|
|
winlog.bfu
Win32.P2P-Worm.Alcan.a b
|
|
winlog.bfu, Win32.P2P-Worm.Alcan.a b
BFU (Brute Force Uninstaller)
http://www.merijn.org/files/bfu.zip
www.merijn.org/Brute Force Uninstaller
2. als zip-Datei : winlog.zip - entzippe--> Datei winlog.bfu
3. CCleaner laden : CCleaner
Starte den PC neu --> in den abgesicherten Modus (Taste F8 drücken, wenn der PC hochfährt)
* Öffne den Brute Force Uninstaller 
* klicke auf --> 
--> und suche die winlog.bfu (unter Desktop) --> öffnen
* show log after script ends (anhaken)
* Execute klicken
* wende CCleaner an - temporäre Dateien löschen
* starte den PC neu - in den Normalmodus
* scanne mit ewido http://virus-protect.org/ewido.html
Sophos
aktuellste Virendefinitionsdateien
1.) IDEs für SAV Version April 2006 (4.04)
Aktuelle Web-Version
Aktuelle CD und Web-Version Download Zip Download Exe 121
http://www.sophos.de/downloads/ide/
2.) http://www.sophos.de/tools/sav32sfx.exe
3.) gehe in C:\
4.) klicke SAV32CLI
5.) Scannen
ProcessKill MsConfigs.exe|1
ProcessKill p2pnetwork.exe|1
ProcessKill winupdates.exe|1
ProcessKill winupdate.exe|1
ProcessKill winsupdater.exe|1
ProcessKill MsUpdate.exe|1
ProcessKill winlog.exe|1
ProcessKill MsMovies.exe|1
ProcessKill p2pnetworking.exe|1
ProcessKill winlogi.exe|1
ProcessKill MSDATA32.EXE|1
ProcessKill %PROGRAMFILES%\wmplayer\wmplayer.exe
ProcessKillIfMD5Match \wmplayer.exe|ce9928d88ad3f914c06e07d185d61968|1
ProcessKill %STARTMENU%\wmplayer.exe|1
ProcessKillIfMD5Match \wmplayer.exe|4E092016BFA0441061483ED71C85C98D|1
ProcessKill %PROGRAMFILES%\outlook\outlook.exe|1
ProcessKillIfMD5Match \outlook.exe|B420A430D733A3A1D8B27E71F78590E1|1
ProcessKill \scvhost.exe|1
FileDelete %SYSDIR%\paytime.exe
FileDelete %SYSDIR%\guard.tmp
FileDelete %SYSDIR%\tickcnt.bin
FileDelete %SYSDIR%\z14.exe
FileDelete %SYSDIR%\z15.exe
FileDelete %SYSDIR%\z1*.exe
FileDelete %SYSDIR%\atmtd.dll._
FileDelete %SYSDIR%\atmtd.dll
FileDelete %SYSDIR%\awtsp.dll
FileDelete %SYSDIR%\paradise.raw.exe
FileDelete %SYSDIR%\winsub.xml
FileDelete %SYSDIR%\svcp.csv
FileDelete %SYSDIR%\setup_60014.exe
FileDelete %SYSDIR%\ssetup_26228.exe
FileDelete %SYSDIR%\setup_21528.exe
FileDelete %SYSDIR%\setup_86407.exe
FileDelete %SYSDIR%\bk.exe
FileDelete %SYSDIR%\ca32.exe
FileDelete %SYSDIR%\DH9013.exe
FileDelete %PROGRAMFILES%\Common Files\Windows\services32.exe
FileDelete %PROGRAMFILES%\Common Files\services.exe
FileDelete %PROGRAMFILES%\Common Files\mc-*-*.exe
FileDelete %PROGRAMFILES%\Common Files\Windows\mc-*-*.exe
FileDelete %PROGRAMFILES%\Common Files\Download\mc-*-*.exe
FileDelete %MYDOCUMENTS%\mc-*-*.exe
FileDelete %SYSTEMDRIVE%\mc-*-*.exe
FileDelete %WINDIR%\csvhost.exe
FileDelete %PROGRAMFILES%\Common Files\Download\freeprodtb.exe
FileDelete %PROGRAMFILES%\Common Files\system32.dll
FileDelete %WINDIR%\adtech2005.exe
FileDelete %WINDIR%\adtech2006.exe
FileDelete %WINDIR%\bytespersecond.dat
FileDelete %WINDIR%\country.exe
FileDelete %WINDIR%\kl.exe
FileDelete %WINDIR%\kl1.exe
FileDelete %WINDIR%\secure32.html
FileDelete %WINDIR%\desktop.html
|
|
