| |
| |||||||
Log-Analyse und Auswertung: FR/Dldr.dyfuca.ds logfile 1:Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.06.2005, 03:04
| #3 |
| |  FR/Dldr.dyfuca.ds logfile 1: Hallo Rene!
__________________Vielen vielen dank fuer die Hilfe, internet gibt virus und Hilfe...! Ich habe gemacht was du gesagt hast. Und die Computer funktioniert schon schneller! Herrlich ist das. Ich verstehe aber noch nicht ganz was du meinst mit "links im log deaktivieren.." h**p... Aber.. es ist alles schon viel besser. Wieder ein Hollaender froh. Die log habe ich hier gepostet... habe ich das richtige gepostet? Es ist direct aus das escan Programm. Gruusch dich recht herzlich. Stefan  Fri Jun 10 03:09:23 2005 => ***** Scanning Registry and File system for Adware/Spyware ***** Fri Jun 10 03:10:06 2005 => ***** Scanning Registry for errors created because of A dware/Spyware ***** Fri Jun 10 03:10:52 2005 => ***** Scanning System32 Folders ***** Fri Jun 10 03:10:52 2005 => Scanning C:\WINDOWS Directory Fri Jun 10 03:10:52 2005 => Scanning Folder: C:\WINDOWS\*.* Fri Jun 10 03:11:52 2005 => Scanning C:\WINDOWS\SYSTEM Directory Fri Jun 10 03:11:52 2005 => Scanning Folder: C:\WINDOWS\SYSTEM\*.* Fri Jun 10 03:15:56 2005 => Scanning C:\WINDOWS\TEMP Directory Fri Jun 10 03:15:56 2005 => Scanning Folder: C:\WINDOWS\TEMP\*.* Fri Jun 10 03:15:57 2005 => Scanning Folder: C:\WINDOWS\TEMP\Adobe\*.* Fri Jun 10 03:15:57 2005 => Scanning Folder: C:\WINDOWS\TEMP\Adobe\Acrobat\*.* Fri Jun 10 03:15:57 2005 => Scanning Folder: C:\WINDOWS\TEMP\Adobe\Acrobat\6.0\*.* Fri Jun 10 03:16:16 2005 => Scanning Folder: C:\WINDOWS\TEMP\Download\*.* Fri Jun 10 03:16:16 2005 => Scanning Folder: C:\WINDOWS\TEMP\Bases_X\*.* Fri Jun 10 03:16:18 2005 => Scanning C:\WINDOWS\LOCALS~1\TEMPOR~1\CONTENT.IE5 Directory Fri Jun 10 03:16:18 2005 => Scanning Folder: C:\WINDOWS\LOCALS~1\TEMPOR~1\CONTENT.IE5\*.* Fri Jun 10 03:16:18 2005 => Scanning Folder: C:\WINDOWS\LOCALS~1\TEMPOR~1\CONTENT.IE5\RVKLAHIV\*.* Fri Jun 10 03:16:36 2005 => Scanning Folder: C:\WINDOWS\LOCALS~1\TEMPOR~1\CONTENT.IE5\W9ABC1QF\*.* Fri Jun 10 03:16:57 2005 => Scanning Folder: C:\WINDOWS\LOCALS~1\TEMPOR~1\CONTENT.IE5\MBC7QFA5\*.* Fri Jun 10 03:17:07 2005 => Scanning Folder: C:\WINDOWS\LOCALS~1\TEMPOR~1\CONTENT.IE5\YJ1LDIEC\*.* Fri Jun 10 03:17:24 2005 => ***** Checking for specific ITW Viruses ***** Fri Jun 10 03:17:24 2005 => Checking for Welchia Virus... Fri Jun 10 03:17:24 2005 => Checking for LovGate Virus... Fri Jun 10 03:17:25 2005 => Checking for CodeRed Virus... Fri Jun 10 03:17:25 2005 => Checking for OpaServ Virus... Fri Jun 10 03:17:25 2005 => Checking for Sobig.e Virus... Fri Jun 10 03:17:25 2005 => Checking for Winupie Virus... Fri Jun 10 03:17:25 2005 => Checking for Swen Virus... Fri Jun 10 03:17:25 2005 => Checking for JS.Fortnight Virus... Fri Jun 10 03:17:25 2005 => Checking for Novarg Virus... Fri Jun 10 03:17:25 2005 => Checking for Pagabot Virus... Fri Jun 10 03:17:25 2005 => Checking for Parite.b Virus... Fri Jun 10 03:17:25 2005 => Checking for Parite.a Virus... Fri Jun 10 03:17:25 2005 => Checking for Adware.SeekSeek Virus... Fri Jun 10 03:17:25 2005 => ***** Scanning complete. ***** Fri Jun 10 03:17:25 2005 => Total Objects Scanned: 11396 Fri Jun 10 03:17:25 2005 => Total Virus(es) Found: 2 Fri Jun 10 03:17:26 2005 => Total Disinfected Files: 0 Fri Jun 10 03:17:26 2005 => Total Files Renamed: 0 Fri Jun 10 03:17:26 2005 => Total Deleted Objects: 0 Fri Jun 10 03:17:26 2005 => Total Errors: 26 Fri Jun 10 03:17:26 2005 => Time Elapsed: 00:08:57 Fri Jun 10 03:17:26 2005 => Virus Database Date: 2005/06/09 Fri Jun 10 03:17:26 2005 => Virus Database Count: 134027 Fri Jun 10 03:17:26 2005 => Scan Completed. Object "Alexa Spyware/Adware" found in File System! Action Taken: No Action Taken. Object "AltNet Spyware/Adware" found in File System! Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\yacsui.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\yacscom.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\ModuleUsage" refers to invalid object "C:\WINDOWS\Downloaded Program Files\MediaAccX.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\Program Files\Ahead\CoverDesigner\covered-deu.nls". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\yacsui.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Downloaded Program Files\yacscom.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\SYSTEM\pxwma.dll". Action Taken: No Action Taken. Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\SYSTEM\pxsfs.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{D3B1DE00-6B94-1069-8754-08002B2BD64F}" refers to invalid object "C:\WINDOWS\SYSTEM\disktool.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{D5DE8D20-5BB8-11D1-A1E3-00A0C90F2731}" refers to invalid object "C:\PROGRAM FILES\AH FOTOSERVICE\MSVBVM60.DLL". Action Taken: No Action Taken. Entry "HKCR\CLSID\{9EFBF860-5685-11D3-AA3D-00C04F4C5275}" refers to invalid object "cdooff.dll". Action Taken: No Action Taken. Entry "HKCR\CLSID\{B0693766-5278-4ec6-B9E1-3CE40560EF5A}" refers to invalid object "CaPlgin.ax". Action Taken: No Action Taken. Entry "HKCR\CLSID\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0}" refers to invalid object "C:\PROGRAM FILES\MSN APPS\MSN TOOLBAR\01.02.4000.1001\NL\MSNTB.DLL". Action Taken: No Action Taken. Entry "HKCR\Overview.Document" refers to invalid object "{DA23B9C9-6893-11D0-8534-00C04FD7AD0C}". Action Taken: No Action Taken. Entry "HKCR\TSHOOT.TSHOOTCtrl.1" refers to invalid object "{4B106874-DD36-11D0-8B44-00A024DD9EFF}". Action Taken: No Action Taken. Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken. Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken. Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken. Entry "HKCR\ComPlusMetaData.MsCorHost" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken. Entry "HKCR\ComPlusMetaData.MsCorHost.2" refers to invalid object "{727CDF4F-3BA0-11D3-8738-00C04F79ED0D}". Action Taken: No Action Taken. Entry "HKCR\SymWriter.pdb" refers to invalid object "{520DC67A-752E-11D3-8D56-00C04F680B2B}". Action Taken: No Action Taken. Entry "HKCR\AcroIEHelper.AcroIEHlprObj.1" refers to invalid object "{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}". Action Taken: No Action Taken. Entry "HKCR\AcroIEHelper.AcroIEHlprObj" refers to invalid object "{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}". Action Taken: No Action Taken. MERCI |
| Themen zu FR/Dldr.dyfuca.ds logfile 1: |
| ad-aware, adobe, antivir, bho, computer, desktop, excel, explorer, firefox, geht nicht, hijack, hijackthis, internet, internet explorer, logfile, microsoft, mozilla, mozilla firefox, msn, neu, registry, rundll, software, system, temp, upd.exe, urlsearchhook, windows, windows\temp, yahoo |
Baum-Darstellung