websiteviewer

player_z · 22.02.2005, 19:03

hi, habe auch den websiteviewer
habe escan im abgesicherten modus drüberlaufen lassen:

das stand im programm drin:

Tue Feb 22 18:43:38 2005 => ***** Scanning complete. *****
Tue Feb 22 18:43:38 2005 => Total Files Scanned: 133071
Tue Feb 22 18:43:38 2005 => Total Virus(es) Found: 77
Tue Feb 22 18:43:38 2005 => Total Disinfected Files: 0
Tue Feb 22 18:43:38 2005 => Total Files Renamed: 0
Tue Feb 22 18:43:38 2005 => Total Deleted Files: 0
Tue Feb 22 18:43:38 2005 => Total Errors: 4
Tue Feb 22 18:43:38 2005 => Time Elapsed: 01:54:50
Tue Feb 22 18:43:38 2005 => Virus Database Date: 2005/02/22
Tue Feb 22 18:43:38 2005 => Virus Database Count: 119140

Tue Feb 22 18:43:38 2005 => Scan Completed.

File C:\WINDOWS\cerbmod.dll infected by "Trojan.Win32.Dialer.bi" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\ibs.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\tvrlnpbl.exe infected by "Trojan-Downloader.Win32.Agent.jc" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\msnmsgq.exe infected by "Trojan-Downloader.Win32.Agent.is" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\winagent.exe infected by "Backdoor.Win32.Webdor.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\msnmsn32.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\p2p[p2p-10081,1].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\radiofox[rix-10068,1,layer11].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\radiofox[rix-10190,1,layer11].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\tlin.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\Temp\mmrn32.exe infected by "Trojan-Downloader.Win32.Agent.is" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\Temp\~E8.exe infected by "Trojan-Clicker.Win32.Agent.as" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\TEMPOR~1\Content.IE5\76S7RT89\track.freewebcounter[1] infected by "Trojan.VBS.Seeker.a" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\TEMPOR~1\Content.IE5\C5YB89AN\b[1].11,0,1 infected by "Trojan-Downloader.Win32.Agent.jc" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\TEMPOR~1\Content.IE5\CPAB8TIZ\InstallationsAssistent[1].ocx infected by "Trojan-Downloader.Win32.Stardler.a" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\TEMPOR~1\Content.IE5\G5A3SXER\a[1].13,0,1 infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\TEMPOR~1\Content.IE5\O9AN81UF\c[1].htm infected by "Exploit.HTML.IframeBof" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\TEMPOR~1\Content.IE5\O9AN81UF\w[1].exe infected by "Backdoor.Win32.Agent.ec" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\TEMPOR~1\Content.IE5\T7ZFXX8E\l[1].exe infected by "Trojan-Downloader.Win32.Small.aaq" Virus. Action Taken: No Action Taken.
File C:\DOKUME~1\Schmitt\LOKALE~1\TEMPOR~1\Content.IE5\Y7EJYTMR\axload[1].cab infected by "Trojan.Win32.Dialer.ep" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temp\mmrn32.exe infected by "Trojan-Downloader.Win32.Agent.is" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temp\~E8.exe infected by "Trojan-Clicker.Win32.Agent.as" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\76S7RT89\track.freewebcounter[1] infected by "Trojan.VBS.Seeker.a" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\C5YB89AN\b[1].11,0,1 infected by "Trojan-Downloader.Win32.Agent.jc" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\CPAB8TIZ\InstallationsAssistent[1].ocx infected by "Trojan-Downloader.Win32.Stardler.a" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\G5A3SXER\a[1].13,0,1 infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\O9AN81UF\c[1].htm infected by "Exploit.HTML.IframeBof" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\O9AN81UF\w[1].exe infected by "Backdoor.Win32.Agent.ec" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\T7ZFXX8E\l[1].exe infected by "Trojan-Downloader.Win32.Small.aaq" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Schmitt\Lokale Einstellungen\Temporary Internet Files\Content.IE5\Y7EJYTMR\axload[1].cab infected by "Trojan.Win32.Dialer.ep" Virus. Action Taken: No Action Taken.
File C:\misb.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\RECYCLER\S-1-5-21-1095445163-2978210815-3867102029-1005\Dc106\127035.dlr infected by "not-a-virus:PornWare.Dialer.Tibs" Virus. Action Taken: No Action Taken.
File C:\RECYCLER\S-1-5-21-1095445163-2978210815-3867102029-1005\Dc106\127035.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\RECYCLER\S-1-5-21-1095445163-2978210815-3867102029-1005\Dc106\9576128temp.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\RECYCLER\S-1-5-21-1095445163-2978210815-3867102029-1005\Dc109.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\RECYCLER\S-1-5-21-1095445163-2978210815-3867102029-1005\Dc110.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP42\A0002575.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP42\A0002612.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP42\A0002672.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP43\A0002727.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP44\A0002831.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP46\A0002891.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP49\A0002976.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP49\A0003049.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP51\A0003115.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP52\A0003174.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP53\A0003227.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP57\A0003373.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP57\A0003461.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP58\A0003523.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP59\A0003681.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP59\A0003744.exe infected by "Trojan-Downloader.Win32.Small.aaq" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP59\A0003745.exe infected by "Backdoor.Win32.Agent.ec" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP59\A0003748.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP59\A0003774.exe infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0005187.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0005192.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0006187.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0006190.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0006234.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0006248.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0006258.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0006269.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0006280.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP65\A0006291.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP66\A0006318.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{0A3EF540-1915-4316-837B-89EDEB8D656C}\RP66\A0006349.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\acontix.ocx infected by "not-a-virus:Porn-Dialer.Win32.ALifeDialer" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\ieloader.dll infected by "Trojan.Win32.Dialer.ep" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\InstallationsAssistent.ocx infected by "Trojan-Downloader.Win32.Stardler.a" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\msnmsn32.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\p2p[p2p-10081,1].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\radiofox[rix-10068,1,layer11].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\radiofox[rix-10190,1,layer11].exe infected by "not-a-virus:Porn-Dialer.Win32.Intexdial" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\config\systemprofile\Lokale Einstellungen\Temporary Internet Files\Content.IE5\K9MJ4LYZ\x[1].exe infected by "Net-Worm.Win32.Padobot.g" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\tlin.exe infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File D:\SOFTWARE\DIVX5.05\DIVXBUNDLE.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.

ich habe keine ahnung was ich machen muss. hoffe mir kann jmd helfen. vielen dank im vorraus

Lutz · 22.02.2005, 22:35

Moin,

ich habe mir jetzt nicht alles genau angeschaut, aber bei Trojanern mit Backdoor-Funktionalität

Zitat:

File C:\WINDOWS\winagent.exe infected by "Backdoor.Win32.Webdor.p

lautet unser einziger ernstzunehmender Rat Neuinstallation des Systems. Eine hervorragende Anleitung findest Du hier -> http://www.trojaner-board.de/showthread.php?t=12154

Da sich auch einige Dialer auf Deinem System tummeln, solltest Du diese zunächst sichern, also speichern, falls Du nicht ausschließlich mit DSL im Web bist und auch kein (Fax)Modem oder eine Telefonanlage am PC angeschlossen hast.

websiteviewer

Log-Analyse und Auswertung: websiteviewer

websiteviewer

websiteviewer

Ähnliche Themen: websiteviewer