Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   d3hz32.exe -- Problem mit about:Blank (https://www.trojaner-board.de/18593-d3hz32-exe-problem-about-blank.html)

Bodobu 04.06.2005 15:14
d3hz32.exe -- Problem mit about:Blank
 
Hallo,
habe ein Problem mit "about:blank". Ich habe wohl auch schon den Grund gefunden...d3hz32.exe. Leider reichen meine PC-Kenntnisse zum löschen der Datei nicht aus.

Danke im voraus
bodobu



Logfile of HijackThis v1.99.1
Scan saved at 15:57:11, on 04.06.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGNT.EXE
C:\WINDOWS\system32\javamr32.exe
C:\WINDOWS\d3hz32.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
C:\PROGRA~1\borland\INTERB~1\Bin\ibguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\borland\INTERB~1\Bin\ibserver.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
C:\Programme\highjackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\noken.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\noken.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\noken.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\noken.dll/sp.html#37049
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\noken.dll/sp.html#37049
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\noken.dll/sp.html#37049
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\noken.dll/sp.html#37049
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Class - {E35DCA52-2CC6-C2D7-7D97-2147BA9343E8} - C:\WINDOWS\mfcaq32.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [javamr32.exe] C:\WINDOWS\system32\javamr32.exe
O4 - HKLM\..\Run: [sysos.exe] C:\WINDOWS\sysos.exe
O4 - HKLM\..\Run: [ierm.exe] C:\WINDOWS\system32\ierm.exe
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:\Programme\ICQToolbar\toolbaru.dll/SEARCH.HTML
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\j2re1.4.2_01\bin\npjpi142_01.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O13 - WWW. Prefix: http://
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - h**p://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1104351953561
O17 - HKLM\System\CCS\Services\Tcpip\..\{455F6BE2-7C3D-42AD-9165-8A8C764D6898}: NameServer = 217.237.150.141 217.237.150.97
O23 - Service: Workstation NetLogon Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\d3hz32.exe
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: InterBase Guardian (InterBaseGuardian) - Inprise Corporation - C:\PROGRA~1\borland\INTERB~1\Bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Inprise Corporation - C:\PROGRA~1\borland\INTERB~1\Bin\ibserver.exe
O23 - Service: Macromedia Licensing Service - "Unknown owner" - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Haui45 04.06.2005 16:22
Hallo,

dein System ist ziemlich verseucht. Überprüfe zunächst die folgenden Dateien online bei http://virusscan.jotti.org/de und poste das Ergebnis.
Zitat:
C:\WINDOWS\system32\javamr32.exe
C:\WINDOWS\sysos.exe
C:\WINDOWS\system32\ierm.exe
C:\WINDOWS\d3hz32.exe
Die Prozesse musst du vorher im Task-Manager beenden.

Bodobu 04.06.2005 21:26
Hallo,

hier die ergebnisse des scans. d3hz32 lässt sich im Task-Manager nicht löschen!

lg

Datei: javamr32.exe
Status: INFIZIERT/MALWARE (Anmerkung: diese Datei wurde bereits vorher gescannt. Die Scanergebnisse werden daher nicht in der Datenbank gespeichert.)
Entdeckte Packprogramme: UPX

AntiVir Keine Viren gefunden
Avast Keine Viren gefunden
AVG Antivirus Keine Viren gefunden
BitDefender Keine Viren gefunden
ClamAV Keine Viren gefunden
Dr.Web Keine Viren gefunden
F-Prot Antivirus Keine Viren gefunden
Fortinet Keine Viren gefunden
Kaspersky Anti-Virus Trojan-Downloader.Win32.Agent.ap gefunden
mks_vir Keine Viren gefunden
NOD32 probably unknown NewHeur_PE gefunden (mögliche Variante)
Norman Virus Control Keine Viren gefunden
VBA32 Keine Viren gefunden

---------------------------------------------

Datei: sysos.exe
Status: INFIZIERT/MALWARE (Anmerkung: diese Datei wurde bereits vorher gescannt. Die Scanergebnisse werden daher nicht in der Datenbank gespeichert.)
Entdeckte Packprogramme: UPX

AntiVir Keine Viren gefunden
Avast Keine Viren gefunden
AVG Antivirus Keine Viren gefunden
BitDefender Keine Viren gefunden
ClamAV Keine Viren gefunden
Dr.Web Keine Viren gefunden
F-Prot Antivirus Keine Viren gefunden
Fortinet Keine Viren gefunden
Kaspersky Anti-Virus Trojan-Downloader.Win32.Agent.ap gefunden
mks_vir Keine Viren gefunden
NOD32 probably unknown NewHeur_PE gefunden (mögliche Variante)
Norman Virus Control Keine Viren gefunden
VBA32 Keine Viren gefunden


------------------------------------

Datei: ierm.exe
Status: INFIZIERT/MALWARE (Anmerkung: diese Datei wurde bereits vorher gescannt. Die Scanergebnisse werden daher nicht in der Datenbank gespeichert.)
Entdeckte Packprogramme: UPX

AntiVir Keine Viren gefunden
Avast Keine Viren gefunden
AVG Antivirus Keine Viren gefunden
BitDefender Keine Viren gefunden
ClamAV Keine Viren gefunden
Dr.Web Keine Viren gefunden
F-Prot Antivirus Keine Viren gefunden
Fortinet Keine Viren gefunden
Kaspersky Anti-Virus Trojan-Downloader.Win32.Agent.ap gefunden
mks_vir Keine Viren gefunden
NOD32 probably unknown NewHeur_PE gefunden (mögliche Variante)
Norman Virus Control Keine Viren gefunden
VBA32 Keine Viren gefunden

------------------------------------------

Datei: d3hz32.exe
Status: INFIZIERT/MALWARE (Anmerkung: diese Datei wurde bereits vorher gescannt. Die Scanergebnisse werden daher nicht in der Datenbank gespeichert.)
Entdeckte Packprogramme: PE-CRYPT.SQR, UPX

AntiVir TR/Agent.BI gefunden
Avast Keine Viren gefunden
AVG Antivirus Keine Viren gefunden
BitDefender Keine Viren gefunden
ClamAV Keine Viren gefunden
Dr.Web BackDoor.Netag gefunden
F-Prot Antivirus W32/Agent.MS gefunden
Fortinet W32/Agent.BI-tr gefunden
Kaspersky Anti-Virus Trojan.Win32.Agent.bi gefunden
mks_vir Trojan.Agent.Bi gefunden
NOD32 Win32/Agent.NAB gefunden
Norman Virus Control W32/Agent.DTR gefunden
VBA32 Trojan.Win32.Agent.bi gefunden

Bodobu 04.06.2005 22:04
Anbei noch das Scanergebnis mit escan:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sat Jun 04 22:48:38 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:44 2005 => File C:\WINDOWS\d3hz32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:44 2005 => File C:\WINDOWS\system32\javamr32.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:45 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:49 2005 => File C:\WINDOWS\system32\javamr32.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:49 2005 => File C:\WINDOWS\sysos.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:49 2005 => File C:\WINDOWS\system32\ierm.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:50 2005 => File C:\WINDOWS\d3hz32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:49:03 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sat Jun 04 22:50:11 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sat Jun 04 22:50:11 2005 => Total Virus(es) Found: 13
Sat Jun 04 22:50:11 2005 => Total Errors: 125
Sat Jun 04 22:50:11 2005 => Time Elapsed: 00:01:55
Sat Jun 04 22:50:11 2005 => Total Objects Scanned: 10194
Sat Jun 04 22:47:37 2005 => Virus Database Date: 2005/06/04
Sat Jun 04 22:50:11 2005 => Virus Database Date: 2005/06/04
Sat Jun 04 23:00:09 2005 => Virus Database Date: 2005/06/04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

Bodobu 05.06.2005 10:44
...und hier die ergebniss des "richtigen" scanns... :balla:
sieht aus als hätte ich da ein richtiges Problem!!


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sat Jun 04 22:48:38 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:44 2005 => File C:\WINDOWS\d3hz32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:44 2005 => File C:\WINDOWS\system32\javamr32.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:45 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:49 2005 => File C:\WINDOWS\system32\javamr32.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:49 2005 => File C:\WINDOWS\sysos.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:49 2005 => File C:\WINDOWS\system32\ierm.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:48:50 2005 => File C:\WINDOWS\d3hz32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sat Jun 04 22:49:03 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sat Jun 04 22:50:11 2005 => Total Disinfected Files: 0
Sun Jun 05 00:38:24 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:38:26 2005 => File C:\WINDOWS\appei.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:38:28 2005 => File C:\WINDOWS\addbo.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:38:29 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:38:33 2005 => File C:\WINDOWS\appei.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:38:33 2005 => File C:\WINDOWS\addbo.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:38:33 2005 => File C:\WINDOWS\system32\winnv.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:38:46 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sun Jun 05 00:39:52 2005 => Total Disinfected Files: 0
Sun Jun 05 00:46:40 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:46:45 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:46:47 2005 => File C:\WINDOWS\system32\winnv.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 00:46:54 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sun Jun 05 00:47:38 2005 => Total Disinfected Files: 0
Sun Jun 05 11:02:41 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:02:44 2005 => File C:\WINDOWS\system32\winnv.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:02:44 2005 => File C:\WINDOWS\system32\winba.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:02:47 2005 => File C:\WINDOWS\mfcaq32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:02:51 2005 => File C:\WINDOWS\system32\crxy.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:02:51 2005 => File C:\WINDOWS\system32\winba.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:02:51 2005 => File C:\WINDOWS\system32\winnv.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:03:02 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sun Jun 05 11:04:08 2005 => File C:\WINDOWS\apikh32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:08 2005 => File C:\WINDOWS\appog32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:08 2005 => File C:\WINDOWS\atlis32.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:09 2005 => File C:\WINDOWS\d3ph32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:10 2005 => File C:\WINDOWS\iegc32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:11 2005 => File C:\WINDOWS\javamf32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:12 2005 => File C:\WINDOWS\mfcoo.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:12 2005 => File C:\WINDOWS\mfcsl.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:13 2005 => File C:\WINDOWS\msdr.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:13 2005 => File C:\WINDOWS\msln32.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:13 2005 => File C:\WINDOWS\msxd.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:14 2005 => File C:\WINDOWS\ntki.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:17 2005 => File C:\WINDOWS\sdklg.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:18 2005 => File C:\WINDOWS\sysdp.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:18 2005 => File C:\WINDOWS\syshq.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:18 2005 => File C:\WINDOWS\syspo32.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:21 2005 => File C:\WINDOWS\winhb.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:25 2005 => File C:\WINDOWS\System32\apili.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:26 2005 => File C:\WINDOWS\System32\atlcr32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:26 2005 => File C:\WINDOWS\System32\atlzt32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:42 2005 => File C:\WINDOWS\System32\d3jj32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:04:42 2005 => File C:\WINDOWS\System32\d3yw.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:05:39 2005 => File C:\WINDOWS\System32\ieuy.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:05:47 2005 => File C:\WINDOWS\System32\iprr.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:05:55 2005 => File C:\WINDOWS\System32\javamp32.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:06:20 2005 => File C:\WINDOWS\System32\mfclx32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:06:30 2005 => File C:\WINDOWS\System32\mscb.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:06:56 2005 => File C:\WINDOWS\System32\ntns.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:07:25 2005 => File C:\WINDOWS\System32\sdkjc.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:07:36 2005 => File C:\WINDOWS\System32\syszz32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:07:54 2005 => File C:\WINDOWS\System32\winee.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:07:55 2005 => File C:\WINDOWS\System32\wingp.exe infected by "Trojan-Downloader.Win32.Agent.ap" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:07:55 2005 => File C:\WINDOWS\System32\winkn32.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:08:12 2005 => File C:\DOKUME~1\BODO1~1\LOKALE~1\Temp\101.tmp infected by "Trojan-Downloader.Win32.WinShow.ay" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:12:10 2005 => Scanning File C:\DOKUME~1\BODO1~1\LOKALE~1\TEMPOR~1\Content.IE5\FKDKBMWY\infected6xz[1].gif
Sun Jun 05 11:26:04 2005 => File C:\Dokumente und Einstellungen\Bodo 1\Lokale Einstellungen\Temp\101.tmp infected by "Trojan-Downloader.Win32.WinShow.ay" Virus! Action Taken: No Action Taken.
Sun Jun 05 11:29:13 2005 => Scanning File C:\Dokumente und Einstellungen\Bodo 1\Lokale Einstellungen\Temporary Internet Files\Content.IE5\FKDKBMWY\infected6xz[1].gif
Sun Jun 05 11:34:53 2005 => Total Disinfected Files: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
Sat Jun 04 22:50:11 2005 => Total Virus(es) Found: 13
Sun Jun 05 00:39:52 2005 => Total Virus(es) Found: 12
Sun Jun 05 00:47:38 2005 => Total Virus(es) Found: 8
Sun Jun 05 11:34:53 2005 => Total Virus(es) Found: 47
Sat Jun 04 22:50:11 2005 => Total Errors: 125
Sun Jun 05 00:39:52 2005 => Total Errors: 129
Sun Jun 05 00:47:38 2005 => Total Errors: 131
Sun Jun 05 11:34:53 2005 => Total Errors: 153
Sat Jun 04 22:50:11 2005 => Time Elapsed: 00:01:55
Sun Jun 05 00:39:52 2005 => Time Elapsed: 00:01:47
Sun Jun 05 00:47:38 2005 => Time Elapsed: 00:01:10
Sun Jun 05 11:34:53 2005 => Time Elapsed: 00:32:29
Sat Jun 04 22:50:11 2005 => Total Objects Scanned: 10194
Sun Jun 05 00:39:52 2005 => Total Objects Scanned: 10169
Sun Jun 05 00:47:38 2005 => Total Objects Scanned: 10186
Sun Jun 05 11:34:53 2005 => Total Objects Scanned: 30708
Sat Jun 04 22:47:37 2005 => Virus Database Date: 2005/06/04
Sat Jun 04 22:50:11 2005 => Virus Database Date: 2005/06/04
Sat Jun 04 23:00:09 2005 => Virus Database Date: 2005/06/04
Sun Jun 05 00:37:57 2005 => Virus Database Date: 2005/06/04
Sun Jun 05 00:39:52 2005 => Virus Database Date: 2005/06/04
Sun Jun 05 00:40:17 2005 => Virus Database Date: 2005/06/04
Sun Jun 05 00:46:22 2005 => Virus Database Date: 2005/06/04
Sun Jun 05 00:47:38 2005 => Virus Database Date: 2005/06/04
Sun Jun 05 00:47:46 2005 => Virus Database Date: 2005/06/04
Sun Jun 05 11:02:06 2005 => Virus Database Date: 2005/06/04
Sun Jun 05 11:34:54 2005 => Virus Database Date: 2005/06/04
Sun Jun 05 11:35:08 2005 => Virus Database Date: 2005/06/04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

chaosman 05.06.2005 11:17
@Bodobu
zur win32.Agent.bc
http://www.sophos.de/virusinfo/analy...ojiefeatr.html
zur win32.Agent.bi
http://www.sophos.de/virusinfo/analy...ojagentde.html

da kann ich dir nur raten dein system neuaufzusetzen(formatC)
hier eine Anleitung
http://www.trojaner-board.de/showpos...28&postcount=2

sry
chaosman


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:14 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55