amvo.exe, cfdflx.com, amvo1.dll, amvo0.dll

startseite Gastbuch Kontakt
amvo.exe, cfdflx.com, amvo1.dll, amvo0.dll
amvo.exe, cfdflx.com, amvo1.dll, amvo0.dll

amvo.exe, cfdflx.com, amvo1.dll, amvo0.dll




TR/Crypt.XPACK.Gen - amvo.exe - cfdflx.com ««
HijackThis

O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe


«««
wende Flash_Disinfector an - der Stick muss eingestöpselt sein - infizierten Stick mit FlashDis. "behandeln"
http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

««
Combofix

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))

C:\WINDOWS\system32\_000111_.tmp.dll
D:\Autorun.inf
F:\Autorun.inf
G:\Autorun.inf
H:\Autorun.inf


[HKEY_CURRENT_USER\software\microsoft\windows\ currentversion\explorer\mountpoints2\{18577db0-f4d2-11dc-b1e3-0018f34a8b64}]
\Shell\AutoRun\command - I:\cfdflx.com
\Shell\explore\Command - I:\cfdflx.com
\Shell\open\Command - I:\cfdflx.com

[HKEY_CURRENT_USER\software\microsoft\windows\ currentversion\explorer\mountpoints2\{18577db1-f4d2-11dc-b1e3-0018f34a8b64}]
\Shell\AutoRun\command - J:\cfdflx.com
\Shell\explore\Command - J:\cfdflx.com
\Shell\open\Command - J:\cfdflx.com




KILLALL::

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18577db0-f4d2-11dc-b1e3-0018f34a8b64}]

File::
C:\WINDOWS\system32\amvo1.dll
C:\WINDOWS\system32\amvo.exe
C:\WINDOWS\system32\amvo0.dll
I:\cfdflx.com
J:\cfdflx.com


KILLALL::

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{18577db1-f4d2-11dc-b1e3-0018f34a8b64}]

File::
J:\cfdflx.com






Valid HTML 4.01 Ranking-Hits