| |
| |||||||
Log-Analyse und Auswertung: adawareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
25.12.2005, 22:07
| #1 |
 |  adaware Was mach ich damit?? Ad-Aware SE Build 1.06r1 Logfile Created on:Montag, 26. Dezember 2005 21:52:28 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R82 19.12.2005 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):24 total references Tracking Cookie(TAC index:3):11 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 26.12.2005 21:52:28 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : C:\Dokumente und Einstellungen\Tismar\recent Description : list of recently opened documents MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\adobe\photoshop\7.0\visiteddirs Description : adobe photoshop 7 recent work folders MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\office\9.0\powerpoint\recentfolderlist Description : list of recent folders used by microsoft powerpoint MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-789336058-2052111302-839522115-1003\software\winrar\dialogedithistory\extrpath Description : winrar "extract-to" history Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 612 ThreadCreationTime : 26.12.2005 18:19:35 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 660 ThreadCreationTime : 26.12.2005 18:19:38 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 684 ThreadCreationTime : 26.12.2005 18:19:46 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 728 ThreadCreationTime : 26.12.2005 18:19:47 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Betriebssystem Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Anwendung für Dienste und Controller InternalName : services.exe LegalCopyright : © Microsoft Corporation. Alle Rechte vorbehalten. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 740 ThreadCreationTime : 26.12.2005 18:19:47 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [ati2evxx.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 904 ThreadCreationTime : 26.12.2005 18:19:48 BasePriority : Normal FileVersion : 6.14.10.4116 ProductVersion : 6.14.10.4116 ProductName : ATI External Event Utility for WindowsNT and Windows9X CompanyName : ATI Technologies Inc. FileDescription : ATI External Event Utility EXE Module InternalName : ATI2EVXX.EXE LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc. OriginalFilename : ATI2EVXX.EXE #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 928 ThreadCreationTime : 26.12.2005 18:19:48 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1000 ThreadCreationTime : 26.12.2005 18:19:48 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1092 ThreadCreationTime : 26.12.2005 18:19:48 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe |
| Themen zu adaware |
| adobe, alternate, cookie, csrss.exe, detected, download, einstellungen, explorer, free, generic, generic host, generic host process, index, internet, location, logon.exe, lsa shell, lsass.exe, microsoft, opera, photoshop, quara, s-1-5-18, scan, services.exe, software, sound, svchost.exe, system, system32, win32, windows, winlogon.exe |
Baum-Darstellung