Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
TR/Click.Adpowe.N.2

TR/Click.Adpowe.N.2


Plagegeister aller Art und deren Bekämpfung: TR/Click.Adpowe.N.2

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 08.04.2005, 18:30   #16
Haui45
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Zitat:
Zitat von Tomasch
Hmm das sind aber über 150 Zeilen und 90 gefundene Viren also sehr viel!!
Wenn du es so gemacht hättest, wie von mir beschrieben, wäre es kein Problem
Jetzt musst du dir eben die Arbeit machen und die mwav.log durchsuchen.

Alt 09.04.2005, 10:20   #17
Tomasch
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Ja ich hab das ja schon alles rausgesucht und das sind 90 Viren
Und mehr als 150 Zeilen...
Soll ich das nich doch lieber als Textdatei einfügen?

mfg Tomasch
__________________
Alt 09.04.2005, 10:21   #18
Tomasch
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Thu Apr 07 21:20:31 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD
Thu Apr 07 21:20:40 2005 => System found infected with VX2 Spyware/Adware ({92daf5c1-2135-4e0c-b7a0-259abfcd3904})! Action taken: No Action Taken.
Thu Apr 07 21:20:40 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:20:40 2005 => System found infected with VX2 Spyware/Adware ({bb0d5adc-028d-4185-9288-722ddce2c757})! Action taken: No Action Taken.
Thu Apr 07 21:20:40 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:20:40 2005 => System found infected with VX2 Spyware/Adware ({00000049-8f91-4d9c-9573-f016e7626484})! Action taken: No Action Taken.
Thu Apr 07 21:20:40 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:20:40 2005 => System found infected with VX2 Spyware/Adware ({DDFFA75A-E81D-4454-89FC-B9FD0631E726})! Action taken: No Action Taken.
Thu Apr 07 21:20:40 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:20:41 2005 => Offending value found in HKCU\Software\VB and VBA Program Settings !!!
Thu Apr 07 21:20:41 2005 => System found infected with VB and VBA Program Settings Spyware/Adware! Action taken: No Action Taken.
Thu Apr 07 21:20:41 2005 => File System Found infected by "VB and VBA Program Settings Spyware/Adware" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:20:41 2005 => System found infected with text/html Spyware/Adware! Action taken: No Action Taken.
Thu Apr 07 21:20:41 2005 => File System Found infected by "text/html Spyware/Adware" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:22:19 2005 => File C:\WINDOWS\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:22:20 2005 => File C:\WINDOWS\icont.exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:22:20 2005 => Scanning File C:\WINDOWS\iconu.exe
Thu Apr 07 21:22:20 2005 => File C:\WINDOWS\iconu.exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:24:47 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\B51831533\build2.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:24:48 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\bw2.com infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:24:49 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\etnbaees.exe infected by "not-a-virus:AdWare.Lop.m" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:24:54 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\GLB645.tmp infected by "not-a-virus:AdWare.VirtualBouncer.j" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:24:55 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\gvveybpe.exe infected by "not-a-virus:AdWare.Lop.m" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:28:09 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[1].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:28:09 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[2].exe
Thu Apr 07 21:28:09 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[2].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:28:09 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[3].exe
Thu Apr 07 21:28:09 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[3].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:28:09 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[4].exe
Thu Apr 07 21:28:09 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[4].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:28:09 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[5].exe
Thu Apr 07 21:28:09 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[5].exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:28:09 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[6].exe
Thu Apr 07 21:28:09 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[6].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Thu Apr 07 21:29:09 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\Installer[1].exe infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:22:36 2005 => Scanning HKLM\SYSTEM\CurrentControlSet\Services\VxD
Fri Apr 08 15:23:05 2005 => System found infected with VX2 Spyware/Adware ({92daf5c1-2135-4e0c-b7a0-259abfcd3904})! Action taken: No Action Taken.
Fri Apr 08 15:23:05 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:23:05 2005 => System found infected with VX2 Spyware/Adware ({bb0d5adc-028d-4185-9288-722ddce2c757})! Action taken: No Action Taken.
Fri Apr 08 15:23:05 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:23:05 2005 => System found infected with VX2 Spyware/Adware ({00000049-8f91-4d9c-9573-f016e7626484})! Action taken: No Action Taken.
Fri Apr 08 15:23:05 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:23:05 2005 => System found infected with VX2 Spyware/Adware ({DDFFA75A-E81D-4454-89FC-B9FD0631E726})! Action taken: No Action Taken.
Fri Apr 08 15:23:05 2005 => File System Found infected by "VX2 Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:23:06 2005 => Offending value found in HKCU\Software\VB and VBA Program Settings !!!
Fri Apr 08 15:23:06 2005 => System found infected with VB and VBA Program Settings Spyware/Adware! Action taken: No Action Taken.
Fri Apr 08 15:23:06 2005 => File System Found infected by "VB and VBA Program Settings Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:23:06 2005 => System found infected with text/html Spyware/Adware! Action taken: No Action Taken.
Fri Apr 08 15:23:06 2005 => File System Found infected by "text/html Spyware/Adware" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:24:44 2005 => File C:\WINDOWS\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:24:45 2005 => File C:\WINDOWS\icont.exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:24:45 2005 => Scanning File C:\WINDOWS\iconu.exe
Fri Apr 08 15:24:45 2005 => File C:\WINDOWS\iconu.exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:25:42 2005 => File C:\WINDOWS\System32\l26olcj31fo.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:27:13 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\B51831533\build2.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:27:14 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\bw2.com infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:27:17 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\etnbaees.exe infected by "not-a-virus:AdWare.Lop.m" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:27:23 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\GLB645.tmp infected by "not-a-virus:AdWare.VirtualBouncer.j" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:27:24 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\Temp\gvveybpe.exe infected by "not-a-virus:AdWare.Lop.m" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:30:37 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[1].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:30:37 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[2].exe
Fri Apr 08 15:30:37 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[2].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:30:37 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[3].exe
Fri Apr 08 15:30:37 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[3].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:30:37 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[4].exe
Fri Apr 08 15:30:37 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[4].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:30:37 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[5].exe
Fri Apr 08 15:30:37 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[5].exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:30:37 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[6].exe
Fri Apr 08 15:30:38 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[6].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:30:38 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[7].exe
Fri Apr 08 15:30:38 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[7].exe infected by "Trojan-Dropper.Win32.Small.of" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:30:38 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[8].exe
Fri Apr 08 15:30:38 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[8].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:30:38 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[9].exe
Fri Apr 08 15:30:38 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\AppWrap[9].exe infected by "Trojan-Dropper.Win32.Small.of" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:31:38 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\KDUJ4HYB\Installer[1].exe infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:32:05 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\SDU74TIN\AppWrap[1].exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:32:05 2005 => Scanning File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\SDU74TIN\AppWrap[2].exe
Fri Apr 08 15:32:05 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\SDU74TIN\AppWrap[2].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
__________________
Alt 09.04.2005, 10:23   #19
Tomasch
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Fri Apr 08 15:33:19 2005 => File C:\DOKUME~1\Thomas\LOKALE~1\TEMPOR~1\Content.IE5\SXQN8HAJ\AppWrap[1].exe infected by "Trojan-Dropper.Win32.Small.of" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:35:29 2005 => File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AXIS MODE ATOM DART\Tick Four.exe infected by "not-a-virus:AdWare.Lop.j" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:35:29 2005 => Scanning File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AXIS MODE ATOM DART\Upload Ford.exe
Fri Apr 08 15:35:29 2005 => File C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AXIS MODE ATOM DART\Upload Ford.exe infected by "not-a-virus:AdWare.Lop.j" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:37:58 2005 => File C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\Download\Programme\FX-Scanner.exe infected by "HackTool.Win32.FxScanner" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:42:34 2005 => File C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\Things\Theme Xp\Explorer Bar\96453.exe infected by "not-a-virus:AdWare.Gator.3103" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:42:36 2005 => File C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\Things\Theme Xp\Visual Styles\98643.exe infected by "not-a-virus:AdWare.EZula.z" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:42:41 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\B51831533\build2.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:42:43 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\bw2.com infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:42:47 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\etnbaees.exe infected by "not-a-virus:AdWare.Lop.m" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:42:53 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\GLB645.tmp infected by "not-a-virus:AdWare.VirtualBouncer.j" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:42:54 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp\gvveybpe.exe infected by "not-a-virus:AdWare.Lop.m" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:46:08 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[1].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:46:08 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[2].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:46:09 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[3].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:46:09 2005 => Scanning File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[4].exe
Fri Apr 08 15:46:09 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[4].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:46:09 2005 => Scanning File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[5].exe
Fri Apr 08 15:46:09 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[5].exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:46:09 2005 => Scanning File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[6].exe
Fri Apr 08 15:46:09 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[6].exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:46:09 2005 => Scanning File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[7].exe
Fri Apr 08 15:46:09 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[7].exe infected by "Trojan-Dropper.Win32.Small.of" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:46:09 2005 => Scanning File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[8].exe
Fri Apr 08 15:46:09 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[8].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:46:09 2005 => Scanning File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[9].exe
Fri Apr 08 15:46:09 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\AppWrap[9].exe infected by "Trojan-Dropper.Win32.Small.of" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:47:04 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KDUJ4HYB\Installer[1].exe infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:47:26 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SDU74TIN\AppWrap[1].exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:47:26 2005 => Scanning File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SDU74TIN\AppWrap[2].exe
Fri Apr 08 15:47:27 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SDU74TIN\AppWrap[2].exe infected by "Trojan-Downloader.Win32.Small.ru" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:48:27 2005 => File C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\Content.IE5\SXQN8HAJ\AppWrap[1].exe infected by "Trojan-Dropper.Win32.Small.of" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:53:44 2005 => File C:\Programme\AVPersonal\INFECTED\qservice.VIR infected by "Trojan-Spy.Win32.ProAgent.20" Virus. Action Taken: No Action Taken.
Fri Apr 08 15:54:00 2005 => File C:\Programme\C2Media\Setup.exe infected by "not-a-virus:AdWare.Lop" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:00:52 2005 => File C:\Programme\Mozilla Firefox\extensions\{2bafa858-4ff3-4207-822e-ef46d1b431de}\chrome\isearch.jar infected by "not-a-virus:AdWare.ToolBar.ISearch.e" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:20 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP10\A0007597.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:24 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007645.exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:24 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007648.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:24 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007649.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:24 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007653.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:25 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007682.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:26 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007686.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:26 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007694.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:26 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007695.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:26 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007708.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:05:26 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP12\A0007709.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:46 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP6\A0007466.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:47 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP6\A0007468.dll infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:50 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP6\A0007477.EXE infected by "not-a-virus:AdWare.VirtualBouncer.j" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:51 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP6\A0007483.EXE infected by "not-a-virus:AdWare.VirtualBouncer.j" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:51 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP6\A0007489.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:51 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP6\A0007490.exe infected by "not-a-virus:AdWare.VirtualBouncer.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:54 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP8\A0007538.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:54 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP8\A0007539.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:54 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP8\A0007548.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:54 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP8\A0007549.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:54 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP8\A0007558.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:06:55 2005 => File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP8\A0007567.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:07:04 2005 => File C:\WINDOWS\ceres.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:07:06 2005 => File C:\WINDOWS\Downloaded Program Files\DS3.dll infected by "Trojan-Downloader.Win32.Agent.jt" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:07:29 2005 => File C:\WINDOWS\icont.exe infected by "not-a-virus:AdWare.AdURL.c" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:07:30 2005 => File C:\WINDOWS\iconu.exe infected by "not-a-virus:AdWare.Zestyfind" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:08:46 2005 => File C:\WINDOWS\isrvs\desktop.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:08:47 2005 => File C:\WINDOWS\isrvs\mfiltis.dll infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:10:40 2005 => File C:\WINDOWS\system\UpdInst.exe infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:16:33 2005 => File C:\WINDOWS\system32\l26olcj31fo.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:18:55 2005 => File C:\WINDOWS\Temp\B51831533\build2.exe infected by "not-a-virus:AdWare.ToolBar.ISearch.d" Virus. Action Taken: No Action Taken.
Fri Apr 08 16:18:58 2005 => File C:\WINDOWS\Temp\bw2.com infected by "Trojan-Dropper.Win32.Small.of" Virus. Action Taken: No Action Taken.

Fri Apr 08 16:35:23 2005 => Total Objects Scanned: 168424
Fri Apr 08 16:35:23 2005 => Total Virus(es) Found: 90
Fri Apr 08 16:35:23 2005 => Total Disinfected Files: 0
Fri Apr 08 16:35:23 2005 => Total Files Renamed: 0
Fri Apr 08 16:35:23 2005 => Total Deleted Objects: 0
Fri Apr 08 16:35:23 2005 => Total Errors: 48
Fri Apr 08 16:35:23 2005 => Time Elapsed: 01:13:25
Fri Apr 08 16:35:23 2005 => Virus Database Date: 2005/04/06
Fri Apr 08 16:35:23 2005 => Virus Database Count: 124827

Fazit: Ich ahne böses....

Alt 09.04.2005, 12:17   #20
Tomasch
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Das is jetzt die ganze Liste nur Viren
Aber ich schätze ma die Hälfte stimmt net ganz...

mfg Tomasch


Alt 10.04.2005, 16:18   #21
Haui45
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Aufgrund der Einträge im HijackThis-Log würde ich dir zum Neuaufsetzen raten. Das ist die einzige wirklich sichere Methode!

Alternativ:
Spybot Search&Destroy und Ad-Aware runterladen, installieren und updaten.

Die Systemwiederherstellung deaktivieren.

In den abgesicherten Modus booten.

-> Im Internet Explorer-> Extras-> Internetoptionen-> Reiter "allgemein" -> Verlauf leeren + Cookies löschen + Dateien löschen (auch Offlineinhalte)
-> Win-Taste + R -> "temp" (ohne"") -> Enter-> alle Dateien löschen
-> Win-Taste + R -> "%temp%" (ohne"") -> Enter-> alle Dateien löschen
-> Die restlichen Dateien manuell löschen. Vernachlässigen kannst du folgendes:
Zitat:
C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temp
C:\Dokumente und Einstellungen\Thomas\Lokale Einstellungen\Temporary Internet Files\
C:\System Volume Information\_restore
C:\WINDOWS\Temp
Scanne dann mit Spybot S&D und Ad-Aware und lasse die gefundenen Probleme beheben. Erneut mit eScan scannen um zu schauen, ob du alles erwischt hast.

Neue HjT-Log posten. Nochmals, absolute Sicherheit gibt's nur durch formatieren!

Alt 17.04.2005, 12:48   #22
Tomasch
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Hmm ich denk mal ich hab jetzt was anderes...
hab das gemacht alle Dateien gelöscht aber jetzt hab ich nen Prozess der andauernd dieses Fenster öffnet:



Wenn ich den Prozess schließe kommt der Prozess unter nem zufällig generierten Namen immer wieder...

Auch wenn ich den aussem Systemstart rausnehm kommt der immer wieder...

Was soll ich tun??

mfg Tomasch

Alt 17.04.2005, 16:41   #23
Tomasch
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Hab nochma mit Escan gescannt:

File C:\WINDOWS\system32\guard.tmp infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File System Found infected by "VB and VBA Program Settings Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "text/html Spyware/Adware" Virus. Action Taken: No Action Taken.
File System Found infected by "addestroyer Spyware/Adware" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\guard.tmp infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\lv32.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\Download\Patch\Postal2Patch1337.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
File C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\Download\Programme\Share Proggis\netpumper-1.20.1-setup.exe infected by "not-a-virus:AdWare.SaveNow.v" Virus. Action Taken: No Action Taken.
File C:\Dokumente und Einstellungen\"Benutzername"\Eigene Dateien\Things\PHP\xampp-win32-1.4.11-installer.exe tagged as not-a-virus:RiskWare.Tool.PrcView.3725. No Action Taken.
File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP2\A0000009.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP2\A0000028.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\System Volume Information\_restore{FE7B9722-F13D-4BCF-BB4C-3DA9F26DF5F0}\RP2\A0000032.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\Downloaded Program Files\DS3.dll infected by "Trojan-Downloader.Win32.Agent.jt" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\guard.tmp infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\lv32.dll infected by "not-a-virus:AdWare.Look2Me.ab" Virus. Action Taken: No Action Taken.
File D:\Spiele\Counter Strike\hltv.exe tagged as not-a-virus:RiskWare.Proxy.Hltv. No Action Taken.

Alt 17.04.2005, 21:23   #24
Tomasch
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Noch ne Hijacker Scan, helft mir doch bitte :

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dwwin.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\Programme\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Winamp\winamp.exe
C:\Dokumente und Einstellungen\Thomas\Desktop\LeechEx.exe
C:\Programme\MSN Messenger\msnmsgr.exe
C:\Programme\Spybot - Search & Destroy\SpybotSD.exe
c:\windows\system32\idwbjxd.exe
C:\Dokumente und Einstellungen\Thomas\Eigene Dateien\Download\Programme\Hackthis1_99_1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bnhlblovgnz.com/CWC94l2Uk5DI4...72ppl4iy0.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tomasch.de.vu/
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programme\AVPersonal\AVGNT.EXE" /min
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programme\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [xzitkr] c:\windows\system32\idwbjxd.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programme\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msn] C:\\Programme\\MSN Messenger\\msnmsgr.exe
O8 - Extra context menu item: Download with NetPumper - C:\Programme\NetPumper\AddUrl.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MI1933~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Programme\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\MSMSGS.EXE (file missing)
O12 - Plugin for .dll: C:\Programme\Opera\PLUGINS\NPNetPumper_Application.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {14F65762-96FB-44B9-8DAC-93845F377A0E} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.co...haringctrl.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab
O16 - DPF: {AD0B8220-7DA4-4C0A-8532-B25A9F631D3D} (VacPro.internazionale_ver10) - http://advnt01.com/dialer/internazionale_ver10.CAB
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/...x/HMAtchmt.ocx
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0FBBFAE9-FDE3-46B9-BEA2-962BC8D9975F}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A6B26F98-2F78-4188-9519-4784ECDC3857}: NameServer = 192.168.2.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{0FBBFAE9-FDE3-46B9-BEA2-962BC8D9975F}: NameServer = 192.168.2.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{0FBBFAE9-FDE3-46B9-BEA2-962BC8D9975F}: NameServer = 192.168.2.1
O18 - Filter: text/html - {950238FB-C706-4791-8674-4D429F85897E} - (no file)
O20 - Winlogon Notify: WebCheck - C:\WINDOWS\system32\q8680ijue8o80.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: StyleXPService - Unknown owner - C:\Programme\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe

Alt 18.04.2005, 14:50   #25
Tomasch
 
TR/Click.Adpowe.N.2 - Standard

TR/Click.Adpowe.N.2


Jetzt fährt der PC auch noch nach ner ZEit den PC runter wenn ich den Prozess nich regelmäßig beende :S
Bitte helft mir!!!

mfg Tomasch

Antwort
Seite 2 von 2 1 2

Themen zu TR/Click.Adpowe.N.2
desktop, erstell, erstellt, gen, helft, i-net, neuste, prozesse, regcleaner, seite, seiten, troja, trojaner, verknüpfungen, version, viren, weg..., öffnet, öfters


« Bitte helft mir. (Win min; SAgentNT.exe; EBRR.exe; SMAgent.exe) | Backdoor.Rbot.YE gefunden »


Ähnliche Themen: TR/Click.Adpowe.N.2


  1. why am I seeing this ad?click here
    Plagegeister aller Art und deren Bekämpfung - 22.09.2014 (7)
  2. Probleme mit Click to save Deal Finder & Click to Continue
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (9)
  3. Was ist Click Me.exe?
    Diskussionsforum - 22.02.2010 (29)
  4. VBS/Click.A
    Mülltonne - 20.01.2008 (0)
  5. VBS/Click.A
    Plagegeister aller Art und deren Bekämpfung - 05.01.2008 (6)
  6. VBS/Click.A
    Plagegeister aller Art und deren Bekämpfung - 02.01.2008 (8)
  7. TR/Click.Age.dj.5.C
    Log-Analyse und Auswertung - 07.07.2005 (3)
  8. TR/CLICK.AGE.DJ.5.C - Was ist das???
    Plagegeister aller Art und deren Bekämpfung - 07.07.2005 (6)
  9. click.age.dj.5.c
    Mülltonne - 28.06.2005 (0)
  10. TR/Click.Age.dj.5.C
    Log-Analyse und Auswertung - 27.06.2005 (1)
  11. TR/Click.Age.dj.5.C
    Log-Analyse und Auswertung - 25.06.2005 (1)
  12. tr/click.age.dj.5.c
    Plagegeister aller Art und deren Bekämpfung - 24.06.2005 (6)
  13. TR/Click.Age.dj.5.C
    Plagegeister aller Art und deren Bekämpfung - 13.06.2005 (12)
  14. TR/Click.VB.DG
    Plagegeister aller Art und deren Bekämpfung - 16.05.2005 (20)
  15. TR/Click.Adpowe.N.2 - was soll ich tun?
    Plagegeister aller Art und deren Bekämpfung - 09.05.2005 (8)
  16. key click (Again)
    Alles rund um Windows - 02.07.2004 (0)
  17. Key click
    Alles rund um Windows - 24.06.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema TR/Click.Adpowe.N.2 - Zitat: Zitat von Tomasch Hmm das sind aber über 150 Zeilen und 90 gefundene Viren also sehr viel!! Wenn du es so gemacht hättest, wie von mir beschrieben , wäre - TR/Click.Adpowe.N.2...
Archiv
Du betrachtest: TR/Click.Adpowe.N.2 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131