Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: eScan log file

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 24.06.2005, 13:29   #1
schneebesen
 
eScan log file - Frage

eScan log file



Hallo allerseits,

mein Problem ist, dass ich den Computer zwar mit eScan gescannt habe und mit eScanCheck bzw. Killbox versucht habe zu reinigen, ich aber eine ganze Reihe von Warnmeldungen in eScan im Computer nicht finden kann. Folglich kann ich diese auch nicht beheben. Die meisten befinden sich laut eScan im Registry oder File System. Was hat das zu bedeuten?
könnte sich das mal jemand angucken und einen heissen Tip abgeben?

Vielen Dank schonmal,

Schneebesen

------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------

1: Fri Jun 24 13:07:42 2005 => System found infected with Gator Spyware/Adware ({21FFB6C0-0DA1-11D5-A9D5-00500413153C})! Action taken: No Action Taken.
2: Fri Jun 24 13:07:44 2005 => System found infected with Alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
3: Fri Jun 24 13:07:44 2005 => System found infected with MyBar Spyware/Adware ({014da6c9-189f-421a-88cd-07cfe51cff10})! Action taken: No Action Taken.
4: Fri Jun 24 13:07:44 2005 => System found infected with AltnetBDE Spyware/Adware (adm4.adm4)! Action taken: No Action Taken.
5: Fri Jun 24 13:07:44 2005 => System found infected with AltnetBDE Spyware/Adware (adm25.adm25)! Action taken: No Action Taken.
6: Fri Jun 24 13:07:44 2005 => System found infected with VX2 Spyware/Adware (vx2.vx2obj)! Action taken: No Action Taken.
7: Fri Jun 24 13:07:44 2005 => System found infected with WhenU Spyware/Adware (wusn)! Action taken: No Action Taken.
8: Fri Jun 24 13:07:51 2005 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: No Action Taken.
9: Fri Jun 24 13:07:58 2005 => System found infected with AltnetBDE Spyware/Adware (altnet signing module.exe)! Action taken: No Action Taken.
10: Fri Jun 24 13:07:58 2005 => System found infected with AltnetBDE Spyware/Adware (adm.exe)! Action taken: No Action Taken.
11: Fri Jun 24 13:44:11 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*

--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------

1: Fri Jun 24 13:10:09 2005 => File C:\WINDOWS\SYSTEM\PLUGIN.EXE tagged as "not-a-virus:Porn-Dialer.Win32.Generic". Action Taken: No Action Taken.
2: Fri Jun 24 13:15:33 2005 => File C:\WINDOWS\TEMP\bde1E8A.TMP\morpheus\projector\bdeplayer\BDESac10.cab tagged as "not-a-virus:AdWare.BrilliantDigital.3120". Action Taken: No Action Taken.
3: Fri Jun 24 13:15:34 2005 => File C:\WINDOWS\TEMP\bde1E8A.TMP\morpheus\projector\b3d3100Package.cab tagged as "not-a-virus:AdWare.BrilliantDigital.1007". Action Taken: No Action Taken.
4: Fri Jun 24 13:18:37 2005 => File C:\WINDOWS\TEMP\__unin__.exe tagged as "not-a-virus:AdWare.Altnet.g". Action Taken: No Action Taken.
5: Fri Jun 24 13:18:40 2005 => File C:\WINDOWS\TEMP\asmfiles.cab tagged as "not-a-virus:AdWare.Altnet.l". Action Taken: No Action Taken.
6: Fri Jun 24 13:21:37 2005 => File C:\WINDOWS\SYSTEM\PLUGIN.EXE tagged as "not-a-virus:Porn-Dialer.Win32.Generic". Action Taken: No Action Taken.
7: Fri Jun 24 13:27:53 2005 => File C:\WINDOWS\TEMP\bde1E8A.TMP\morpheus\projector\bdeplayer\BDESac10.cab tagged as "not-a-virus:AdWare.BrilliantDigital.3120". Action Taken: No Action Taken.
8: Fri Jun 24 13:27:54 2005 => File C:\WINDOWS\TEMP\bde1E8A.TMP\morpheus\projector\b3d3100Package.cab tagged as "not-a-virus:AdWare.BrilliantDigital.1007". Action Taken: No Action Taken.
9: Fri Jun 24 13:31:04 2005 => File C:\WINDOWS\TEMP\__unin__.exe tagged as "not-a-virus:AdWare.Altnet.g". Action Taken: No Action Taken.
10: Fri Jun 24 13:31:07 2005 => File C:\WINDOWS\TEMP\asmfiles.cab tagged as "not-a-virus:AdWare.Altnet.l". Action Taken: No Action Taken.
11: Fri Jun 24 13:32:39 2005 => File C:\WINDOWS\Downloaded Program Files\plugin.exe tagged as "not-a-virus:Porn-Dialer.Win32.Generic". Action Taken: No Action Taken.
12: Fri Jun 24 13:34:22 2005 => File C:\WINDOWS\bde\bdeclean.exe tagged as "not-a-virus:AdWare.BrilliantDigital.35684". Action Taken: No Action Taken.
13: Fri Jun 24 13:36:18 2005 => File C:\Programme\kazaa_lite_171_deutsch.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
14: Fri Jun 24 13:36:21 2005 => File C:\Programme\Netscape\Communicator\Program\Plugins\nponflow.dll tagged as "not-a-virus:AdWare.OnFlow". Action Taken: No Action Taken.
15: Fri Jun 24 13:37:10 2005 => File C:\Programme\ow32dede512j.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
16: Fri Jun 24 13:37:43 2005 => File C:\Programme\Opera\UnInst\UNWISE.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
17: Fri Jun 24 13:46:51 2005 => File C:\Programme\GDiVX 1.9.0.exe tagged as "not-a-virus:AdWare.NewDotNet". Action Taken: No Action Taken.
18: Fri Jun 24 13:46:54 2005 => File C:\Programme\Morpheus\setupmorph.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
19: Fri Jun 24 13:46:57 2005 => File C:\Programme\NewDotNet\newdotnet4_50.dll tagged as "not-a-virus:AdWare.NewDotNet". Action Taken: No Action Taken.
20: Fri Jun 24 13:47:11 2005 => File C:\Programme\Zone Labs\ZoneAlarm\zauninst.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
21: Fri Jun 24 13:47:22 2005 => File C:\Programme\Zone Labs\zlsSetup_55_094_000.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
22: Fri Jun 24 13:47:24 2005 => File C:\Programme\Acoustica-MP3-CD-Burner-Installer-aff_7255.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
23: Fri Jun 24 13:49:36 2005 => File C:\Programme\OutpostInstall.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
24: Fri Jun 24 13:50:31 2005 => File C:\Programme\zaSetup_37_159.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
25: Fri Jun 24 13:50:33 2005 => File C:\Programme\DivX505Bundle.exe tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
26: Fri Jun 24 13:50:49 2005 => File C:\Programme\Microsoft Nachschlagewerke\Encarta Enzyklopädie\UNINST32.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.
27: Fri Jun 24 13:53:14 2005 => File C:\UNWISE.EXE tagged as not-a-virus:Tool.Win32.Reboot. No Action Taken.

--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------

1: Fri Jun 24 13:07:11 2005 => ERROR!!! Invalid Entry {D3796116-94D3-4009-96D7-51578411CC7D} = C:\PROGRA~1\AGNITUM\OUTPOS~1.0\OSHDLR.DLL (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). No Action Taken.
2: Fri Jun 24 13:07:12 2005 => ERROR!!! Invalid Entry dfueconf = C:\Programme\Eumex 504PC USB\dfueconf.exe (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Run). No Action Taken.
3: Fri Jun 24 13:07:13 2005 => ERROR!!! Invalid Entry MiniLog = C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE -service (in key SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices). No Action Taken.
4: Fri Jun 24 13:08:14 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\SYSTEM\PLUGIN~1.CPL". Action Taken: No Action Taken.
5: Fri Jun 24 13:08:15 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\SYSTEM\iccsigs.dat". Action Taken: No Action Taken.
6: Fri Jun 24 13:08:15 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\SYSTEM\LTIH21TB.DLL". Action Taken: No Action Taken.
7: Fri Jun 24 13:08:15 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\Startmenü\Programme\Opera 5\NPSWF32.dll". Action Taken: No Action Taken.
8: Fri Jun 24 13:08:15 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\SYSTEM\NSCMPS.DLL". Action Taken: No Action Taken.
9: Fri Jun 24 13:08:15 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\SYSTEM\NSERROR.DLL". Action Taken: No Action Taken.
10: Fri Jun 24 13:08:15 2005 => Entry "HKLM\Software\Microsoft\Windows\CurrentVersion\SharedDlls" refers to invalid object "C:\WINDOWS\SYSTEM\smooths.dll". Action Taken: No Action Taken.
11: Fri Jun 24 13:08:16 2005 => Entry "HKCR\CLSID\{D3B1DE00-6B94-1069-8754-08002B2BD64F}" refers to invalid object "C:\WINDOWS\SYSTEM\disktool.dll". Action Taken: No Action Taken.
12: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{438B8ECD-AD2A-11D1-ADEB-0000F87734F0}" refers to invalid object "C:\PROGRAMME\INTERNET EXPLORER\CONNECTION WIZARD\TRIALOC.DLL". Action Taken: No Action Taken.
13: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{34C9990F-CBD7-11D2-AE0E-00C04FAEA83F}" refers to invalid object "C:\PROGRA~1\ONLINE~1\MSN50\OCX\MSNSETUP.DLL". Action Taken: No Action Taken.
14: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{E05592E4-C0B5-11D0-A439-00A0C9223196}" refers to invalid object "ksqmf.ax". Action Taken: No Action Taken.
15: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{7865A9A1-33A8-11d0-BED9-00A02468FAB6}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\BRPREF32.DLL". Action Taken: No Action Taken.
16: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{543EC0D0-6AB7-11d0-BF56-00A02468FAB6}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\BRPREF32.DLL". Action Taken: No Action Taken.
17: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{543EC0D1-6AB7-11d0-BF56-00A02468FAB6}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\BRPREF32.DLL". Action Taken: No Action Taken.
18: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{2D0A7D70-748C-11d0-9705-00805F8AA8B8}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\EDPREF32.DLL". Action Taken: No Action Taken.
19: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{E8D6B4F0-8B58-11d0-9B63-00805F8ADDDE}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\MNPREF32.DLL". Action Taken: No Action Taken.
20: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{DDF4AB60-8B84-11d0-9B63-00805F8ADDDE}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\MNPREF32.DLL". Action Taken: No Action Taken.
21: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{CC3E2871-43CA-11d0-B6D8-00805F8ADDDE}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\MNPREF32.DLL". Action Taken: No Action Taken.
22: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{CC3E2872-43CA-11d0-B6D8-00805F8ADDDE}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\MNPREF32.DLL". Action Taken: No Action Taken.
23: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{C98D0190-7D81-11d0-BF8D-00A02468FAB6}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\BRPREF32.DLL". Action Taken: No Action Taken.
24: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{37B601C0-8AC8-11d0-83AF-00805F8A274D}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\BRPREF32.DLL". Action Taken: No Action Taken.
25: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{913A4A20-8EBF-11d0-BFAB-00A02468FAB6}" refers to invalid object "C:\PROGRA~1\NETSCAPE\COMMUN~1\PROGRAM\BRPREF32.DLL". Action Taken: No Action Taken.
26: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{99180163-DA16-101A-935C-444553540000}" refers to invalid object "recncl.dll". Action Taken: No Action Taken.
27: Fri Jun 24 13:08:17 2005 => Entry "HKCR\CLSID\{BB7DF450-F119-11CD-8465-00AA00425D90}" refers to invalid object "C:\Programme\Microsoft Office\Office\". Action Taken: No Action Taken.
28: Fri Jun 24 13:08:18 2005 => Entry "HKCR\CLSID\{87237560-4332-11d3-B319-0050047402CB}" refers to invalid object "WocShell.dll". Action Taken: No Action Taken.
29: Fri Jun 24 13:08:18 2005 => Entry "HKCR\CLSID\{743DFC10-5096-11d3-B338-0050047402CB}" refers to invalid object "WocShell.dll". Action Taken: No Action Taken.
30: Fri Jun 24 13:08:19 2005 => Entry "HKCR\CLSID\{0A8B9470-3921-11D3-B1AB-0080C84E9C15}" refers to invalid object "C:\PROGRAMME\CYBERLINK\POWERDVD\CLINET.DLL". Action Taken: No Action Taken.
31: Fri Jun 24 13:08:19 2005 => Entry "HKCR\CLSID\{82CCD3E0-F71A-11D0-9FE5-00609778AAAA}" refers to invalid object "C:\WINDOWS\SYSTEM\DIVX_C32.AX". Action Taken: No Action Taken.
32: Fri Jun 24 13:08:19 2005 => Entry "HKCR\CLSID\{598EBA02-B49A-11D2-A1C1-00609778AAAA}" refers to invalid object "C:\WINDOWS\SYSTEM\DIVX_C32.AX". Action Taken: No Action Taken.
33: Fri Jun 24 13:08:19 2005 => Entry "HKCR\CLSID\{075BB8A1-B7D8-11D2-A1C6-00609778AAAA}" refers to invalid object "C:\WINDOWS\SYSTEM\DIVX_C32.AX". Action Taken: No Action Taken.
34: Fri Jun 24 13:08:19 2005 => Entry "HKCR\CLSID\{C55A1680-CD5A-11CF-8D29-444553540000}" refers to invalid object "C:\PROGRAMME\GDIVX PLAYER\REGOBJ.DLL". Action Taken: No Action Taken.
35: Fri Jun 24 13:08:19 2005 => Entry "HKCR\CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A}" refers to invalid object "C:\BDE\NPBDPLAY2.DLL". Action Taken: No Action Taken.
36: Fri Jun 24 13:08:19 2005 => Entry "HKCR\CLSID\{FACF11A2-5095-11D3-A9DE-00C0268E5C48}" refers to invalid object "E:\PROJEKTE\CD_ROM\ENERGIE DER ZUKUNFT\RUNTIME\MDXEMUL.MOM". Action Taken: No Action Taken.
37: Fri Jun 24 13:08:19 2005 => Entry "HKCR\CLSID\{86FC1FD1-BCF3-11D1-B76F-58BB04C10000}" refers to invalid object "E:\PROJEKTE\CD_ROM\BERLIN2000\RUNTIME\RDXEMUL.MOM". Action Taken: No Action Taken.
38: Fri Jun 24 13:08:19 2005 => Entry "HKCR\CLSID\{86FC1FD3-BCF3-11D1-B76F-58BB04C10000}" refers to invalid object "E:\PROJEKTE\CD_ROM\BERLIN2000\RUNTIME\RDXEMUL.MOM". Action Taken: No Action Taken.
39: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{972DE6C2-8B09-11D2-B652-A1FD6CC34260}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
40: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{6CFC9BA2-FE87-11D2-9DCF-ED29FAFE371D}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
41: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{4F7AE601-0142-11D3-9DCF-89BE4EFB591E}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
42: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{322982E1-0855-11D3-9DCF-DDFB3AB09E18}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
43: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{83C2D7A1-0DE6-11D3-9DCF-9423F1B2561C}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
44: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{53FA8D41-2CDD-11D3-9DD0-D3CD4078982A}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
45: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{53FA8D47-2CDD-11D3-9DD0-D3CD4078982A}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
46: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{53FA8D4A-2CDD-11D3-9DD0-D3CD4078982A}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
47: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{53FA8D4D-2CDD-11D3-9DD0-D3CD4078982A}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
48: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{53FA8D44-2CDD-11D3-9DD0-D3CD4078982A}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
49: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{EE11629C-36DF-11D3-9DD0-89D6DBBBA800}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
50: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{CA478DA1-3920-11D3-9DD0-8067E4A06603}" refers to invalid object "C:\WINDOWS\SYSTEM\ACTIVESKIN.OCX". Action Taken: No Action Taken.
51: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{FBE840E5-13A5-4cff-B2A9-4D1E64A17FF2}" refers to invalid object "D:\PLAYER\WMMP.EXE". Action Taken: No Action Taken.
52: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{F4C6D6E0-A8FB-4281-BE24-1662D646FE2B}" refers to invalid object "D:\PLAYER\WMMP.EXE". Action Taken: No Action Taken.
53: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{D98E820F-6ACD-4dc0-921E-9841E3D8B4A7}" refers to invalid object "D:\PLAYER\WMMP.EXE". Action Taken: No Action Taken.
54: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{D3796116-94D3-4009-96D7-51578411CC7D}" refers to invalid object "C:\PROGRA~1\AGNITUM\OUTPOS~1.0\OSHDLR.DLL". Action Taken: No Action Taken.
55: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{C355883F-A677-11d3-A773-00C04F68F44E}" refers to invalid object "C:\Programme\Sonic Foundry\Shared Plug-Ins\File Formats\commp3.dll". Action Taken: No Action Taken.
56: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{D2636D9A-A677-11d3-A773-00C04F68F44E}" refers to invalid object "C:\Programme\Sonic Foundry\Sound Forge 5.0\frgkrn.dll". Action Taken: No Action Taken.
57: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0}" refers to invalid object "C:\PROGRAM FILES\RXTOOLBAR\RXTOOLBAR.DLL". Action Taken: No Action Taken.
58: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}" refers to invalid object "C:\PROGRAMME\NEED2FIND\BAR\1.BIN\ND2FNBAR.DLL". Action Taken: No Action Taken.
59: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{4D1C4E89-A32A-416b-BCDB-33B3EF3617D3}" refers to invalid object "C:\PROGRAMME\NEED2FIND\BAR\1.BIN\ND2FNBAR.DLL". Action Taken: No Action Taken.
60: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{4D1C4E8B-A32A-416b-BCDB-33B3EF3617D3}" refers to invalid object "C:\PROGRAMME\NEED2FIND\BAR\1.BIN\ND2FNBAR.DLL". Action Taken: No Action Taken.
61: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{630D6140-04C5-4db0-B27A-020D766FF09B}" refers to invalid object "C:\PROGRAMME\NEED2FIND\BAR\1.BIN\ND2FNBAR.DLL". Action Taken: No Action Taken.
62: Fri Jun 24 13:08:20 2005 => Entry "HKCR\CLSID\{B7156514-A76C-4545-9D5B-A4E1D02C7AEC}" refers to invalid object "C:\PROGRAMME\KAZAA\TOPSEARCH.DLL". Action Taken: No Action Taken.
63: Fri Jun 24 13:08:21 2005 => Entry "HKCR\Overview.Document" refers to invalid object "{DA23B9C9-6893-11D0-8534-00C04FD7AD0C}". Action Taken: No Action Taken.
64: Fri Jun 24 13:08:23 2005 => Entry "HKCR\mapifvbx.object.1" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
65: Fri Jun 24 13:08:23 2005 => Entry "HKCR\mapifvbx.object" refers to invalid object "{41116C00-8B90-101B-96CD-00AA003B14FC}". Action Taken: No Action Taken.
66: Fri Jun 24 13:08:23 2005 => Entry "HKCR\MailFileAtt" refers to invalid object "{00020D05-0000-0000-C000-000000000046}". Action Taken: No Action Taken.
67: Fri Jun 24 13:08:23 2005 => Entry "HKCR\ActMsg.Session" refers to invalid object "{3FA7DEB3-6438-101B-ACC1-00AA00423326}". Action Taken: No Action Taken.
68: Fri Jun 24 13:08:24 2005 => Entry "HKCR\VX2.VX2Obj.1" refers to invalid object "{00000000-5eb9-11d5-9d45-009027c14662}". Action Taken: No Action Taken.
69: Fri Jun 24 13:08:24 2005 => Entry "HKCR\VX2.VX2Obj" refers to invalid object "{00000000-5eb9-11d5-9d45-009027c14662}". Action Taken: No Action Taken.
70: Fri Jun 24 13:08:25 2005 => Entry "HKCR\CorelDRAW.StateChartObject.10" refers to invalid object "{88B40185-1463-11d4-B6C3-009027912773}". Action Taken: No Action Taken.
71: Fri Jun 24 13:08:25 2005 => Entry "HKCR\CorelDRAW.StateChartObject" refers to invalid object "{88B40185-1463-11d4-B6C3-009027912773}". Action Taken: No Action Taken.
72: Fri Jun 24 13:08:27 2005 => Entry "HKCR\ADM25.ADM25.1" refers to invalid object "{1D3BCE37-7834-4579-8169-E67681420A98}". Action Taken: No Action Taken.
73: Fri Jun 24 13:08:27 2005 => Entry "HKCR\ADM4.ADM4.1" refers to invalid object "{DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2}". Action Taken: No Action Taken.
74: Fri Jun 24 13:43:22 2005 => Result: ERROR!!! File C:\Programme\wzip80g.exe is Not Scanned

--------------------------------------------------
-------- DATEIEN ZUM LÖSCHEN HINZUGEFÜGT ---------
--------------------------------------------------

1: C:\Programme\kazaa_lite_171_deutsch.exe => tagged:Tool.Win32.Reboot.
2: C:\Programme\ow32dede512j.exe => tagged:Tool.Win32.Reboot.
3: C:\Programme\Opera\UnInst\UNWISE.EXE => tagged:Tool.Win32.Reboot.
4: C:\Programme\Morpheus\setupmorph.exe => tagged:Tool.Win32.Reboot.
5: C:\Programme\Zone Labs\ZoneAlarm\zauninst.exe => tagged:Tool.Win32.Reboot.
6: C:\Programme\Zone Labs\zlsSetup_55_094_000.exe => tagged:Tool.Win32.Reboot.
7: C:\Programme\Acoustica-MP3-CD-Burner-Installer-aff_7255.exe => tagged:Tool.Win32.Reboot.
8: C:\Programme\OutpostInstall.exe => tagged:Tool.Win32.Reboot.
9: C:\Programme\zaSetup_37_159.exe => tagged:Tool.Win32.Reboot.
10: C:\Programme\DivX505Bundle.exe => tagged:Tool.Win32.Reboot.
11: C:\Programme\Microsoft Nachschlagewerke\Encarta Enzyklopädie\UNINST32.EXE => tagged:Tool.Win32.Reboot.
12: C:\UNWISE.EXE => tagged:Tool.Win32.Reboot.

--------------------------------------------------
-------------------- Statistik -------------------
--------------------------------------------------

Fri Jun 24 13:56:08 2005 => Total Objects Scanned: 58956
Fri Jun 24 13:56:08 2005 => Total Virus(es) Found: 41
Fri Jun 24 13:56:08 2005 => Total Errors: 74
Fri Jun 24 13:56:08 2005 => Virus Database Date: 2005/06/24
Fri Jun 24 13:56:08 2005 => Virus Database Count: 136201
Fri Jun 24 13:57:47 2005 => Virus Database Date: 2005/06/24
Fri Jun 24 13:57:47 2005 => Virus Database Count: 136201

Alt 24.06.2005, 13:37   #2
Chris14
 

eScan log file - Standard

eScan log file



ok jetzt fehlt noch ein HJT-Logfile. Erstelle eins wie es hier beschrieben ist und poste es.

-Nebenbei solltest du diese dateien löschen:
wenn du über modem drin bist speichere die datei plugin.exe im ordner c:\windows\system32 auf diskette zwecks beweissicherung ansonsten kann die datei gelöscht werden
-lade dir clearprog runter und installiere es.
-starte clearprog im abgesicherten modus, setze haken bei "alles löschen", bestätigung mit löschen
-deinstalliere new.net über start/einstellungen/systemsteuerung/software und repariere notfalls mit lspfix deine winsocks.
(lspfix starten, auf remove klicken)
-lösche dann die ordner C:\WINDOWS\bde\ und C:\Programme\NewDotNet\


ich sehe auch, dass du kazaa installiert hast. es ist eine malwareschleuder wobei es auchnoch lite versionen davon gibt.
__________________


Alt 24.06.2005, 14:30   #3
schneebesen
 
eScan log file - Standard

eScan log file



Danke schonmal!

hier erstmal das hjt-logfile, rest mache ich später.

gruß,

schneebesen

Logfile of HijackThis v1.99.1
Scan saved at 15:27:45, on 24.06.05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE
C:\PROGRAMME\ZONE LABS\ZONEALARM\ZONEALARM.EXE
C:\PROGRAMME\FRITZ!\IWATCH.EXE
C:\PROGRAMME\DEXXA\OPTICAL MOUSE\SCW64.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\E_S10IC2.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAMME\SMARTSURFER3.0\SMARTSURFER.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAMME\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMME\WINDOWS MEDIA PLAYER\MPLAYER2.EXE
C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\system32\search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = C:\WINDOWS\system32\searchbar.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.werder.de/index.php
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://web.de/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer bereitgestellt von Lycos Europe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMME\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAMME\AVPERSONAL\AVGCTRL.EXE /min
O4 - HKLM\..\Run: [dfueconf] C:\Programme\Eumex 504PC USB\dfueconf.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [MiniLog] C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE -service
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - Startup: Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE
O4 - Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\SYSTEM\E_SRCV02.EXE
O4 - Startup: ISDNWatch.lnk = C:\Programme\FRITZ!\IWatch.exe
O4 - Startup: Dexxa Optical Mouse.lnk = C:\Programme\Dexxa\Optical Mouse\Scw64.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Programme\Zone Labs\ZoneAlarm\zonealarm.exe
__________________

Antwort

Themen zu eScan log file
c:\windows\temp, check, computer, confused, cyberlink, dateien, escan, explorer, file, infected, install.exe, internet, internet explorer, log, log file, microsoft, msn, object, office, online, opera, plug-ins, problem, programme, registry, setup.dll, software, sound, temp, usb, warnmeldungen, windows, windows\temp



Ähnliche Themen: eScan log file


  1. Ständig POP UPS , eScan File gemacht und hier drin ! Danke
    Plagegeister aller Art und deren Bekämpfung - 23.08.2008 (3)
  2. Escan melden Befall z.B. gain.gator, winfixer, fujacks worm, HJT Log und Escan Log
    Log-Analyse und Auswertung - 04.03.2008 (8)
  3. EScan mit komischen Ergebniss. Fileinfektion gemeldet, aber File nicht vorhanden. :-/
    Plagegeister aller Art und deren Bekämpfung - 07.02.2008 (7)
  4. Mein Hijack-File. Escan fand nichts.
    Log-Analyse und Auswertung - 03.01.2008 (2)
  5. HiJackThis und eScan Log-File
    Log-Analyse und Auswertung - 27.11.2007 (7)
  6. HiJackThis Log-File und eScan - Virus Log Information. Bitte um Auswertung..
    Mülltonne - 07.11.2007 (0)
  7. escan log file, was mache ich nun?
    Log-Analyse und Auswertung - 18.04.2007 (5)
  8. Bitte um Hilfe bei Auswertung eines eScan Log-File
    Log-Analyse und Auswertung - 21.06.2006 (9)
  9. Bitte ansehen hj-file; eScan fand netster u.a.
    Log-Analyse und Auswertung - 12.06.2006 (8)
  10. Log File HJT und eScan mit 2 Meldungen
    Log-Analyse und Auswertung - 04.11.2005 (2)
  11. escan File zu "Alles neu und immer noch..."
    Log-Analyse und Auswertung - 25.07.2005 (5)
  12. eScan meldet spyware in system file
    Log-Analyse und Auswertung - 13.07.2005 (3)
  13. escan log-file
    Plagegeister aller Art und deren Bekämpfung - 18.05.2005 (1)
  14. Log file + Probleme mit Escan
    Log-Analyse und Auswertung - 30.03.2005 (3)
  15. EScan zeigt Virus, aber nicht file-Quelle
    Plagegeister aller Art und deren Bekämpfung - 28.03.2005 (1)
  16. escan file ! was ist zu tun?
    Plagegeister aller Art und deren Bekämpfung - 12.02.2005 (1)
  17. zsys.sys zapchast eScan beendet->Log file help plz
    Plagegeister aller Art und deren Bekämpfung - 30.12.2004 (4)

Zum Thema eScan log file - Hallo allerseits, mein Problem ist, dass ich den Computer zwar mit eScan gescannt habe und mit eScanCheck bzw. Killbox versucht habe zu reinigen, ich aber eine ganze Reihe von Warnmeldungen - eScan log file...
Archiv
Du betrachtest: eScan log file auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.