Trojaner TR/Dldr.Small.aulw und TR/Crypt.XPACK.Gen2 + Gen3 gefunden

cosinus · 23.09.2010, 21:16

Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:

ATTFilter

:OTL
O32 - AutoRun File - [1999.10.31 16:52:26 | 000,126,976 | R--- | M] (Impressions Games) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [1999.10.31 16:56:48 | 000,000,339 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{b5ea9fdc-3405-11df-9773-000fb5986617}\Shell - "" = AutoRun
O33 - MountPoints2\{b5ea9fdc-3405-11df-9773-000fb5986617}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b5ea9fdc-3405-11df-9773-000fb5986617}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c218b278-a39a-11df-9880-000fb5986617}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{c218b278-a39a-11df-9880-000fb5986617}\Shell\AutoRun\command - "" = E:\kazna\tujeled.exe -- File not found
O33 - MountPoints2\{c218b278-a39a-11df-9880-000fb5986617}\Shell\explore\command - "" = E:\kazna\\tujeled.exe -- File not found
O33 - MountPoints2\{c218b278-a39a-11df-9880-000fb5986617}\Shell\open\command - "" = E:\kazna\\tujeled.exe -- File not found
@Alternate Data Stream - 88 bytes -> C:\Dokumente und Einstellungen\User\Desktop\cleanup.exe:SummaryInformation
@Alternate Data Stream - 138 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
@Alternate Data Stream - 105 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:430C6D84
@Alternate Data Stream - 103 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8
:Commands
[purity]
[resethosts]
[emptytemp]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Tiuri · 23.09.2010, 21:47

Code:

ATTFilter

All processes killed
========== OTL ==========
File move failed. D:\autorun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5ea9fdc-3405-11df-9773-000fb5986617}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5ea9fdc-3405-11df-9773-000fb5986617}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5ea9fdc-3405-11df-9773-000fb5986617}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5ea9fdc-3405-11df-9773-000fb5986617}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5ea9fdc-3405-11df-9773-000fb5986617}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b5ea9fdc-3405-11df-9773-000fb5986617}\ not found.
File E:\LaunchU3.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c218b278-a39a-11df-9880-000fb5986617}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c218b278-a39a-11df-9880-000fb5986617}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c218b278-a39a-11df-9880-000fb5986617}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c218b278-a39a-11df-9880-000fb5986617}\ not found.
File E:\kazna\tujeled.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c218b278-a39a-11df-9880-000fb5986617}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c218b278-a39a-11df-9880-000fb5986617}\ not found.
File E:\kazna\\tujeled.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c218b278-a39a-11df-9880-000fb5986617}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c218b278-a39a-11df-9880-000fb5986617}\ not found.
File E:\kazna\\tujeled.exe not found.
Unable to delete ADS C:\Dokumente und Einstellungen\User\Desktop\cleanup.exe:SummaryInformation .
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2 deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:430C6D84 deleted successfully.
Unable to delete ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A8ADE5D8 .
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: User
->Temp folder emptied: 639886 bytes
->Temporary Internet Files folder emptied: 873820 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 8845581 bytes
->Flash cache emptied: 456 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 10,00 mb
 
 
OTL by OldTimer - Version 3.2.14.1 log created on 09232010_223334

Files\Folders moved on Reboot...
File move failed. D:\autorun.exe scheduled to be moved on reboot.
File move failed. D:\autorun.inf scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Trojaner TR/Dldr.Small.aulw und TR/Crypt.XPACK.Gen2 + Gen3 gefunden

Plagegeister aller Art und deren Bekämpfung: Trojaner TR/Dldr.Small.aulw und TR/Crypt.XPACK.Gen2 + Gen3 gefunden

Trojaner TR/Dldr.Small.aulw und TR/Crypt.XPACK.Gen2 + Gen3 gefunden

Trojaner TR/Dldr.Small.aulw und TR/Crypt.XPACK.Gen2 + Gen3 gefunden

Ähnliche Themen: Trojaner TR/Dldr.Small.aulw und TR/Crypt.XPACK.Gen2 + Gen3 gefunden