Schädlinge nach dem Fixen trotzdem da, was tun?

memyna · 27.01.2007, 22:31

das war aber lang, aber ich habe es endlich geschafft. Hatte eine Fehlermeldung nach ner weile scannen, als ich auf ok drückte da verschwand der ganze program(eScan)...dann musste ich es noch mal machen, deswegen habe ich auch 2 logfiles.ich habe mit hilfe von suchen alles was "infected" und "tagged" beinhaltet rauskopiert...und hier das ergebnis, ich hoffe es ist richtig so...

Sat Jan 27 18:15:37 2007 => Scanning File C:\WINDOWS\system32\msasvc.exe
Sat Jan 27 18:15:37 2007 => File C:\WINDOWS\system32\msasvc.exe infected by "Trojan-PSW.Win32.Sinowal.bw" Virus! Action Taken: File Deleted.
Sat Jan 27 18:15:37 2007 => *** SYSTEM\CurrentControlSet\Services\MsaSvc has RunningProcess defined as C:\WINDOWS\system32\msasvc.exe (which is infected)!
Sat Jan 27 18:15:37 2007 => *** Reg Value SYSTEM\CurrentControlSet\Services\MsaSvc\ImagePath deleted because it is infected by a Virus
Sat Jan 27 18:15:37 2007 => *** Reg Key SYSTEM\CurrentControlSet\Services\MsaSvc deleted because ImagePath file infected by a Virus
Sat Jan 27 18:17:04 2007 => System found infected with mywebsearchemailplugin Spyware/Adware ({07b18ea9-a523-4961-b6bb-170de4475cca})! Action taken: Entries Removed.
Sat Jan 27 18:17:04 2007 => Object "mywebsearchemailplugin Spyware/Adware" found in File System! Action Taken: Entries Removed.
Sat Jan 27 18:17:04 2007 => System found infected with funweb Spyware/Adware ({0f8ecf4f-3646-4c3a-8881-8e138ffcaf70})! Action taken: Entries Removed.
Sat Jan 27 18:17:04 2007 => System found infected with funweb Spyware/Adware ({147a976f-eee1-4377-8ea7-4716e4cdd239})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with istbar Spyware/Adware ({aa8c93e1-7e5f-497e-b67c-cc8fe2a40d3b})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with funweb Spyware/Adware ({b813095c-81c0-4e40-aa14-67520372b987})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with funweb Spyware/Adware ({c9d7be3e-141a-4c85-8cd6-32461f3df2c7})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with funweb Spyware/Adware ({cff4ce82-3aa2-451f-9b77-7165605fb835})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with elitebarbho Spyware/Adware ({825cf5bd-8862-4430-b771-0c15c5ca8def})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with istbar Spyware/Adware ({2ddd90d6-f153-4ea7-a324-4b2d83d1027e})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with mediamotor Spyware/Adware ({3e4bcf50-865b-4ef4-a0bc-bf57229ea525})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with mediamotor Spyware/Adware ({64a5bd22-8d8a-4193-9cf8-7db5212abb17})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with mediamotor Spyware/Adware ({674a6bd5-317a-49cf-9647-1e085e660ce0})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with rapidblaster Spyware/Adware ({68831d00-169e-4feb-89b9-e099df439321})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with istbar Spyware/Adware ({9ce15eb5-6b39-4656-9e1f-2d219ee42e0e})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with mediamotor Spyware/Adware ({9f61cfdf-5c79-4d35-b4da-766b28367223})! Action taken: Entries Removed.
Sat Jan 27 18:17:05 2007 => System found infected with mediamotor Spyware/Adware ({ad29366c-63aa-4ff3-944f-91ad7193bca2})! Action taken: Entries Removed.
Sat Jan 27 18:17:06 2007 => System found infected with mediamotor Spyware/Adware ({e832ffde-8ed2-47b7-be50-729a238040a0})! Action taken: Entries Removed.
Sat Jan 27 18:17:12 2007 => Offending file found: C:\WINDOWS\iun6002ev.exe
Sat Jan 27 18:17:12 2007 => System found infected with proventactics Adware (iun6002ev.exe)! Action taken: Entries Removed.
Sat Jan 27 18:17:12 2007 => Object "proventactics Adware" found in File System! Action Taken: Entries Removed.
Sat Jan 27 18:17:12 2007 => Offending file found: C:\WINDOWS\smdat32a.sys
Sat Jan 27 18:17:12 2007 => System found infected with altnet Spyware/Adware (smdat32a.sys)! Action taken: Entries Removed.
Sat Jan 27 18:17:12 2007 => Object "altnet Spyware/Adware" found in File System! Action Taken: Entries Removed.
Sat Jan 27 18:17:13 2007 => Offending file found: C:\WINDOWS\DOWNLO~1\popcaploader.dll
Sat Jan 27 18:17:13 2007 => System found infected with downloader-ak Trojan-Downloader (popcaploader.dll)! Action taken: Entries Removed.
Sat Jan 27 18:17:13 2007 => Object "downloader-ak Trojan-Downloader" found in File System! Action Taken: Entries Removed.
Sat Jan 27 18:17:13 2007 => Offending Folder found: C:\WINDOWS\TEMP\altnet
Sat Jan 27 18:17:13 2007 => Deltree of Folder C:\WINDOWS\TEMP\altnet...
Sat Jan 27 18:17:13 2007 => Object "topsearch Spyware/Adware" found in File System! Action Taken: Entries Removed.
Sat Jan 27 18:17:14 2007 => Offending file found: C:\WINDOWS\system32\syspr.prx
Sat Jan 27 18:17:14 2007 => System found infected with blurax BackDoor (syspr.prx)! Action taken: Entries Removed.
Sat Jan 27 18:17:14 2007 => Object "blurax BackDoor" found in File System! Action Taken: Entries Removed.
Sat Jan 27 18:17:28 2007 => Offending file found: C:\DOKUME~1\XX\FAVORI~1\pc\PROGRA~1\cracks\NEWEAS~1.URL
Sat Jan 27 18:17:28 2007 => System found infected with begin2search Spyware/Adware (new easycracks - cracks, keygens and serials.url)! Action taken: Entries Removed.
Sat Jan 27 18:17:45 2007 => System found infected with altnetbde Spyware/Adware (adm.exe)! Action taken: Entries Removed.
Sat Jan 27 18:17:45 2007 => Object "altnetbde Spyware/Adware" found in File System! Action Taken: Entries Removed.
Sat Jan 27 18:17:45 2007 => System found infected with altnetbde Spyware/Adware (altnet signing module.exe)! Action taken: Entries Removed.
Sat Jan 27 18:17:45 2007 => Offending file found: C:\WINDOWS\system32\unrar.dll
Sat Jan 27 18:17:45 2007 => System found infected with savenow Adware (C:\WINDOWS\system32\unrar.dll)! Action taken: Entries Removed.
Sat Jan 27 18:17:46 2007 => Offending file found: C:\WINDOWS\unvise32.exe
Sat Jan 27 18:17:46 2007 => System found infected with spylax Trojan (C:\WINDOWS\unvise32.exe)! Action taken: Entries Removed.
Sat Jan 27 18:17:46 2007 => Offending file found: C:\WINDOWS\affbun.txt
Sat Jan 27 18:17:46 2007 => System found infected with medload Adware (C:\WINDOWS\affbun.txt)! Action taken: Entries Removed.
Sat Jan 27 18:17:46 2007 => Object "medload Adware" found in File System! Action Taken: Entries Removed.
Sat Jan 27 18:17:46 2007 => Offending file found: C:\WINDOWS\tempf.txt
Sat Jan 27 18:17:46 2007 => System found infected with medload Adware (C:\WINDOWS\tempf.txt)! Action taken: Entries Removed.
Sat Jan 27 18:17:46 2007 => Object "medload Adware" found in File System! Action Taken: Entries Removed.
Sat Jan 27 18:15:29 2007 => Scanning File C:\WINDOWS\Sys\Explorer.exe
Sat Jan 27 18:15:29 2007 => File C:\WINDOWS\Sys\Explorer.exe tagged as not-a-virus:Monitor.Win32.Ardamax.24. No Action Taken.
Das war das erste mal als sich das program aufhängte...und das zweite hier:

Sat Jan 27 18:54:51 2007 => Scanning File C:\Dokumente und Einstellungen\XX\Lokale Einstellungen\Anwendungsdaten\Microsoft\Messenger\XXX\SharingMetadata\infected.dat [**]
Sat Jan 27 18:54:52 2007 => Scanning File C:\Dokumente und Einstellungen\XX\Lokale Einstellungen\Anwendungsdaten\Microsoft\Messenger\XXX\SharingMetadata\infected.dat [**]
Sat Jan 27 20:15:47 2007 => File C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\ibm00002.dll infected by "Trojan-PSW.Win32.Sinowal.bh" Virus! Action Taken: File Deleted.
Sat Jan 27 21:25:24 2007 => Scanning File D:\Mix MP3\Goa\GOA Trance ( infected mushroom-Spiritual trance).mp3Sat Jan 27 21:25:24 2007 => Scanning File D:\Mix MP3\Goa\Infected Mushroom (goa - psy trance) - Devil (Final Mix).mp3
Sat Jan 27 21:25:24 2007 => Scanning File D:\Mix MP3\Goa\Infected Mushroom (goa - psy trance) - Groove.mp3
Sat Jan 27 21:25:24 2007 => Scanning File D:\Mix MP3\Goa\Infected Mushroom (goa - psy trance) - The Shen.mp3
Sat Jan 27 21:25:24 2007 => Scanning File D:\Mix MP3\Goa\Infected Mushroom (with Holymen) (goa - psy trance) - Desert Storm.mp3
Sat Jan 27 21:15:25 2007 => Scanning File C:\WINDOWS\Sys\Explorer.exe
Sat Jan 27 21:15:25 2007 => File C:\WINDOWS\Sys\Explorer.exe tagged as not-a-virus:Monitor.Win32.Ardamax.24. No Action Taken.
Sat Jan 27 21:15:25 2007 => Scanning File C:\WINDOWS\Sys\Explorer.007
Sat Jan 27 21:15:25 2007 => File C:\WINDOWS\Sys\Explorer.007 tagged as not-a-virus:Monitor.Win32.Ardamax.24. No Action Taken.
Sat Jan 27 21:15:25 2007 => Scanning File C:\WINDOWS\Sys\Explorer.006
Sat Jan 27 21:15:25 2007 => File C:\WINDOWS\Sys\Explorer.006 tagged as not-a-virus:Monitor.Win32.Ardamax.24. No Action Taken.
Sat Jan 27 19:18:53 2007 => File C:\Program Files\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Sat Jan 27 19:18:52 2007 => File C:\Program Files\mIRC\backup\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Sat Jan 27 18:26:59 2007 => File C:\WINDOWS\Sys\Explorer.exe tagged as not-a-virus:Monitor.Win32.Ardamax.24. No Action Taken.

Die roten Sachen sind lieder die heissen so...
Ich hoffe ich habe es halbwegs gut gemacht, ich habe mir echt mühe gegeben, ich kenn mich da echt zu wenig aus. Danke nochmal

Schädlinge nach dem Fixen trotzdem da, was tun?

Log-Analyse und Auswertung: Schädlinge nach dem Fixen trotzdem da, was tun?

Schädlinge nach dem Fixen trotzdem da, was tun?

Ähnliche Themen: Schädlinge nach dem Fixen trotzdem da, was tun?