| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virtumonde.dllWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
17.06.2008, 11:03
| #1 |
| |  Virtumonde.dll Guten Tag ! Habe wie in einem anderen Post gelesen den Trojaner "Virtumonde.dll" nach Anleitung entfernt! Nun habe ich die Logfiles von "VirtumondeBeGone" und "HighJackthis" und würde darum bitten das vielleicht jemand einen Blick darauf wirft. [06/17/2008, 11:43:15] - VirtumundoBeGone v1.5 ( "C:\Dokumente und Einstellungen\****\Desktop\VirtumondeBeGone\VirtumundoBeGone.exe" ) [06/17/2008, 11:43:24] - Detected System Information: [06/17/2008, 11:43:24] - Windows Version: 5.1.2600, Service Pack 2 [06/17/2008, 11:43:24] - Current Username: **** (Admin) [06/17/2008, 11:43:24] - Windows is in SAFE mode with Networking. [06/17/2008, 11:43:24] - Searching for Browser Helper Objects: [06/17/2008, 11:43:24] - BHO 1: {0597D9ED-C025-4ECD-92DE-AA18A717F7D4} () [06/17/2008, 11:43:24] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/17/2008, 11:43:24] - Checking for HKLM\...\Winlogon\Notify\urqOIxww [06/17/2008, 11:43:24] - Key not found: HKLM\...\Winlogon\Notify\urqOIxww, continuing. [06/17/2008, 11:43:24] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper) [06/17/2008, 11:43:24] - BHO 3: {39E62BAE-1C9C-49A3-B414-A1AB3B96F842} () [06/17/2008, 11:43:24] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/17/2008, 11:43:24] - Checking for HKLM\...\Winlogon\Notify\geBsppnN [06/17/2008, 11:43:24] - Key not found: HKLM\...\Winlogon\Notify\geBsppnN, continuing. [06/17/2008, 11:43:24] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection) [06/17/2008, 11:43:24] - BHO 5: {5CA3D70E-1895-11CF-8E15-001234567890} (DriveLetterAccess) [06/17/2008, 11:43:24] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class) [06/17/2008, 11:43:24] - BHO 7: {7C03B686-89BC-4A7A-A26B-1FF181F22FBD} () [06/17/2008, 11:43:24] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/17/2008, 11:43:24] - Checking for HKLM\...\Winlogon\Notify\yayayxVl [06/17/2008, 11:43:24] - Key not found: HKLM\...\Winlogon\Notify\yayayxVl, continuing. [06/17/2008, 11:43:24] - BHO 8: {91A5E57D-6881-4AAC-9283-5EBF6597DA97} () [06/17/2008, 11:43:24] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/17/2008, 11:43:24] - Checking for HKLM\...\Winlogon\Notify\fccyaWmK [06/17/2008, 11:43:24] - Key not found: HKLM\...\Winlogon\Notify\fccyaWmK, continuing. [06/17/2008, 11:43:24] - BHO 9: {AA58ED58-01DD-4d91-8333-CF10577473F7} () [06/17/2008, 11:43:24] - WARNING: BHO has no default name. Checking for Winlogon reference. [06/17/2008, 11:43:24] - No filename found. Continuing. [06/17/2008, 11:43:24] - BHO 10: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO) [06/17/2008, 11:43:24] - BHO 11: {DF21F1DB-80C6-11D3-9483-B03D0EC10000} (HP Credential Manager for ProtectTools) [06/17/2008, 11:43:24] - Finished Searching Browser Helper Objects [06/17/2008, 11:43:24] - Finishing up... [06/17/2008, 11:43:24] - Nothing found! Exiting... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:58:57, on 17.06.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programme\HPQ\IAM\bin\asghost.exe C:\WINDOWS\Explorer.EXE C:\Programme\Java\jre1.6.0_05\bin\jusched.exe C:\Programme\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE C:\Programme\Hp\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Programme\Synaptics\SynTP\SynTPEnh.exe C:\Programme\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\WINDOWS\SMINST\Scheduler.exe C:\Programme\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe C:\Programme\Winamp\winampa.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Programme\Spybot - Search & Destroy\TeaTimer.exe C:\Programme\Veoh Networks\Veoh\VeohClient.exe C:\Programme\Windows Media Player\WMPNSCFG.exe C:\Programme\Hp\Digital Imaging\bin\hpqtra08.exe C:\Programme\OpenOffice.org 2.1\program\soffice.exe C:\Programme\AntiVir PersonalEdition Classic\sched.exe C:\Programme\OpenOffice.org 2.1\program\soffice.BIN C:\Programme\AntiVir PersonalEdition Classic\avguard.exe C:\WINDOWS\System32\svchost.exe |
| Themen zu Virtumonde.dll |
| adobe, antivir, avg, bho, browser, desktop, detected, einstellungen, explorer, google, helper, highjackthis, hijack, hijackthis, internet, internet explorer, launch, pdf, programme, security, software, system, trojaner, virtumonde.dll, windows, windows xp, wmp |
Baum-Darstellung