|
eScan Virus log Anhang 881Hallo! eScan hat ne Menge gefunden. Außredem meldet Windows iworm_attck_v122.02a Wäre sehr dankbar für Auswertung und Hilfe. Wie gehts weiter? Grüße Stephan |
Hi, Logfiles grundsätzlich per copy & paste einfügen. EScan zusammen mit einem HJT-Logfile ist auch gerne gesehen. Dann wird auch jemand das ganze anschauen. cacatoa |
Nach dem HTJ scan geht bei mir kein wordpad auf. Eine HiJackthis1.log konnte ich erstellen, aber wenn darauf doppelklicke, passiert nix. Würde ja gern das HTJ logfile posten. Ich tu mein Bestes. hier escan: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Funde für "infected" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Wed Nov 30 23:19:40 2005 => System found infected with lop.com Spyware/Adware (install.htm)! Action taken: No Action Taken. Wed Nov 30 23:19:43 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Wed Nov 30 23:19:43 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Wed Nov 30 23:19:43 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Wed Nov 30 23:19:43 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Wed Nov 30 23:19:44 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Wed Nov 30 23:19:44 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Wed Nov 30 23:19:44 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Wed Nov 30 23:19:44 2005 => System found infected with whenu.savenow Spyware/Adware (common[1].js)! Action taken: No Action Taken. Wed Nov 30 23:19:45 2005 => System found infected with cws.smartsearch Spyware/Adware (C:\WINDOWS\system32\uninstall.exe)! Action taken: No Action Taken. Wed Nov 30 23:19:46 2005 => System found infected with cws.smartsearch Spyware/Adware (C:\WINDOWS\start.exe)! Action taken: No Action Taken. Wed Nov 30 23:35:42 2005 => File C:\WINDOWS\SYSTEM32\ld8FF4.tmp infected by "Trojan-Downloader.Win32.Zlob.bl" Virus! Action Taken: No Action Taken. Wed Nov 30 23:50:04 2005 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.* Thu Dec 01 00:02:38 2005 => File C:\!KillBox\backup.cab infected by "Virus.Win32.Nsag.a" Virus! Action Taken: No Action Taken. Thu Dec 01 00:02:38 2005 => File C:\!KillBox\mssearchnet.exe infected by "Trojan-Downloader.Win32.Zlob.bo" Virus! Action Taken: No Action Taken. Thu Dec 01 00:02:39 2005 => Total Disinfected Files: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Funde für "tagged" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Wed Nov 30 23:19:01 2005 => File C:\WINDOWS\system32\svchosts.dll tagged as not-a-virus:Downloader.Win32.Spax.a. No Action Taken. Wed Nov 30 23:19:07 2005 => File C:\WINDOWS\system32\svchosts.dll tagged as not-a-virus:Downloader.Win32.Spax.a. No Action Taken. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Funde für "offending" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Wed Nov 30 23:19:37 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\audiogalaxy satellite !!! Wed Nov 30 23:19:38 2005 => Offending Key found: HKLM\Software\kazaa !!! Wed Nov 30 23:19:38 2005 => Offending Key found: HKCU\Software\kazaa !!! Wed Nov 30 23:19:38 2005 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\time zones !!! Wed Nov 30 23:19:40 2005 => Offending Folder found: C:\WINDOWS\DOWNLO~1\conflict.1 Wed Nov 30 23:19:40 2005 => Offending file found: C:\Programme\install.htm Wed Nov 30 23:19:43 2005 => Offending file found: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\temporary internet files\content.ie5\0mxafny0\common[1].js Wed Nov 30 23:19:43 2005 => Offending file found: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\temporary internet files\content.ie5\aa0hlmj2\common[1].js Wed Nov 30 23:19:43 2005 => Offending file found: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\temporary internet files\content.ie5\lmrdnahb\common[1].js Wed Nov 30 23:19:43 2005 => Offending file found: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\temporary internet files\content.ie5\6bovwb8j\common[1].js Wed Nov 30 23:19:44 2005 => Offending file found: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\content.ie5\0mxafny0\common[1].js Wed Nov 30 23:19:44 2005 => Offending file found: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\content.ie5\aa0hlmj2\common[1].js Wed Nov 30 23:19:44 2005 => Offending file found: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\content.ie5\lmrdnahb\common[1].js Wed Nov 30 23:19:44 2005 => Offending file found: C:\Dokumente und Einstellungen\User\Lokale Einstellungen\Temporary Internet Files\content.ie5\6bovwb8j\common[1].js Wed Nov 30 23:19:45 2005 => Offending file found: C:\WINDOWS\system32\uninstall.exe Wed Nov 30 23:19:46 2005 => Offending file found: C:\WINDOWS\start.exe ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Statistiken: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Thu Dec 01 00:02:39 2005 => Total Virus(es) Found: 21 Thu Dec 01 00:02:39 2005 => Total Errors: 179 Thu Dec 01 00:02:39 2005 => Time Elapsed: 00:43:41 Thu Dec 01 00:02:39 2005 => Total Objects Scanned: 39694 Thu Dec 01 00:02:39 2005 => Virus Database Date: 2005/11/28 Thu Dec 01 00:03:12 2005 => Virus Database Date: 2005/11/28 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~ © Haui ;-) ~~~~~~~ ~~~~~~~ Dank an Cidre ~~~~~~~ |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 16:38 Uhr. |
Copyright ©2000-2025, Trojaner-Board