Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   svchost.exe verursacht 100% cpu auslastung (https://www.trojaner-board.de/25313-svchost-exe-verursacht-100-cpu-auslastung.html)

teetrinkerin 03.01.2006 22:36
svchost.exe verursacht 100% cpu auslastung
 
Hallo,

ich habe seit gestern, dass Problem, dass eine svchost.exe (17mb/SYSTEM) meine Cpu mit 100% auslastet - diese lässt sich nicht über den Taskmanager beenden. Das Symbol für die WLan-Verbindung erscheint nicht mehr und wenn ich versuche über die Systemsteuerung die Netzwerkverbindungen zu öffnen stürzt der Explorer ab.

Habe schon diverses (im abgesicherten Modus) probiert:
McAfee, AntiVir, Spybot S&D haben alle nix gefunden
Mit Registry First Aid hab ich gestern abend einen Registry Clean gemacht, danach ging wieder alles auch im normalen Modus - leider war die Freude nicht von Dauer, denn beim nächsten PC-Start heute mittag war das Problem wieder da und lässt sich seither auch mit erneutem Registry Clean nicht beheben.

Eine mögliche Ursache, könnte eine externe Festplatte sein, die mein Freund gestern an meinem Rechner angeschlossen hat. Diese hatte er zuvor an seinem Rechner, der mit dem Trojan.Downloader infiziert ist :headbang: - er hatte diese allerdings zuvor an meinem Rechner mit McAfee gescannt und dabei wurde nichts gefunden...

Nun habe ich folgendes Hijackthis.log (im normalen Modus erstellt)- das mir bei der automatischen Auswertung auch keine genaueren Hinweise geben konnte:

.......
Logfile of HijackThis v1.99.1
Scan saved at 21:59:49, on 03.01.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Synaptics\SynTP\SynTPLpr.exe
C:\DOKUME~1\*Mein Name*AM~1\LOKALE~1\Temp\200613183438_mcinfo.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Dokumente und Einstellungen\*Mein Name*\Eigene Dateien\_Software\Internet\Sicherheit\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://www.arcor.de
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = h**p://www.arcor.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = h**p://www.arcor.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = h**p://www.arcor.de
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = h**p://www.arcor.de
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\pchealth\helpctr\System\panels\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IE DOM Explorer - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Programme\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O3 - Toolbar: Developer Toolbar - {CC962137-2E78-4f94-975E-FC0C07DBD78F} - C:\Programme\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [msci] C:\DOKUME~1\*Mein Name*AM~1\LOKALE~1\Temp\200613183438_mcinfo.exe /insfin
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programme\ICQ\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programme\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - h**p://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,96/mcinsctl.cab
O16 - DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - h**p://www.parallelgraphics.com/bin/cortvrml.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - h**p://download.mcafee.com/molbin/shared/mcgdmgr/de/1,0,0,23/mcgdmgr.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: Flash Communication Server (FlashCom) - Macromedia, Inc. - C:\Programme\Macromedia\FlashcomMX\FlashCom.exe
O23 - Service: Flash Communication Admin Service (FlashComAdmin) - Macromedia, Inc. - C:\Programme\Macromedia\FlashcomMX\FlashComAdmin.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Programme\OpenVPN\bin\openvpnserv.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
.......

Ich hoffe jemand von euch kann mir weiterhelfen!
Bis dahin lass ich jetzt erstmal noch avast! laufen....
Viele Grüße,
die Teetrinkerin

irrlicht 03.01.2006 22:43
Hallo Teetrinkerin,
lass mal EScan laufen .Hier steht wo du es bekommst und wie du es anwendest.Halte dich genau an die Anleitung !
http://www.trojaner-board.de/showthread.php?t=17492
Irrlicht

teetrinkerin 04.01.2006 08:54
Hallo Irrlicht,

vielen Dank für deine Anwort - hier also das Ergebniss des escans:

.....
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Tue Jan 03 23:39:27 2006 => System found infected with rapidblaster Spyware/Adware

({01fc5803-8644-45d7-877b-5a3924d8ecc4})! Action taken: No Action Taken.
Tue Jan 03 23:39:28 2006 => System found infected with istbar Spyware/Adware

({aa8c93e1-7e5f-497e-b67c-cc8fe2a40d3b})! Action taken: No Action Taken.
Tue Jan 03 23:39:28 2006 => System found infected with exact advertising Spyware/Adware

({0a8ce102-fa03-4612-9bee-7fe5452f4cb1})! Action taken: No Action Taken.
Tue Jan 03 23:39:28 2006 => System found infected with istbar Spyware/Adware

({9ce15eb5-6b39-4656-9e1f-2d219ee42e0e})! Action taken: No Action Taken.
Tue Jan 03 23:39:30 2006 => System found infected with istbar Spyware/Adware (imgconv.dll)!

Action taken: No Action Taken.
Tue Jan 03 23:39:30 2006 => System found infected with whenu.savenow Spyware/Adware

(cmdlineext02.dll)! Action taken: No Action Taken.
Tue Jan 03 23:40:07 2006 => System found infected with ipinsight Spyware/Adware (j.class)! Action

taken: No Action Taken.
Tue Jan 03 23:40:07 2006 => System found infected with ipinsight Spyware/Adware (k.class)! Action

taken: No Action Taken.
Tue Jan 03 23:40:09 2006 => System found infected with cydoor.topicks.a Spyware/Adware

(info.swf)! Action taken: No Action Taken.
Tue Jan 03 23:40:10 2006 => System found infected with clipgenie Spyware/Adware (scroller.swf)!

Action taken: No Action Taken.
Tue Jan 03 23:40:24 2006 => System found infected with clipgenie Spyware/Adware (player.html)!

Action taken: No Action Taken.
Tue Jan 03 23:40:44 2006 => System found infected with clipgenie Spyware/Adware (player.html)!

Action taken: No Action Taken.
Tue Jan 03 23:40:46 2006 => System found infected with clipgenie Spyware/Adware (player.html)!

Action taken: No Action Taken.
Tue Jan 03 23:40:50 2006 => System found infected with lop.com Spyware/Adware (desktop.swf)!

Action taken: No Action Taken.
Tue Jan 03 23:41:07 2006 => System found infected with weathercast Spyware/Adware (search.htm)!

Action taken: No Action Taken.
Tue Jan 03 23:41:09 2006 => System found infected with xrenoder Spyware/Adware (display.php)!

Action taken: No Action Taken.
Tue Jan 03 23:41:11 2006 => System found infected with xrenoder Spyware/Adware (module.php)!

Action taken: No Action Taken.
Tue Jan 03 23:41:13 2006 => System found infected with xrenoder Spyware/Adware (module.php)!

Action taken: No Action Taken.
Tue Jan 03 23:41:14 2006 => System found infected with xrenoder Spyware/Adware (module.php)!

Action taken: No Action Taken.
Tue Jan 03 23:41:16 2006 => System found infected with media tickets Spyware/Adware (blank.html)!

Action taken: No Action Taken.
Tue Jan 03 23:41:18 2006 => System found infected with unknown pest Spyware/Adware (readme.rtf)!

Action taken: No Action Taken.
Tue Jan 03 23:41:19 2006 => System found infected with unknown pest Spyware/Adware (readme.rtf)!

Action taken: No Action Taken.
Tue Jan 03 23:41:19 2006 => System found infected with advsearch Spyware/Adware (mydll.dll)!

Action taken: No Action Taken.
Tue Jan 03 23:41:43 2006 => System found infected with whenu.savenow Spyware/Adware

(cmdlineext02.dll)! Action taken: No Action Taken.
Tue Jan 03 23:41:44 2006 => System found infected with statblaster Spyware/Adware

(tempwm_fuins.bat)! Action taken: No Action Taken.
Tue Jan 03 23:41:54 2006 => System found infected with ipinsight Spyware/Adware (j.class)! Action

taken: No Action Taken.
Tue Jan 03 23:41:54 2006 => System found infected with ipinsight Spyware/Adware (k.class)! Action

taken: No Action Taken.
Tue Jan 03 23:41:54 2006 => System found infected with cydoor.topicks.a Spyware/Adware

(info.swf)! Action taken: No Action Taken.
Tue Jan 03 23:41:54 2006 => System found infected with clipgenie Spyware/Adware (scroller.swf)!

Action taken: No Action Taken.
Tue Jan 03 23:41:54 2006 => System found infected with clipgenie Spyware/Adware (player.html)!

Action taken: No Action Taken.
Tue Jan 03 23:41:55 2006 => System found infected with clipgenie Spyware/Adware (player.html)!

Action taken: No Action Taken.
Tue Jan 03 23:41:55 2006 => System found infected with clipgenie Spyware/Adware (player.html)!

Action taken: No Action Taken.
Tue Jan 03 23:41:55 2006 => System found infected with lop.com Spyware/Adware (desktop.swf)!

Action taken: No Action Taken.
Tue Jan 03 23:41:56 2006 => System found infected with weathercast Spyware/Adware (search.htm)!

Action taken: No Action Taken.
Tue Jan 03 23:41:57 2006 => System found infected with xrenoder Spyware/Adware (display.php)!

Action taken: No Action Taken.
Tue Jan 03 23:41:57 2006 => System found infected with xrenoder Spyware/Adware (module.php)!

Action taken: No Action Taken.
Tue Jan 03 23:41:57 2006 => System found infected with xrenoder Spyware/Adware (module.php)!

Action taken: No Action Taken.
Tue Jan 03 23:41:57 2006 => System found infected with xrenoder Spyware/Adware (module.php)!

Action taken: No Action Taken.
Tue Jan 03 23:41:57 2006 => System found infected with media tickets Spyware/Adware (blank.html)!

Action taken: No Action Taken.
Tue Jan 03 23:41:57 2006 => System found infected with unknown pest Spyware/Adware (readme.rtf)!

Action taken: No Action Taken.
Tue Jan 03 23:41:57 2006 => System found infected with unknown pest Spyware/Adware (readme.rtf)!

Action taken: No Action Taken.
Tue Jan 03 23:41:57 2006 => System found infected with advsearch Spyware/Adware (mydll.dll)!

Action taken: No Action Taken.
Wed Jan 04 01:06:32 2006 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
Wed Jan 04 01:44:35 2006 => Total Disinfected Objects: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wed Jan 04 00:17:33 2006 => File C:\Dokumente und Einstellungen\Teetrinkerin\Eigene

Dateien\_Software\DIVX\DIVXPRO511ADWARE.EXE tagged as "not-a-virus:AdWare.Win32.Gator.3202".

Action Taken: No Action Taken.
Wed Jan 04 00:55:45 2006 => Scanning File C:\Programme\Adobe\InDesign CS\Plug-Ins\Filters\Tagged

Text Attributes.apln
Wed Jan 04 00:55:45 2006 => Scanning File C:\Programme\Adobe\InDesign CS\Plug-Ins\Filters\Tagged

Text Export Filter.apln
Wed Jan 04 00:55:45 2006 => Scanning File C:\Programme\Adobe\InDesign CS\Plug-Ins\Filters\Tagged

Text Import Filter.apln
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "offending"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.....rausgenommen......
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wed Jan 04 01:44:35 2006 => Total Errors: 122
Wed Jan 04 01:44:35 2006 => Time Elapsed: 02:10:11
Wed Jan 04 01:44:35 2006 => Total Objects Scanned: 147472
Tue Jan 03 23:33:44 2006 => Virus Database Date: 1/3/2006
Wed Jan 04 01:44:35 2006 => Virus Database Date: 1/3/2006
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~
....

Gruß,
Teetrinkerin

irrlicht 04.01.2006 09:23
Hallo Teetrinkerin,
Das brauchst du bzw.du kennst das ?
C:\DOKUME~1\*Mein Name*AM~1\LOKALE~1\Temp\200613183438_mcinfo.exe
Falls du es brauchst und kennst,verschiebe es nach bsw."eigene Dateien".Es ist in deinen temporären Dateien.Dort wird später aufgeräumt und es würde gelöscht sein.
Schalte beiSpybotS+D den SD Helper ab,der stört nachher.
Dann suchst du dir über Google folgende Programme zusammen :
Ewido Security Suite,AdAware SE Personal,installieren und updaten,gilt auch für Spybot S+D das updaten.Dann schaltest du die Systemwiederherstellung aus,mach die ganze Kiste aus und gehe beim erneuten Hochfahren mittels F8 in den Abgesicherten Modus.Das dauert etwas und sieht komisch aus,ist aber ok.Danach läßt du alle drei Programme einen Vollscan machen und lass löschen was vorgeschlagen wird.Dann zurück in den normalen Modus(ausschalten ,anschalten)Systemwiederherstellung anschalten und einen neuen EScan hier vorzeigen.
Irrlicht

teetrinkerin 04.01.2006 09:36
Hi Irrlicht,

wo schalte ich den Helper denn aus?

Danke und Gruß,
Teetrinkerin

irrlicht 04.01.2006 09:44
Hallo Teetrinkerin,
im Programm Spybot S+D unter "Werkzeuge >Recident,beide Haken raus.Falls du es nicht gleich sehen kannst :Spybot aufrufen und im Kopf "modus" auf erweiterten Modus umstellen dann Werkzeuge >Recident
Du kannst auch noch gleich folgende Programme mitnehmen :Regseeker und Clear Prog 1.4.1. final.Nimm sie von den Originalseiten.Die Beiden hier nur installieren.
Irrlicht

teetrinkerin 04.01.2006 21:21
Hallo Irrlicht,

habe nun den PC mit allen Programmen gescannt und seit dem ersten escan taucht das Problem auch nicht mehr auf... Der 2. escan-log sieht ziemlich genauso wie der erste aus...

Schaut also eher nicht nach nem Virus aus oder??
Wie ist das generell mit externen Speichermedien, wenn die an einem verseuchten Rechner angeschlossen waren... reicht ein Virenscan oder was kann man da tun....!?

Gruß,
Teetrinkerin

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wed Jan 04 18:52:17 2006 => System found infected with rapidblaster Spyware/Adware ({01fc5803-8644-45d7-877b-5a3924d8ecc4})! Action taken: No Action Taken.
Wed Jan 04 18:52:18 2006 => System found infected with istbar Spyware/Adware ({aa8c93e1-7e5f-497e-b67c-cc8fe2a40d3b})! Action taken: No Action Taken.
Wed Jan 04 18:52:18 2006 => System found infected with exact advertising Spyware/Adware ({0a8ce102-fa03-4612-9bee-7fe5452f4cb1})! Action taken: No Action Taken.
Wed Jan 04 18:52:18 2006 => System found infected with istbar Spyware/Adware ({9ce15eb5-6b39-4656-9e1f-2d219ee42e0e})! Action taken: No Action Taken.
Wed Jan 04 18:52:21 2006 => System found infected with istbar Spyware/Adware (imgconv.dll)! Action taken: No Action Taken.
Wed Jan 04 18:52:21 2006 => System found infected with whenu.savenow Spyware/Adware (cmdlineext02.dll)! Action taken: No Action Taken.
Wed Jan 04 18:52:21 2006 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
Wed Jan 04 18:52:57 2006 => System found infected with ipinsight Spyware/Adware (j.class)! Action taken: No Action Taken.
Wed Jan 04 18:52:57 2006 => System found infected with ipinsight Spyware/Adware (k.class)! Action taken: No Action Taken.
Wed Jan 04 18:53:00 2006 => System found infected with cydoor.topicks.a Spyware/Adware (info.swf)! Action taken: No Action Taken.
Wed Jan 04 18:53:01 2006 => System found infected with clipgenie Spyware/Adware (scroller.swf)! Action taken: No Action Taken.
Wed Jan 04 18:53:15 2006 => System found infected with clipgenie Spyware/Adware (player.html)! Action taken: No Action Taken.
Wed Jan 04 18:53:35 2006 => System found infected with clipgenie Spyware/Adware (player.html)! Action taken: No Action Taken.
Wed Jan 04 18:53:37 2006 => System found infected with clipgenie Spyware/Adware (player.html)! Action taken: No Action Taken.
Wed Jan 04 18:53:41 2006 => System found infected with lop.com Spyware/Adware (desktop.swf)! Action taken: No Action Taken.
Wed Jan 04 18:53:59 2006 => System found infected with weathercast Spyware/Adware (search.htm)! Action taken: No Action Taken.
Wed Jan 04 18:54:00 2006 => System found infected with xrenoder Spyware/Adware (display.php)! Action taken: No Action Taken.
Wed Jan 04 18:54:02 2006 => System found infected with xrenoder Spyware/Adware (module.php)! Action taken: No Action Taken.
Wed Jan 04 18:54:05 2006 => System found infected with xrenoder Spyware/Adware (module.php)! Action taken: No Action Taken.
Wed Jan 04 18:54:05 2006 => System found infected with xrenoder Spyware/Adware (module.php)! Action taken: No Action Taken.
Wed Jan 04 18:54:07 2006 => System found infected with media tickets Spyware/Adware (blank.html)! Action taken: No Action Taken.
Wed Jan 04 18:54:09 2006 => System found infected with unknown pest Spyware/Adware (readme.rtf)! Action taken: No Action Taken.
Wed Jan 04 18:54:10 2006 => System found infected with unknown pest Spyware/Adware (readme.rtf)! Action taken: No Action Taken.
Wed Jan 04 18:54:10 2006 => System found infected with advsearch Spyware/Adware (mydll.dll)! Action taken: No Action Taken.
Wed Jan 04 18:54:32 2006 => System found infected with whenu.savenow Spyware/Adware (cmdlineext02.dll)! Action taken: No Action Taken.
Wed Jan 04 18:54:32 2006 => System found infected with redv Spyware/Adware (insthelp.dll)! Action taken: No Action Taken.
Wed Jan 04 18:54:33 2006 => System found infected with statblaster Spyware/Adware (tempwm_fuins.bat)! Action taken: No Action Taken.
Wed Jan 04 18:54:44 2006 => System found infected with ipinsight Spyware/Adware (j.class)! Action taken: No Action Taken.
Wed Jan 04 18:54:44 2006 => System found infected with ipinsight Spyware/Adware (k.class)! Action taken: No Action Taken.
Wed Jan 04 18:54:44 2006 => System found infected with cydoor.topicks.a Spyware/Adware (info.swf)! Action taken: No Action Taken.
Wed Jan 04 18:54:44 2006 => System found infected with clipgenie Spyware/Adware (scroller.swf)! Action taken: No Action Taken.
Wed Jan 04 18:54:45 2006 => System found infected with clipgenie Spyware/Adware (player.html)! Action taken: No Action Taken.
Wed Jan 04 18:54:46 2006 => System found infected with clipgenie Spyware/Adware (player.html)! Action taken: No Action Taken.
Wed Jan 04 18:54:46 2006 => System found infected with clipgenie Spyware/Adware (player.html)! Action taken: No Action Taken.
Wed Jan 04 18:54:46 2006 => System found infected with lop.com Spyware/Adware (desktop.swf)! Action taken: No Action Taken.
Wed Jan 04 18:54:47 2006 => System found infected with weathercast Spyware/Adware (search.htm)! Action taken: No Action Taken.
Wed Jan 04 18:54:47 2006 => System found infected with xrenoder Spyware/Adware (display.php)! Action taken: No Action Taken.
Wed Jan 04 18:54:47 2006 => System found infected with xrenoder Spyware/Adware (module.php)! Action taken: No Action Taken.
Wed Jan 04 18:54:47 2006 => System found infected with xrenoder Spyware/Adware (module.php)! Action taken: No Action Taken.
Wed Jan 04 18:54:47 2006 => System found infected with xrenoder Spyware/Adware (module.php)! Action taken: No Action Taken.
Wed Jan 04 18:54:48 2006 => System found infected with media tickets Spyware/Adware (blank.html)! Action taken: No Action Taken.
Wed Jan 04 18:54:48 2006 => System found infected with unknown pest Spyware/Adware (readme.rtf)! Action taken: No Action Taken.
Wed Jan 04 18:54:48 2006 => System found infected with unknown pest Spyware/Adware (readme.rtf)! Action taken: No Action Taken.
Wed Jan 04 18:54:48 2006 => System found infected with advsearch Spyware/Adware (mydll.dll)! Action taken: No Action Taken.
Wed Jan 04 20:20:46 2006 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
Wed Jan 04 21:00:31 2006 => Total Disinfected Objects: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wed Jan 04 19:31:16 2006 => File C:\Dokumente und Einstellungen\Teetrinkerin\Eigene Dateien\_Software\DIVX\DIVXPRO511ADWARE.EXE tagged as "not-a-virus:AdWare.Win32.Gator.3202". Action Taken: No Action Taken.
Wed Jan 04 20:09:48 2006 => Scanning File C:\Programme\Adobe\InDesign CS\Plug-Ins\Filters\Tagged Text Attributes.apln
Wed Jan 04 20:09:48 2006 => Scanning File C:\Programme\Adobe\InDesign CS\Plug-Ins\Filters\Tagged Text Export Filter.apln
Wed Jan 04 20:09:49 2006 => Scanning File C:\Programme\Adobe\InDesign CS\Plug-Ins\Filters\Tagged Text Import Filter.apln
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "offending"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
...rausgenommen....
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Wed Jan 04 21:00:31 2006 => Total Errors: 123
Wed Jan 04 21:00:31 2006 => Time Elapsed: 02:08:43
Wed Jan 04 21:00:31 2006 => Total Objects Scanned: 147509
Wed Jan 04 21:00:31 2006 => Virus Database Date: 1/3/2006
Wed Jan 04 21:09:06 2006 => Virus Database Date: 1/3/2006
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:30 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131