorun.worm.k W32/Autorun.worm.l W32/Autorun.worm.m W32/Autorun.worm.n W32/Autorun.worm.o W32/Autorun.worm.p W32/Autorun.worm.p.dll W32/Autorun.worm.p.dr W32/Autorun.worm.q W32/Autorun.worm.r W32/Autorun.worm.r.gen W32/Autorun.worm.remmants W32/Autorun.worm.s W32/Autorun.worm.t W32/Autorun.worm.u W32/Autorun.worm.v W32/Autorun.worm.v!bat W32/Autorun.worm.w W32/Autorun.worm.x W32/Autorun.worm.y W32/Autorun.worm.y!host W32/Autorun.worm.z W32/Autorun.worm.zc W32/Autorun.worm.zf.gen W32/Autorun.worm.zg W32/Autorun.worm.zh W32/Autorun.worm.zi W32/Autorun.worm.zj W32/Autorun.worm.zk W32/Autorun.worm.zm W32/Autorun.worm.zp W32/Autorun.worm.zp.gen W32/Autorun.worm.zq W32/Autorun.worm.zs W32/Autorun.worm.zt W32/Autorun.worm.zu W32/Autorun.worm.zu.dr W32/Autorun.worm.zv W32/Autorun.worm.zw W32/Autorun.worm.zw!inf W32/Autorun.worm.zx W32/Autorun.worm.zz W32/Autorun.worm.zza W32/Autorun.worm.zzb W32/Autorun.worm.zzc W32/Autorun.worm.zzd W32/Autorun.worm.zze W32/Autorun.worm.zze!bat W32/Autorun.worm.zze.dr W32/Autorun.worm.zzf W32/Autorun.worm.zzg W32/Autorun.worm.zzh W32/Autorun.worm.zzi W32/Autorun.worm.zzj W32/Autorun.worm.zzk W32/Autorun.worm.zzl W32/Autorun.worm.zzm W32/Autorun.worm.zzn W32/Autorun.worm.zzn.dr W32/Autorun.worm.zzo W32/Autorun.worm.zzp W32/Autorun.worm.zzq W32/Autorun.worm.zzr W32/Autorun.worm.zzs.gen W32/Autorun.worm.zzt W32/Autorun.worm.zzu W32/Autorun.worm.zzv W32/Autorun.worm.zzw W32/Autorun.worm.zzx W32/Autorun.worm.zzz W32/Bagle W32/Bagle!eml.gen W32/Bagle!pwdzip W32/Bagle.a@MM W32/Bagle.aa@MM!vbs W32/Bagle.ad!src W32/Bagle.ak!proxy W32/Bagle.am!proj W32/Bagle.am!proxy W32/Bagle.au!troj W32/Bagle.b@MM W32/Bagle.cb@MM W32/Bagle.df@MM W32/Bagle.dldr W32/Bagle.dll.dr W32/Bagle.eml!ms03-032 W32/Bagle.ey.dldr W32/Bagle.ez@MM W32/Bagle.fb!pwdzip W32/Bagle.fc!pwdzip W32/Bagle.fd!pwdzip W32/Bagle.fe!pwdzip W32/Bagle.fm.dldr W32/Bagle.gen W32/Bagle.gen!Sality W32/Bagle.gen.b@MM W32/Bagle.gen@MM W32/Bagle.gen@MM!pwdrar W32/Bagle.j@MM W32/Bagle.u@MM W32/Bagle.x!proxy W32/Bagle.z.dam W32/Bagle.z@MM W32/Bagle.z@MM!vbs W32/Bagle@MM!cpl W32/Bagle@MM!vbs W32/Blaster.worm.a W32/Blaster.worm.b W32/Blaster.worm.b.dr W32/Blaster.worm.c W32/Blaster.worm.dam W32/Blaster.worm.e W32/Blaster.worm.gen W32/Blaster.worm.j W32/Blaster.worm.k!backdoor W32/Bropia.worm.a W32/Bropia.worm.ac W32/Bropia.worm.af W32/Bropia.worm.ag W32/Bropia.worm.ah W32/Bropia.worm.ai W32/Bropia.worm.aj W32/Bropia.worm.ak W32/Bropia.worm.al W32/Bropia.worm.am W32/Bropia.worm.an W32/Bropia.worm.ao W32/Bropia.worm.ap W32/Bropia.worm.ar W32/Bropia.worm.ax W32/Bropia.worm.ay W32/Bropia.worm.az W32/Bropia.worm.b W32/Bropia.worm.ba W32/Bropia.worm.bb W32/Bropia.worm.bd W32/Bropia.worm.be W32/Bropia.worm.bg W32/Bropia.worm.bh W32/Bropia.worm.bn W32/Bropia.worm.bo W32/Bropia.worm.br W32/Bropia.worm.bs W32/Bropia.worm.bt W32/Bropia.worm.bz W32/Bropia.worm.c W32/Bropia.worm.d W32/Bropia.worm.dc W32/Bropia.worm.dd W32/Bropia.worm.dldr W32/Bropia.worm.e W32/Bropia.worm.gen W32/Bropia.worm.m W32/Bugbear.17916intd W32/Bugbear.19196@MM W32/Bugbear.35356 W32/Bugbear.40988 W32/Bugbear.41404@MM W32/Bugbear.41788@MM W32/Bugbear.69916@MM W32/Bugbear.a.dam W32/Bugbear.b!data W32/Bugbear.b.dam W32/Bugbear.c@MM W32/Bugbear.d@MM W32/Bugbear.f@MM W32/Bugbear.gen@MM W32/Bugbear.gen@MM!zip W32/Bugbear.h@MM W32/Bugbear.i@MM W32/Bugbear@MM W32/Conficker W32/Conficker!dam W32/Conficker!mem W32/Conficker.c!mem W32/Conficker.sys W32/Conficker.worm W32/Conficker.worm!inf W32/Conficker.worm!job W32/Conficker.worm.dr W32/Conficker.worm.gen.a W32/Conficker.worm.gen.b W32/Conficker.worm.gen.c W32/Conficker.worm.gen.d W32/Cutwail.a!rootkit W32/Deborm.worm.ah W32/Deborm.worm.gen W32/Doomjuice.worm.a W32/Doomjuice.worm.b W32/Doomjuice.worm.c W32/Dumaru.a@MM W32/Dumaru.aa@MM W32/Dumaru.ab@MM W32/Dumaru.ad@MM W32/Dumaru.ae@MM W32/Dumaru.af@MM W32/Dumaru.ag@MM W32/Dumaru.ah@MM W32/Dumaru.ai@MM W32/Dumaru.aj@MM W32/Dumaru.ak@MM W32/Dumaru.al.dll W32/Dumaru.al@MM W32/Dumaru.am W32/Dumaru.an W32/Dumaru.ao W32/Dumaru.ap W32/Dumaru.aq W32/Dumaru.ar W32/Dumaru.as W32/Dumaru.au W32/Dumaru.av@MM W32/Dumaru.aw W32/Dumaru.ax W32/Dumaru.ay W32/Dumaru.b@MM W32/Dumaru.ba W32/Dumaru.bb W32/Dumaru.bc W32/Dumaru.bd W32/Dumaru.be W32/Dumaru.bf W32/Dumaru.bg W32/Dumaru.bq W32/Dumaru.bv W32/Dumaru.c@MM W32/Dumaru.d@MM W32/Dumaru.dll W32/Dumaru.e@MM W32/Dumaru.eml!zip W32/Dumaru.f@MM W32/Dumaru.g@MM W32/Dumaru.gen W32/Dumaru.gen@MM W32/Dumaru.h@MM W32/Dumaru.i@MM W32/Dumaru.j@MM W32/Dumaru.k@MM W32/Dumaru.l@MM W32/Dumaru.m@MM W32/Dumaru.n@MM W32/Dumaru.r@MM W32/Dumaru.w W32/Dumaru.w.gen W32/Dumaru.y@MM W32/Dumaru.z@MM W32/Elkern.cav.a W32/Elkern.cav.b W32/Elkern.cav.c W32/Elkern.cav.c.dam W32/Feebs!rootkit W32/Fizzer.dam W32/Fizzer.dll W32/Fizzer.gen@MM W32/Fujacks!htm W32/FunLove.apd W32/FunLove.dam W32/FunLove.gen W32/Gaobot.worm.gen.bh W32/Gaobot.worm.gen.bi W32/Gaobot.worm.gen.bj W32/Gaobot.worm.gen.by W32/Harwig.worm.gen.ba W32/Hupigon.worm!mem W32/IRCbot W32/IRCbot.gen W32/IRCbot.gen!F3E69DA4 W32/IRCbot.gen.a!mem W32/IRCbot.gen.aa W32/IRCbot.gen.ab W32/IRCbot.gen.ac W32/IRCbot.gen.ad W32/IRCbot.gen.ae W32/IRCbot.gen.ah W32/IRCbot.gen.ai W32/IRCbot.gen.aj W32/IRCBot.gen.ak W32/IRCbot.gen.n W32/IRCBot.gen.q W32/IRCBot.gen.r W32/IRCBot.gen.s W32/IRCBot.gen.t W32/IRCbot.gen.u W32/IRCbot.gen.y W32/IRCbot.worm W32/IRCbot.worm.dll W32/IRCbot.worm.dll!95744 W32/IRCbot.worm.gen W32/IRCbot.worm.gen.af W32/IRCbot.worm.gen.ag W32/IRCBot.worm.gen.ai W32/IRCbot.worm.gen.v W32/IRCbot.worm.gen.w W32/IRCbot.worm.gen.x W32/IRCbot.worm.gen.z W32/Klez.dam W32/Klez.e@MM W32/Klez.eml W32/Klez.f@MM W32/Klez.gen.b@MM W32/Klez.gen@MM W32/Klez.h@MM W32/Klez.i@MM W32/Klez.rar W32/Koobface.worm W32/Koobface.worm!env W32/Koobface.worm!env.b W32/Koobface.worm!env.c W32/Koobface.worm!env.d W32/Koobface.worm.a W32/Koobface.worm.as W32/Koobface.worm.dl W32/Koobface.worm.dr W32/Koobface.worm.gen W32/Koobface.worm.gen.aa W32/Koobface.worm.gen.ab W32/Koobface.worm.gen.ac W32/Koobface.worm.gen.ad W32/Koobface.worm.gen.ae W32/Koobface.worm.gen.af W32/Koobface.worm.gen.ag W32/Koobface.worm.gen.ah W32/Koobface.worm.gen.ai W32/Koobface.worm.gen.aj W32/Koobface.worm.gen.ak W32/Koobface.worm.gen.al W32/Koobface.worm.gen.am W32/Koobface.worm.gen.an W32/Koobface.worm.gen.ao W32/Koobface.worm.gen.ap W32/Koobface.worm.gen.aq W32/Koobface.worm.gen.at W32/Koobface.worm.gen.au W32/Koobface.worm.gen.av W32/Koobface.worm.gen.aw W32/Koobface.worm.gen.aw!dll W32/Koobface.worm.gen.aw!sys W32/Koobface.worm.gen.ax!dll W32/Koobface.worm.gen.ax!sys W32/Koobface.worm.gen.ay!sys W32/Koobface.worm.gen.az!dll W32/Koobface.worm.gen.az!sys W32/Koobface.worm.gen.b W32/Koobface.worm.gen.ba W32/Koobface.worm.gen.bb!sys W32/Koobface.worm.gen.bc W32/Koobface.worm.gen.bd W32/Koobface.worm.gen.be W32/Koobface.worm.gen.be.dr W32/Koobface.worm.gen.bf W32/Koobface.worm.gen.bg!dll W32/Koobface.worm.gen.bg!sys W32/Koobface.worm.gen.c W32/Koobface.worm.gen.d W32/Koobface.worm.gen.e W32/Koobface.worm.gen.f W32/Koobface.worm.gen.g W32/Koobface.worm.gen.h W32/Koobface.worm.gen.h!bat W32/Koobface.worm.gen.i W32/Koobface.worm.gen.j W32/Koobface.worm.gen.k W32/Koobface.worm.gen.l W32/Koobface.worm.gen.m W32/Koobface.worm.gen.n W32/Koobface.worm.gen.o W32/Koobface.worm.gen.p W32/Koobface.worm.gen.q W32/Koobface.worm.gen.r W32/Koobface.worm.gen.s W32/Koobface.worm.gen.t W32/Koobface.worm.gen.u W32/Koobface.worm.gen.v W32/Koobface.worm.gen.w W32/Koobface.worm.gen.x W32/Koobface.worm.gen.y W32/Koobface.worm.gen.z W32/Koobface.worm.gen.z2 W32/Korgo.worm.a W32/Korgo.worm.aa W32/Korgo.worm.aa.dam W32/Korgo.worm.ab W32/Korgo.worm.ac W32/Korgo.worm.ac.dam W32/Korgo.worm.ad W32/Korgo.worm.ae W32/Korgo.worm.ae.dll W32/Korgo.worm.ak W32/Korgo.worm.b W32/Korgo.worm.c W32/Korgo.worm.d W32/Korgo.worm.e W32/Korgo.worm.f W32/Korgo.worm.g W32/Korgo.worm.gen W32/Korgo.worm.i W32/Korgo.worm.k W32/Korgo.worm.l W32/Korgo.worm.m W32/Korgo.worm.n W32/Korgo.worm.o W32/Korgo.worm.p W32/Korgo.worm.p.dam W32/Korgo.worm.q W32/Korgo.worm.r W32/Korgo.worm.s W32/Korgo.worm.s.dam W32/Korgo.worm.t W32/Korgo.worm.u W32/Korgo.worm.v W32/Korgo.worm.v.dam W32/Korgo.worm.w W32/Korgo.worm.x W32/Korgo.worm.y W32/Korgo.worm.z W32/Lirva.a@MM W32/Lirva.c.htm W32/Lirva.c@MM W32/Lirva.eml W32/Lirva.gen@MM W32/Lirva.htm W32/Lirva.txt W32/Lovgate.a@M W32/Lovgate.aa@MM W32/Lovgate.aa@MM!zip W32/Lovgate.ab@MM W32/Lovgate.ab@MM!zip W32/Lovgate.ac@MM W32/Lovgate.ad@MM!zip W32/Lovgate.af@MM W32/Lovgate.af@MM!zip W32/Lovgate.ai@MM!zip W32/Lovgate.aj@MM!zip W32/Lovgate.ak@MM W32/Lovgate.al@MM W32/Lovgate.an@MM W32/Lovgate.ao@MM W32/Lovgate.ao@MM!zip W32/Lovgate.ap W32/Lovgate.ap@MM W32/Lovgate.b@M W32/Lovgate.c@M W32/Lovgate.d@M W32/Lovgate.dam W32/Lovgate.e@M W32/Lovgate.f@M W32/Lovgate.g@M W32/Lovgate.gen@M W32/Lovgate.h@M W32/Lovgate.i@M W32/Lovgate.j@M W32/Lovgate.k@M W32/Lovgate.m@M W32/Lovgate.q@M W32/Lovgate.r@M W32/Lovgate.r@MM!zip W32/Lovgate.s@M W32/Lovgate.t@M W32/Lovgate.u@M W32/Lovgate.v@M W32/Lovgate.w@M W32/Lovgate.x@MM W32/Lovgate.x@MM!zip W32/Lovgate.y@MM W32/Lovgate.z@MM W32/Lovgate.z@MM!zip W32/Lurker!rootkit W32/Mariofev!mem W32/Maslan!rootkit W32/Mimail.a@MM W32/Mimail.b@MM W32/Mimail.c@MM W32/Mimail.d@MM W32/Mimail.e@MM W32/Mimail.f@MM W32/Mimail.g@MM W32/Mimail.gen@MM W32/Mimail.h@MM W32/Mimail.i!data W32/Mimail.i@MM W32/Mimail.j@MM W32/Mimail.k@MM W32/Mimail.l@MM W32/Mimail.m@MM W32/Mimail.n@MM W32/Mimail.o@MM W32/Mimail.p@MM W32/Mimail.q@MM W32/Mimail.s@MM W32/Mimail.t@MM W32/Mimail.u W32/Mimail.v@MM W32/MoFei.worm W32/MoFei.worm.dr W32/Mumu.b.worm W32/Mydoom!bat W32/Mydoom!ftp W32/Mydoom.a.eml!exe W32/Mydoom.a.eml!zip W32/Mydoom.a@MM W32/Mydoom.a@MM!zip W32/Mydoom.ab@MM W32/Mydoom.b!hosts W32/Mydoom.b.eml!zip W32/Mydoom.b@MM W32/Mydoom.b@MM!zip W32/Mydoom.bs@MM W32/Mydoom.by@MM W32/Mydoom.bz@MM W32/Mydoom.dam W32/Mydoom.e@MM W32/Mydoom.f@MM W32/Mydoom.g.eml!exe W32/Mydoom.g.eml!zip W32/Mydoom.g@MM W32/Mydoom.gen@MM W32/Mydoom.h.eml!zip W32/Mydoom.h@MM W32/Mydoom.i@MM W32/Mydoom.j@MM W32/Mydoom.k.eml!exe W32/Mydoom.k@MM W32/Mydoom.k@MM!zip W32/Mydoom.l@MM W32/Mydoom.m@MM W32/Mydoom.o@MM W32/Mydoom.p@MM W32/Mydoom.r@MM W32/Mydoom.s@MM W32/Mydoom.t.dll W32/Mydoom.t@MM W32/Mydoom.t@MM!zip W32/Mydoom.u@MM W32/Mydoom.v@MM W32/Mydoom.w@MM W32/Mydoom.x@MM W32/Mydoom.z@MM W32/Mydoom@MM!zip W32/Mytob.ei@MM W32/Mytob.ej@MM W32/Mytob.gen@MM!141 W32/Mytob.gen@MM!15d W32/Mytob.gen@MM!1870 W32/Mytob.gen@MM!1922 W32/Mytob.gen@MM!1f1a W32/Mytob.gen@MM!25c1 W32/Mytob.gen@MM!2adb W32/Mytob.gen@MM!2c2b W32/Mytob.gen@MM!2f1b W32/Mytob.gen@MM!35d3 W32/Mytob.gen@MM!3715 W32/Mytob.gen@MM!4214 W32/Mytob.gen@MM!4316 W32/Mytob.gen@MM!435d W32/Mytob.gen@MM!446f W32/Mytob.gen@MM!449f W32/Mytob.gen@MM!48e7 W32/Mytob.gen@MM!49d0 W32/Mytob.gen@MM!4f3b W32/Mytob.gen@MM!5389 W32/Mytob.gen@MM!53be W32/Mytob.gen@MM!5479 W32/Mytob.gen@MM!55e5 W32/Mytob.gen@MM!59e8 W32/Mytob.gen@MM!615f W32/Mytob.gen@MM!663a W32/Mytob.gen@MM!673c W32/Mytob.gen@MM!68b8 W32/Mytob.gen@MM!7050 W32/Mytob.gen@MM!72a5 W32/Mytob.gen@MM!767e W32/Mytob.gen@MM!7796 W32/Mytob.gen@MM!781d W32/Mytob.gen@MM!7af7 W32/Mytob.gen@MM!7cb8 W32/Mytob.gen@MM!7cdb W32/Mytob.gen@MM!98a W32/Mytob.gen@MM!e82 W32/Mytob.iy@MM W32/Mytob.worm!1068 W32/Mytob.worm!1a8f W32/Mytob.worm!1c40 W32/Mytob.worm!1e W32/Mytob.worm!212f W32/Mytob.worm!3cae W32/Mytob.worm!4fa1 W32/Mytob.worm!5b00 W32/Mytob.worm!5de2 W32/Mytob.worm!62b6 W32/Mytob.worm!747d W32/Mytob.worm!7f00 W32/Mytob.worm!b9 W32/MyWife W32/MyWife.a@MM W32/MyWife.b@MM W32/MyWife.c@MM W32/MyWife.d@MM!M24 W32/MyWife.dam W32/MyWife.dll W32/MyWife.e@MM W32/MyWife.gen W32/MyWife.gen@MM W32/MyWife@MM W32/Nachi!tftpd W32/Nachi.worm.a W32/Nachi.worm.b W32/Nachi.worm.b.dam W32/Nachi.worm.c W32/Nachi.worm.d W32/Nachi.worm.dam W32/Nachi.worm.e W32/Nachi.worm.g W32/Nachi.worm.h W32/Nachi.worm.i W32/Nachi.worm.j W32/Nachi.worm.k W32/Netsky.a@MM W32/Netsky.a@MM!zip W32/Netsky.ac@MM W32/Netsky.ad@MM W32/Netsky.af@MM W32/Netsky.ag@MM!zip W32/Netsky.ah@MM W32/Netsky.ai@MM!zip W32/Netsky.b@MM W32/Netsky.b@MM!zip W32/Netsky.c@MM W32/Netsky.c@MM!zip W32/Netsky.d@MM W32/Netsky.dam W32/Netsky.dam!zip W32/Netsky.e@MM W32/Netsky.f@MM W32/Netsky.g@MM W32/Netsky.gen@MM W32/Netsky.k@MM W32/Netsky.l@MM W32/Netsky.m@MM W32/Netsky.n@MM!zip W32/Netsky.p@MM W32/Netsky.p@MM!zip W32/Netsky.q@MM W32/Netsky.q@MM!zip W32/Netsky.r@MM W32/Netsky.s@MM W32/Netsky.t@MM W32/Netsky.x@MM W32/Netsky.z@MM!zip W32/Nimda W32/Nimda.dam W32/Nimda.eml W32/Nimda.gen@MM W32/Nimda.htm W32/Nuwar W32/Nuwar!rootkit W32/Nuwar.dam W32/Nuwar.gen.a@mm W32/Nuwar.gen.b@mm W32/Nuwar.gen@MM W32/Nuwar.sys W32/Nuwar.sys.gen W32/Nuwar@MM W32/Nuwar@MM!rar W32/Pate!dam W32/Pate.a W32/Pate.b W32/Pate.c W32/Pate.d W32/Pate.dam W32/Pate.dr W32/Pinkslipbot!rootkit W32/Polip W32/Polip!mem W32/Polybot.a W32/Polybot.aa W32/Polybot.ab W32/Polybot.ac W32/Polybot.ad W32/Polybot.ae W32/Polybot.af W32/Polybot.ag W32/Polybot.ai W32/Polybot.aj W32/Polybot.al W32/Polybot.am W32/Polybot.an W32/Polybot.ao W32/Polybot.ap W32/Polybot.aq W32/Polybot.ar W32/Polybot.as W32/Polybot.at W32/Polybot.au W32/Polybot.av W32/Polybot.aw W32/Polybot.ax W32/Polybot.ay W32/Polybot.az W32/Polybot.b W32/Polybot.ba W32/Polybot.bat W32/Polybot.bb W32/Polybot.bc W32/Polybot.bd W32/Polybot.be W32/Polybot.bf W32/Polybot.bg W32/Polybot.bh W32/Polybot.bi W32/Polybot.bj W32/Polybot.bk W32/Polybot.bl W32/Polybot.bm W32/Polybot.bn W32/Polybot.bo W32/Polybot.bp W32/Polybot.bq W32/Polybot.br W32/Polybot.bs W32/Polybot.bt W32/Polybot.bu W32/Polybot.bv W32/Polybot.bw W32/Polybot.bx W32/Polybot.by W32/Polybot.bz W32/Polybot.c W32/Polybot.ca W32/Polybot.cb W32/Polybot.cc W32/Polybot.cd W32/Polybot.ce W32/Polybot.cf W32/Polybot.cg W32/Polybot.ch W32/Polybot.ci W32/Polybot.cj W32/Polybot.cl W32/Polybot.cm W32/Polybot.cn W32/Polybot.co W32/Polybot.cp W32/Polybot.cq W32/Polybot.cr W32/Polybot.cs W32/Polybot.ct W32/Polybot.cu W32/Polybot.cv W32/Polybot.cw W32/Polybot.cx W32/Polybot.cy W32/Polybot.cz W32/Polybot.d W32/Polybot.da W32/Polybot.dam W32/Polybot.db W32/Polybot.dc W32/Polybot.dd W32/Polybot.de W32/Polybot.df W32/Polybot.dg W32/Polybot.dh W32/Polybot.dj W32/Polybot.dk W32/Polybot.dl W32/Polybot.dr W32/Polybot.e W32/Polybot.f W32/Polybot.g W32/Polybot.gen!irc W32/Polybot.h W32/Polybot.i W32/Polybot.j W32/Polybot.k W32/Polybot.l!irc W32/Polybot.m W32/Polybot.n W32/Polybot.o W32/Polybot.q W32/Polybot.r W32/Polybot.s W32/Polybot.t W32/Polybot.u W32/Polybot.v W32/Polybot.w W32/Polybot.x W32/Polybot.y W32/Polybot.z W32/Polybot@MM W32/Rimecud W32/Rimecud!env.a W32/Rimecud!env.b W32/Rimecud!env.c W32/Rimecud!env.d W32/Rimecud!inf W32/Rimecud!mem W32/Rimecud.gen W32/Rimecud.gen.a W32/Rimecud.gen.aa W32/Rimecud.gen.ac W32/Rimecud.gen.ad W32/Rimecud.gen.ae W32/Rimecud.gen.af W32/Rimecud.gen.ag W32/Rimecud.gen.ah W32/Rimecud.gen.ai W32/Rimecud.gen.aj W32/Rimecud.gen.ak W32/Rimecud.gen.al W32/Rimecud.gen.am W32/Rimecud.gen.an W32/Rimecud.gen.b W32/Rimecud.gen.c W32/Rimecud.gen.d W32/Rimecud.gen.e W32/Rimecud.gen.f W32/Rimecud.gen.g W32/Rimecud.gen.h W32/Rimecud.gen.i W32/Rimecud.gen.j W32/Rimecud.gen.k W32/Rimecud.gen.l W32/Rimecud.gen.m W32/Rimecud.gen.n W32/Rimecud.gen.o W32/Rimecud.gen.p W32/Rimecud.gen.q W32/Rimecud.gen.r W32/Rimecud.gen.s W32/Rimecud.gen.t W32/Rimecud.gen.u W32/Rimecud.gen.v W32/Rimecud.gen.w W32/Rimecud.gen.x W32/Rimecud.gen.y W32/Rimecud.gen.z W32/Routrobot.worm!rootkit W32/Sality!mem W32/Sality.dr!dam W32/Sality.gen.d W32/Sality.gen.e W32/Sasser.worm!ftp W32/Sasser.worm.a W32/Sasser.worm.b W32/Sasser.worm.c W32/Sasser.worm.d W32/Sasser.worm.e W32/Sasser.worm.f W32/Sasser.worm.g W32/Sasser.worm.gen W32/Sasser.worm.gen.b W32/Sdbot W32/Sdbot!irc W32/Sdbot.ap W32/Sdbot.bat W32/Sdbot.cli W32/Sdbot.dll W32/Sdbot.dr!ADA37D45 W32/Sdbot.dr.gen W32/Sdbot.gen.ak W32/Sdbot.gen.al W32/Sdbot.gen.am W32/Sdbot.gen.an W32/Sdbot.gen.ao W32/Sdbot.gen.aq W32/Sdbot.gen.r W32/Sdbot.worm W32/Sdbot.worm!73216 W32/Sdbot.worm!ftp W32/Sdbot.worm.bat.b W32/Sdbot.worm.dam W32/Sdbot.worm.dr W32/Sdbot.worm.gen W32/Sdbot.worm.gen.a W32/Sdbot.worm.gen.af W32/Sdbot.worm.gen.ag W32/Sdbot.worm.gen.ap W32/Sdbot.worm.gen.au W32/Sdbot.worm.gen.aw W32/Sdbot.worm.gen.b W32/Sdbot.worm.gen.bh W32/Sdbot.worm.gen.bi W32/Sdbot.worm.gen.bj W32/Sdbot.worm.gen.bk W32/Sdbot.worm.gen.bl W32/Sdbot.worm.gen.bm W32/Sdbot.worm.gen.bn W32/Sdbot.worm.gen.bx W32/Sdbot.worm.gen.by W32/Sdbot.worm.gen.c W32/Sdbot.worm.gen.cb W32/Sdbot.worm.gen.d W32/Sdbot.worm.gen.e W32/Sdbot.worm.gen.f W32/Sdbot.worm.gen.g W32/Sdbot.worm.gen.m W32/Sdbot.worm.gen.n W32/Sdbot.worm.gen.o W32/Sdbot.worm.gen.q W32/Sober!data W32/Sober!eml!M681 W32/Sober.a@MM W32/Sober.b@MM W32/Sober.c@MM W32/Sober.d.eml!zip W32/Sober.d@MM W32/Sober.d@MM!zip W32/Sober.dam W32/Sober.dr W32/Sober.e.eml!zip W32/Sober.e@MM W32/Sober.e@MM!zip W32/Sober.eml W32/Sober.f.dam W32/Sober.f.eml!zip W32/Sober.f@MM W32/Sober.g!zip.eml W32/Sober.g.dam W32/Sober.g@MM W32/Sober.g@MM!zip W32/Sober.h W32/Sober.i W32/Sober.j.eml!exe W32/Sober.j.eml!zip W32/Sober.j@MM W32/Sober.j@MM!zip W32/Sober.k.eml!zip W32/Sober.k@MM W32/Sober.k@MM!zip W32/Sober.l@MM W32/Sober.l@MM!zip W32/Sober.m@MM W32/Sober.o@MM W32/Sober.o@MM!zip W32/Sober.p.eml!zip W32/Sober.p@MM W32/Sober.p@MM!zip W32/Sober.q W32/Sober.q!spam W32/Sober.r.dr W32/Sober.r@MM!M-151 W32/Sober.s.dr W32/Sober.s@MM W32/Sober.t.dr W32/Sober.t@MM W32/Sober.u.dr W32/Sober.u@MM W32/Sober.v.dr W32/Sober.v@MM W32/Sober.w.dr W32/Sober.x@MM W32/Sober@MM!M681 W32/Sobig.a@MM W32/Sobig.b@MM W32/Sobig.c@MM W32/Sobig.d@MM W32/Sobig.dam W32/Sobig.e@MM W32/Sobig.eml W32/Sobig.f.dam W32/Sobig.f@MM W32/Sobig.gen@MM W32/Spybot.worm.gen.bj W32/Spybot.worm.gen.by W32/Spybot.worm.gen.t W32/SQLSlammer.worm W32/Swen.dam W32/Swen@MM W32/TryMem W32/Virut W32/Virut!hosts W32/Virut!htm W32/Virut!mem W32/Virut!rtf W32/Virut.a W32/Virut.b W32/Virut.c W32/Virut.d W32/Virut.e W32/Virut.f W32/Virut.g W32/Virut.gen W32/Virut.gen.a W32/Virut.gen.gen W32/Virut.gen2 W32/Virut.h W32/Virut.i W32/Virut.j W32/Virut.j!dam W32/Virut.n W32/Virut.n!dam W32/Virut.n!htm W32/Virut.n!inf W32/Virut.n!mem W32/Virut.n.gen W32/Virut.n.gen!dam W32/Virut.o W32/Virut.rem.A W32/Virut.rem.B W32/Virut.rem.C W32/Virut.rem.D W32/Virut.rem.E W32/Virut.rem.F W32/Virut.rem.G W32/Virut.rem.H W32/Virut.rem.I W32/Virut.rem.K W32/Virut.rem.L W32/Virut.remnants W32/Vulcanbot W32/Winemmem W32/Winemmem.a W32/Witty.worm W32/Yaha.eml W32/Yaha.gen@MM W32/Yaha.y@MM W32/Yaha@MM W32/Zafi.a@MM W32/Zafi.b.dam W32/Zafi.b@MM W32/Zafi.c@MM W32/Zafi.d@MM W32/Zafi.e@MM W32/Zafi.f@MM W32/Zafi.gen W32/Zindos.worm W32/Zotob.worm!hosts W32/Zotob.worm.a W32/Zotob.worm.b W32/Zotob.worm.c W32/Zotob.worm.d W32/Zotob.worm.e W32/Zotob.worm.f W32/Zotob.worm.gen Whistler!mem XCP Hikjackthis Ergebnis: HiJackthis Logfile: Code:
ATTFilter Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:29:24, on 18.02.2011 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\Avira\AntiVir Desktop\sched.exe C:\Programme\Avira\AntiVir Desktop\avguard.exe C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe C:\Programme\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe c:\APPS\HIDSERVICE\HIDSERVICE.exe C:\Programme\ICQ6Toolbar\ICQ Service.exe C:\Programme\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLService.exe C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe C:\Apps\Softex\OmniPass\Omniserv.exe C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxMediaDB.exe C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxWatch.exe C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe C:\WINDOWS\System32\svchost.exe C:\Apps\Softex\OmniPass\OPXPApp.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\CyberLink\PowerCinema\PCMService.exe C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxWatchTray.exe C:\WINDOWS\RTHDCPL.EXE C:\Programme\Avira\AntiVir Desktop\avgnt.exe C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe C:\Programme\QuickTime\qttask.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\INFOCOCKPIT.EXE C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\CPSHelpRunner.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\kernel.exe C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\sc_watch.exe C:\PROGRA~1\T-Online\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\Programme\ATI Technologies\ATI.ACE\cli.exe C:\PROGRA~1\T-Online\T-ONLI~1\Notifier\Notifier.exe C:\Programme\Lavasoft\Ad-Aware\AAWService.exe C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe C:\Programme\Mozilla Firefox\firefox.exe C:\Programme\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\msiexec.exe C:\Programme\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://alice.aol.de R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1011041219\ICQToolBar.dll R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {8A6BB6EF-43A0-48FB-9369-5488837D599D} - (no file) O2 - BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\1011041219\ICQToolBar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [ATICCC] "c:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [PCMService] "C:\Programme\CyberLink\PowerCinema\PCMService.exe" O4 - HKLM\..\Run: [RoxWatchTray] "C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxWatchTray.exe" O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [MMTray] C:\Programme\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash O4 - HKCU\..\Run: [msnmsgr] "C:\Programme\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ7.2\ICQ.exe" silent loginmode=4 O4 - HKCU\..\Run: [syscheckrt.exe] C:\syscheckrt\syscheckrt.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\Run: [InfoCockpit] C:\Programme\T-Online\T-Online_Software_6\Info-Cockpit\IC_START.EXE /nosplash (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: &Search - hxxp://kp.bar.need2find.com/KP/menusearch.html?p=KP O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (file missing) O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\ger.htm O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - hxxp://dfgfile.com/online_games/DinerDash/DinerDash.1.0.0.58.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FA9BE881-3BEF-4190-BFB1-AE8C2C205817}: NameServer = 217.0.43.113 217.0.43.97 O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir Desktop\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Programme\CyberLink\PowerCinema\Kernel\TV\CLSched.exe O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Programme\CyberLink\PowerCinema\Kernel\CLML_NTService\CLMLServer.exe O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Programme\Lavasoft\Ad-Aware\AAWService.exe O23 - Service: T-Online WLAN Adapter Steuerungsdienst (MZCCntrl) - Deutsche Telekom AG, Marmiko IT-Solutions GmbH - C:\Programme\Gemeinsame Dateien\Marmiko Shared\MZCCntrl.exe O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Apps\Softex\OmniPass\Omniserv.exe O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxLiveShare.exe O23 - Service: RoxMediaDB - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxMediaDB.exe O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCom\RoxUpnpRenderer.exe O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Programme\Roxio\WinOnCD 8\Digital Home\RoxUpnpServer.exe O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Programme\Gemeinsame Dateien\Roxio Shared\SharedCOM8\RoxWatch.exe -- End of file - 11304 bytes Geändert von spinclub (18.02.2011 um 16:31 Uhr) |
|
22.02.2011, 06:32
| #4 | |
| /// Helfer-Team | Problem mit Blasterworm 1. → besuche die Seite von virustotal und die Datei/en aus Codebox bitte prüfen lassen - nklusive Dateigröße und Name, MD5 und SHA1 auch mitkopieren:: → Tipps für die Suche nach Dateien Code:
ATTFilter C:\syscheckrt\syscheckrt.exe
→ Suche die Datei auf deinem Rechner→ Doppelklick auf die zu prüfende Datei (oder kopiere den Inhalt ab aus der Codebox) → "Senden der Datei" und Warte, bis der Scandurchlauf aller Virenscanner beendet ist → das Ergebnis wie Du es bekommst (NICHT AUSLASSEN!) da reinkoperen (inklusive <geprüfter Dateiname> + Dateigröße und Name, MD5 und SHA1) ** Beispiel - das zu postende Logfile von Virustotal soll so wie hier aussehen Also nicht auslassen, sondern wie Du es bekommst da reinkopieren!: Code:
ATTFilter Datei File name:
<hier kommt die Dateiname>
Submission date:
2010-10-22 03:34:01 (UTC)
Current status:
queued queued analysing finished
Result:
.....%
VT Community
goodware/badware
Safety score: 100.0%
Compact
Print results
Antivirus Version Last Update Result
AhnLab-V3 2010.10.22.00 2010.10.21 -
AntiVir 7.10.13.15 2010.10.21 -
Antiy-AVL 2.0.3.7 2010.10.22 -
Authentium 5.2.0.5 2010.10.22 -
Avast 4.8.1351.0 2010.10.21 -
Avast5 5.0.594.0 2010.10.21 -
usw........
...werden geprüft v. mehr wie 40 Online Virus Scanner...also Geduld!!
läuft unter XP, Vista mit (32Bit) und Windows 7 (32Bit) Achtung!: WENN GMER NICHT AUSGEFÜHRT WERDEN KANN ODER PROBMLEME VERURSACHT, fahre mit dem nächsten Punkt fort!- Es ist NICHT sinnvoll einen zweiten Versuch zu starten! Um einen tieferen Einblick in dein System, um eine mögliche Infektion mit einem Rootkit/Info v.wikipedia.org) aufzuspüren, werden wir ein Tool - Gmer - einsetzen :
** keine Verbindung zu einem Netzwerk und Internet - WLAN nicht vergessen Wenn der Scan beendet ist, bitte alle Programme und Tools wieder aktivieren! Anleitung:-> GMER - Rootkit Scanner 3. Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
4. Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis starten→ "Do a system scan only"→ Einträge auswählen→ Häckhen setzen→ "Fix checked" klicken→ PC neu aufstarten): HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen Code:
ATTFilter R3 - URLSearchHook: (no name) - - (no file)
Schritte 3. und 4.?:->klick-> http://www.trojaner-board.de/95805-p...tml#post621909 6. alle Anwendungen schließen → Ordner für temporäre Dateien bitte leeren **Der Temp Ordner,ist für temporäre Dateien,also der Inhalt kann man ohne weiteres löschen.- Dateien, die noch in Benutzung sind, nicht löschbar. **Lösche nur den Inhalt der Ordner, nicht die Ordner selbst!
7. reinige dein System mit Ccleaner:
8. poste erneut - nach der vorgenommenen Reinigungsaktion: TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!! Zitat:
__________________ Warnung!: Vorsicht beim Rechnungen per Email mit ZIP-Datei als Anhang! Kann mit einen Verschlüsselungs-Trojaner infiziert sein! Anhang nicht öffnen, in unserem Forum erst nachfragen! Sichere regelmäßig deine Daten, auf CD/DVD, USB-Sticks oder externe Festplatten, am besten 2x an verschiedenen Orten! Bitte diese Warnung weitergeben, wo Du nur kannst! Geändert von kira (22.02.2011 um 06:41 Uhr) |
|
| Themen zu Problem mit Blasterworm |
| antivir, dateien, deaktiviert, down, entfernen, ergebnis, gen, home, infizierte, keine viren, meldung, neuer, neustart, nicht mehr, pcs, problem, probleme, shutdown, system, systemwiederherstellung, trojaner, viren, windows, windows xp, wurm, xp home |
Linear-Darstellung
