![]() |
Brauche dringend hilfe mit C:\Programme\ISTsvc\istsvc.exe Tach zusammen!! Hab schon wieder nen adwaretrojanerscheissproblem. :teufel3: :koch: ich glaube das problem liegt an dem C:\Programme\ISTsvc\istsvc.exe spywarevirus oder was auch immer das is. das dumme is nur ich kanns über hijackthis fixen und zwei minuten später isses wieder da. auch wenn ich es manuell über -ausführen reedit... usw. löschen will kommts immer wieder. also bitte helft mir hier noch mein logfile: Logfile of HijackThis v1.98.2 Scan saved at 16:40:29, on 08.12.2004 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programme\Netropa\Multimedia Keyboard\nhksrv.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccSetMgr.exe C:\WINDOWS\SYSTEM32\GEARSEC.EXE C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\Programme\Norton AntiVirus\navapsvc.exe C:\Programme\Sony\Net MD Simple Burner\NetMDSB.exe C:\Programme\Norton AntiVirus\AdvTools\NPROTECT.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Programme\Norton AntiVirus\SAVScan.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccEvtMgr.exe C:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe C:\WINDOWS\system32\rundll32.exe C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe C:\Programme\Netropa\Multimedia Keyboard\TrayMon.exe C:\Programme\Netropa\Onscreen Display\OSD.exe C:\Programme\QuickTime\qttask.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Winamp\winampa.exe C:\Programme\AceGain\LiveUpdate\LiveUpdate.exe C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\xevnlu.exe C:\WINDOWS\system32\ctfmon.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\FRITZ!\IWatch.exe C:\Programme\Winamp\winamp.exe C:\Programme\ISTsvc\istsvc.exe C:\Programme\LeechGet 2004\LeechGet.exe C:\Programme\Xfire\Xfire.exe C:\Dokumente und Einstellungen\Jacinto Denjean\Eigene Dateien\Internet\internetdownloads\hijackthis_198\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.msn.de/ R3 - URLSearchHook: (no name) - _{855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file) R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Messenger\ycomp.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Sicherheitsspeich\Acrobat Reader 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programme\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programme\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Messenger\ycomp.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQToolbar\toolbaru.dll O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Programme\Netropa\Multimedia Keyboard\MMKeybd.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Programme\AceGain\LiveUpdate\LiveUpdate.exe O4 - HKLM\..\Run: [ccApp] "C:\Programme\Gemeinsame Dateien\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_04\bin\jusched.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [XM2002] C:\Programme\IPPS\XM2002®\XM2002.exe -auto O4 - HKLM\..\Run: [5BeE] C:\WINDOWS\xevnlu.exe O4 - HKLM\..\Run: [IST Service] C:\Programme\ISTsvc\istsvc.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background O4 - Global Startup: ISDNWatch.lnk = C:\Programme\FRITZ!\IWatch.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML O8 - Extra context menu item: Mit dem LeechGet Wizard laden - file://C:\Programme\LeechGet 2004\\Wizard.html O8 - Extra context menu item: Mit LeechGet herunterladen - file://C:\Programme\LeechGet 2004\\AddUrl.html O8 - Extra context menu item: Mit LeechGet parsen - file://C:\Programme\LeechGet 2004\\Parser.html O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file) O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra button: Recherche-Assistent - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Reference 2001\EROProj.dll O9 - Extra button: ICQ 4 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra button: XM2002® - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Programme\IPPS\XM2002®\XM2002.exe (file missing) O9 - Extra 'Tools' menuitem: &XM2002® - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Programme\IPPS\XM2002®\XM2002.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - http://www.fileplanet.com/fpdlmgr/ca...C_1_0_0_44.cab O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1096720262012 O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://www-secure.symantec.com/tech...a/SymAData.cab O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/tech...ActiveData.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{C748D09F-71E6-45B7-A890-0BB5DC03FBA3}: NameServer = 192.168.120.252,192.168.120.253 |
Hallo Blueman, mach bitte einen Scan mit eScan (siehe meine Signatur) und poste hier, was gefunden wurde... |
Zitat:
|
Zitat:
|
Versuchs mal so: Öffne die mwav.log -> Bearbeiten -> Suchen -> infected oder tagged eingeben -> Weitersuchen -> Treffer markieren/kopieren und ins Forum übertragen. |
geht auch nicht. reicht euch denn das logfile von hijackthis nicht??? bitte... bitte :nixda: |
Zitat:
Zitat:
Was geht nicht? |
Zitat:
Ich sollte den logfile von escan ins forum stellen und das geht nicht. ich kann ihn einügen aber die webseite macht da nicht mit. frag mich nicht warum :crazy: |
Das wir uns richtig verstehen: Du willst nicht zufällig den gesamten Inhalt der mwav.log hier einfügen, oder? |
Zitat:
Ups... doch (scheint falsch zu sein) hm.... :nixda: wie dann?? Ichhabs mit search infected probiert da gabt aber keine infected files |
Die Suche nach infected ergab keinen Treffer, das kann ich mir fast nicht vorstellen. Was ergibt die Suche nach tagged? btw: Poste mal das Gesamtergebnis, findest du ganz unten: => Total Number of Files Scanned: X => Total Number of Virus(es) Found: 0 => Total Number of Disinfected Files: 0 => Total Number of Files Renamed: 0 => Total Number of Deleted Files: 0 |
Zitat:
Wed Dec 08 17:00:15 2004 => File C:\Programme\ISTsvc\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. Wed Dec 08 17:01:03 2004 => File C:\Programme\ISTsvc\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. Wed Dec 08 17:03:15 2004 => File C:\WINDOWS\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken. Wed Dec 08 17:03:57 2004 => File C:\WINDOWS\system32\TFTP2000 infected by "Worm.Win32.Lovesan.a" Virus. Action Taken: No Action Taken. Wed Dec 08 17:04:23 2004 => File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\bb.exe infected by "not-a-virus:AdWare.BargainBuddy.l" Virus. Action Taken: No Action Taken. Wed Dec 08 17:04:24 2004 => File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\Cs5kZk.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken. ed Dec 08 17:04:28 2004 => File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\iinstall.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken. Wed Dec 08 17:04:38 2004 => File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\perfectnavUninstall.exe infected by "TrojanDownloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken. Wed Dec 08 17:04:42 2004 => File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\powerscan.exe infected by "Trojan-Downloader.Win32.IstBar.gg" Virus. Action Taken: No Action Taken. Wed Dec 08 17:05:43 2004 => File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\temp.frD223\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. Wed Dec 08 17:05:46 2004 => File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\UpdatedUpdaterInstall.exe infected by "TrojanDownloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken. Wed Dec 08 17:05:47 2004 => File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\webrebates.exe infected by "not-a-virus:AdWare.WebRebates.d" Virus. Action Taken: No Action Taken. Das Gesamtergebnis findest du hier: Wed Dec 08 17:06:20 2004 => Total Files Scanned: 5136 Wed Dec 08 17:06:20 2004 => Total Virus(es) Found: 12 Wed Dec 08 17:06:20 2004 => Total Disinfected Files: 0 Wed Dec 08 17:06:20 2004 => Total Files Renamed: 0 Wed Dec 08 17:06:20 2004 => Total Deleted Files: 0 Wed Dec 08 17:06:20 2004 => Total Errors: 2 Wed Dec 08 17:06:20 2004 => Time Elapsed: 00:06:31 Wed Dec 08 17:06:20 2004 => Virus Database Date: 2004/12/08 Wed Dec 08 17:06:20 2004 => Virus Database Count: 111805 Vielen Dank für deine hilfe :crazy: |
Zitat:
|
Hier nochmal mein eScan: Infected sind: File C:\Programme\ISTsvc\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\Programme\ISTsvc\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\TFTP2000 infected by "Worm.Win32.Lovesan.a" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\bb.exe infected by "not-a-virus:AdWare.BargainBuddy.l" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\Cs5kZk.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\EABfRW.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\iinstall.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\perfectnavUninstall.exe infected by "TrojanDownloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\temp.fr5FF5\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\temp.frD223\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\UpdatedUpdaterInstall.exe infected by "TrojanDownloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken. File C:\DOKUME~1\JACINT~1\LOKALE~1\Temp\webrebates.exe infected by "not-a-virus:AdWare.WebRebates.d" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Jacinto Denjean\Lokale Einstellungen\Temp\bb.exe infected by "not-a-virus:AdWare.BargainBuddy.l" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Jacinto Denjean\Lokale Einstellungen\Temp\Cs5kZk.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Jacinto Denjean\Lokale Einstellungen\Temp\EABfRW.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Jacinto Denjean\Lokale Einstellungen\Temp\iinstall.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Jacinto Denjean\Lokale Einstellungen\Temp\perfectnavUninstall.exe infected by "TrojanDownloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Jacinto Denjean\Lokale Einstellungen\Temp\temp.fr5FF5\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Jacinto Denjean\Lokale Einstellungen\Temp\temp.frD223\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Jacinto Denjean\Lokale Einstellungen\Temp\UpdatedUpdaterInstall.exe infected by "TrojanDownloader.Win32.Keenval.f" Virus. Action Taken: No Action Taken. File C:\Dokumente und Einstellungen\Jacinto Denjean\Lokale Einstellungen\Temp\webrebates.exe infected by "not-a-virus:AdWare.WebRebates.d" Virus. Action Taken: No Action Taken. File C:\Programme\ISTsvc\istsvc.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\Programme\Norton AntiVirus\Quarantine\328A5072.dll infected by "Trojan.Win32.Dialui" Virus. Action Taken: No Action Taken. File C:\Programme\YourSiteBar\ysb.dll infected by "not-a-virus:AdWare.ToolBar.YourSiteBar.b" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064684.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064685.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064686.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064687.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064688.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064689.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064690.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064691.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064692.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064693.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064694.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064785.exe infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064788.EXE infected by "not-a-virus:AdWare.Toolbar.MyWay.b" Virus. Action Taken: No Action Taken. |
und teil zwei: File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064846.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064848.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064849.dll infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064851.exe infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP194\A0064852.exe infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP201\A0064935.DLL infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP201\A0064937.DLL infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP201\A0064938.DLL infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP201\A0064940.EXE infected by "not-a-virus:AdWare.Gator.6034" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP201\A0064941.EXE infected by "not-a-virus:AdWare.Gator.6041" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP201\A0064955.ocx infected by "not-a-virus:AdWare.Toolbar.OWS" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP201\A0064956.dll tagged as not-a-virus:RiskWare.Downloader.SpyGame. No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP203\A0067654.EXE infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP203\A0067662.VXD infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP203\A0068498.exe infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP205\A0074142.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP205\A0074152.exe infected by "Trojan-Downloader.Win32.IstBar.gg" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP205\A0074176.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP205\snapshot\MFEX-66.DAT infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP207\A0074291.exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken. File C:\WINDOWS\Downloaded Program Files\YSBactivex.dll infected by "Trojan-Downloader.Win32.IstBar.gk" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\netut80ex.vxd infected by "not-a-virus:AdWare.BargainBuddy.n" Virus. Action Taken: No Action Taken. File C:\WINDOWS\system32\TFTP2000 infected by "Worm.Win32.Lovesan.a" Virus. Action Taken: No Action Taken. File D:\Programme\Stadtpl.Stuttgart\class\CityMetrics.class tagged as not-a-virus:JavaClass.ChatProperties. No Action Taken. File D:\Spiele\Q3A\Check for Quake III Arena Updates.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\Spiele\TotalA\CCQUERY.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken. File D:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP207\A0074261.dll tagged as not-a-virus:RiskWare.Downloader.SpyGame. No Action Taken. File D:\System Volume Information\_restore{4D9D015B-6326-4B48-B9B9-902F55722BD1}\RP207\A0074262.dll infected by "not-a-virus:AdWare.Toolbar.OWS" Virus. Action Taken: No Action Taken. File C:\WINDOWS\Downloaded Program Files\YSBactivex.dll infected by "Trojan-Downloader.Win32.IstBar.gk" Virus. Action Taken: No Action Taken. und das gesamtergebnis: Thu Dec 09 00:33:53 2004 => Total Files Scanned: 112860 Thu Dec 09 00:33:53 2004 => Total Virus(es) Found: 67 Thu Dec 09 00:33:53 2004 => Total Disinfected Files: 0 Thu Dec 09 00:33:53 2004 => Total Files Renamed: 0 Thu Dec 09 00:33:53 2004 => Total Deleted Files: 0 Thu Dec 09 00:33:53 2004 => Total Errors: 70 Thu Dec 09 00:33:53 2004 => Time Elapsed: 01:09:42 Thu Dec 09 00:33:53 2004 => ***** Scanning complete. ***** Thu Dec 09 00:33:53 2004 => Virus Database Date: 2004/12/08 Thu Dec 09 00:33:53 2004 => Virus Database Count: 111805 Thu Dec 09 00:33:53 2004 => Scan Completed. so das wärs. wie mach da jetzt weiter? haupsach ihr wisst wie ich dieses scheiss istsvc wegkriege. :crazy: |
Alle Zeitangaben in WEZ +1. Es ist jetzt 03:37 Uhr. |
Copyright ©2000-2025, Trojaner-Board