Wie werde ich diesen Wurm los?

turbo38 · 11.07.2008, 21:15

Hallo,

Bitdefender 10 Virenscanner hat auf meinen Rechner
(Windows 2000,SP4,Opera 9.27)
folgende Sachen gefunden:

1.Packer RLPack.D
2.Generic Mydoom.137d6e9d

Kann mir jemand sagen,wie ich das wieder los werde?

hier zwei Logs mit unterschiedlichen
Ergebnissen!

Gruß Turbo38

Log Nr.1
//-----------------------------------------------------------------
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 06/07/2008 21:56:20
//
//-----------------------------------------------------------------

Virus Statistics

Scan path : A:\
C:\
D:\
Folders : 1
Files : 55
Memory processes scanned : 24
Archives : 5
Runtime packers : 0
Identified viruses : 1
Infected files : 1
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 16
Moved files : 0
I/O errors : 0
Scan time : 00:07:40
Scan speed (files/sec) : 0

Spyware Statistics

Registry keys scanned : 233
Registry keys infected : 15
Cookies scanned : 3
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 1

Virus definitions : 1348767
Scan plugins : 16
Archive plugins : 42
Unpack plugins : 7
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user

Second action
[ ] Ignore
[X] Delete
[ ] Move to quarantine
[ ] Prompt user

Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bitdefender\Desktop\Profiles\Logs\deep_scan\1215374179.log

Spyware scan options

[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies

Summary:

<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Infected: Packer.RLPack.D
<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Disinfection failed
<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET002\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Deleted
<System> Archive repacking has failed (marked actions not taken)
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Disinfection failed
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wmsncs Service=>C:\WINNT\FONTS\WMSNCS.EXE Deleted
<System> Archive repacking successfully completed (actions successfully applied)

Log Nr.2

//-----------------------------------------------------------------
//
// Product BitDefender Free Edition v10
// Product 10.2
//
// Created on: 06/07/2008 19:42:29
//
//-----------------------------------------------------------------

Virus Statistics

Scan path : A:\
C:\
D:\
Folders : 115
Files : 304
Memory processes scanned : 22
Archives : 17
Runtime packers : 8
Identified viruses : 2
Infected files : 2
Memory processes infected : 0
Suspect files : 0
Warnings : 0
Disinfected files : 0
Deleted files : 1
Moved files : 0
I/O errors : 0
Scan time : 00:05:39
Scan speed (files/sec) : 0

Spyware Statistics

Registry keys scanned : 222
Registry keys infected : 4
Cookies scanned : 3
Cookies infected : 0
Spyware files infected : 0
Spyware threats detected : 1

Virus definitions : 1348767
Scan plugins : 16
Archive plugins : 42
Unpack plugins : 7
Mail plugins : 6
System plugins : 5

Virus scan options

Detection
[X] Scan boot sectors
[X] Memory Processes
[X] Scan archives
[X] Scan runtime packers
[X] Scan email

File mask
[ ] Programs
[X] All files
[ ] User defined extensions:
[ ] Exclude extensions: ;

Action

Infected objects
[ ] Ignore
[X] Disinfect
[ ] Delete
[ ] Move to quarantine
[ ] Prompt user

Second action
[ ] Ignore
[ ] Delete
[X] Move to quarantine
[ ] Prompt user

Virus scan options
[X] Enable warnings
[X] Enable heuristics
[ ] Show all files in log
[X] Report file: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bitdefender\Desktop\Profiles\Logs\deep_scan\1215366149.log

Spyware scan options

[X] Scan for riskware
[ ] Skip dial and applications from scan
[X] Registry keys
[X] Cookies

Summary:

<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Infected: Packer.RLPack.D
<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Disinfection failed
<System>=>C:\WINNT\Fonts\wmsncs.exe (disk) Move failed
<System>=>C:\WINNT\Fonts\wmsncs.exe (full dump) Infected: Generic.Mydoom.137D6E9D
<System>=>C:\WINNT\Fonts\wmsncs.exe (full dump) Deleted
<System> Archive repacking successfully completed (actions successfully applied)
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\NET RUNTIME OPTIMIZATION SERVICE V2.1.41329_X86\ImagePath=>C:\WINNT\FONTS\WMSNCS.EXE Move failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\NvidMediaCenter=>C:\PROGRAMME\GEMEINSAME DATEIEN\SYSTEM\WMSNCS.EXE Move failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Spool Driver Service=>C:\WINNT\SYSTEM32\SPOOL\DRIVERS\WMSNCS.EXE Move failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Detected: Packer.RLPack.D
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Disinfection failed
<System>=>HKEY_USERS\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Wins Service=>C:\WINNT\SYSTEM32\WINS\WMSNCS.EXE Move failed

Wie werde ich diesen Wurm los?

Mülltonne: Wie werde ich diesen Wurm los?

Wie werde ich diesen Wurm los?

Ähnliche Themen: Wie werde ich diesen Wurm los?