Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Bitte Analyse von Virus log Information (https://www.trojaner-board.de/26115-bitte-analyse-virus-log-information.html)

Lavone 22.01.2006 20:42
Bitte Analyse von Virus log Information
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "infected"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sun Jan 22 19:31:12 2006 => File C:\WINDOWS\atlhu.dll infected by "Trojan-Downloader.Win32.Agent.bc" Virus! Action Taken: No Action Taken.
Sun Jan 22 19:31:23 2006 => File C:\WINDOWS\atlhu.exe infected by "Trojan-Downloader.Win32.Agent.td" Virus! Action Taken: No Action Taken.
Sun Jan 22 19:31:24 2006 => File C:\WINDOWS\system32\netaa32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jan 22 19:31:45 2006 => System found infected with bearshare Spyware/Adware ({558ec983-bedb-9168-b2de-31dbf0ee543e})! Action taken: No Action Taken.
Sun Jan 22 19:31:46 2006 => System found infected with cws.homesearch Browser Hijacker ({676575dd-4d46-911d-8037-9b10d6ee8bb5})! Action taken: No Action Taken.
Sun Jan 22 19:31:46 2006 => System found infected with bearshare Spyware/Adware ({9f95f736-0f62-4214-a4b4-caa6738d4c07})! Action taken: No Action Taken.
Sun Jan 22 19:31:46 2006 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sun Jan 22 19:31:46 2006 => System found infected with bearshare Spyware/Adware ({5f95e1af-2620-4f15-bdf9-7fdce4607e17})! Action taken: No Action Taken.
Sun Jan 22 19:31:46 2006 => System found infected with bearshare Spyware/Adware ({905d0df2-3a0a-4d94-853c-54a12a745905})! Action taken: No Action Taken.
Sun Jan 22 19:31:46 2006 => System found infected with whenu.savenow Spyware/Adware ({c285d18d-43a2-4aef-83fb-bf280e660a97})! Action taken: No Action Taken.
Sun Jan 22 19:31:46 2006 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken.
Sun Jan 22 19:31:48 2006 => System found infected with smitfraud variant Browser Hijacker (warnhp.html)! Action taken: No Action Taken.
Sun Jan 22 19:31:58 2006 => System found infected with smartfinder Spyware/Adware (search the web.url)! Action taken: No Action Taken.
Sun Jan 22 19:32:10 2006 => System found infected with bearshare Spyware/Adware (bearshare.lnk)! Action taken: No Action Taken.
Sun Jan 22 19:32:10 2006 => System found infected with bearshare Spyware/Adware (bearshare.lnk)! Action taken: No Action Taken.
Sun Jan 22 19:40:26 2006 => Scanning Folder: C:\Programme\AVPersonal\INFECTED\*.*
Sun Jan 22 19:40:26 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\atlbv32.VIR
Sun Jan 22 19:40:26 2006 => File C:\Programme\AVPersonal\INFECTED\atlbv32.VIR infected by "Trojan-Downloader.Win32.Agent.td" Virus! Action Taken: No Action Taken.
Sun Jan 22 19:40:26 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\atlqt32.VIR
Sun Jan 22 19:40:26 2006 => File C:\Programme\AVPersonal\INFECTED\atlqt32.VIR infected by "Trojan-Downloader.Win32.Agent.td" Virus! Action Taken: No Action Taken.
Sun Jan 22 19:40:26 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\FAVYE.DLL.VIR
Sun Jan 22 19:40:26 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\FJAPK.DLL.VIR
Sun Jan 22 19:40:26 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\JHMJJ.DLL.001
Sun Jan 22 19:40:27 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\JHMJJ.DLL.002
Sun Jan 22 19:40:27 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\JHMJJ.DLL.003
Sun Jan 22 19:40:27 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\JHMJJ.DLL.VIR
Sun Jan 22 19:40:27 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\KFLMA.DLL.VIR
Sun Jan 22 19:40:27 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\SDKCO.EXE.VIR
Sun Jan 22 19:40:27 2006 => File C:\Programme\AVPersonal\INFECTED\SDKCO.EXE.VIR infected by "Trojan-Downloader.Win32.Agent.td" Virus! Action Taken: No Action Taken.
Sun Jan 22 19:40:27 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\sdkco.VIR
Sun Jan 22 19:40:27 2006 => File C:\Programme\AVPersonal\INFECTED\sdkco.VIR infected by "Trojan-Downloader.Win32.Agent.td" Virus! Action Taken: No Action Taken.
Sun Jan 22 19:40:27 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\UCTZJ.DLL.VIR
Sun Jan 22 19:40:27 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\WININET.DLL.VIR
Sun Jan 22 19:40:28 2006 => File C:\Programme\AVPersonal\INFECTED\WININET.DLL.VIR infected by "Virus.Win32.Nsag.b" Virus! Action Taken: No Action Taken.
Sun Jan 22 19:40:28 2006 => Scanning File C:\Programme\AVPersonal\INFECTED\YABYT.DLL.VIR
Sun Jan 22 20:18:06 2006 => File C:\WINDOWS\mfclg32.exe infected by "Trojan.Win32.Agent.bi" Virus! Action Taken: No Action Taken.
Sun Jan 22 20:18:10 2006 => File C:\WINDOWS\n_ufobtn.log infected by "Trojan-Downloader.Win32.Agent.td" Virus! Action Taken: No Action Taken.
Sun Jan 22 20:30:55 2006 => Total Disinfected Objects: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "tagged"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sun Jan 22 19:31:24 2006 => File C:\Programme\Save\Save.exe tagged as "not-a-virus:AdWare.Win32.SaveNow.br". Action Taken: No Action Taken.
Sun Jan 22 19:34:50 2006 => File C:\Dokumente und Einstellungen\Melissa\Eigene Dateien\BSINSTALLDE.exe tagged as "not-a-virus:AdWare.Win32.SaveNow.z". Action Taken: No Action Taken.
Sun Jan 22 19:40:46 2006 => File C:\Programme\BearShare\Installer\BSINSTALLDE.exe tagged as "not-a-virus:AdWare.Win32.SaveNow.z". Action Taken: No Action Taken.
Sun Jan 22 19:40:46 2006 => File C:\Programme\BearShare\Installer\saveinstwm.exe tagged as "not-a-virus:AdWare.Win32.SaveNow.z". Action Taken: No Action Taken.
Sun Jan 22 20:08:12 2006 => File C:\Programme\Save\SaveUninst.exe tagged as "not-a-virus:AdWare.Win32.SaveNow.bt". Action Taken: No Action Taken.
Sun Jan 22 20:08:12 2006 => File C:\Programme\Save\saveupdate.exe tagged as "not-a-virus:AdWare.Win32.SaveNow.bo". Action Taken: No Action Taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Funde für "offending"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sun Jan 22 19:31:47 2006 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\bearshare !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\hsa !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\se !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\sw !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\uninstall\whenusavemsg !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKCU\appevents\eventlabels\bearsharechatnotifymsg !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKCU\appevents\schemes\apps\bearshare !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKLM\Software\magnet\handlers\bearshare !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKLM\Software\bearshare !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKLM\Software\whenusave !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKLM\Software\winhound.com !!!
Sun Jan 22 19:31:47 2006 => Offending Key found: HKCU\Software\whenu !!!
Sun Jan 22 19:31:47 2006 => Offending value found in HKCU\Software\Microsoft\Windows\CurrentVersion\Run: whenusave !!!
Sun Jan 22 19:31:47 2006 => Offending value found in HKLM\Software\Licenses: {i56b3cf0d9ab991e1} !!!
Sun Jan 22 19:31:47 2006 => Offending value found in HKLM\Software\Licenses: {056b3cf0d9ab991e1} !!!
Sun Jan 22 19:31:48 2006 => Offending file found: C:\WINDOWS\warnhp.html
Sun Jan 22 19:31:49 2006 => Offending Folder found: C:\Programme\bearshare
Sun Jan 22 19:31:49 2006 => Offending Folder found: C:\Programme\save
Sun Jan 22 19:31:49 2006 => Offending Folder found: C:\Programme\winhound
Sun Jan 22 19:31:57 2006 => Offending Folder found: C:\Dokumente und Einstellungen\...\Anwendungsdaten\winhound.com
Sun Jan 22 19:31:58 2006 => Offending file found: C:\Dokumente und Einstellungen\...\Favoriten\search the web.url
Sun Jan 22 19:31:58 2006 => Offending Folder found: C:\Dokumente und Einstellungen\...\Favoriten\sites about
Sun Jan 22 19:32:00 2006 => Offending Folder found: C:\Dokumente und Einstellungen\...\Startmenü\programme\whenu
Sun Jan 22 19:32:01 2006 => Offending Folder found: C:\Dokumente und Einstellungen\...\Startmenü\Programme\whenu
Sun Jan 22 19:32:10 2006 => Offending file found: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\bearshare.lnk
Sun Jan 22 19:32:10 2006 => Offending file found: C:\Dokumente und Einstellungen\All Users\Startmenü\programme\bearshare.lnk
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sun Jan 22 20:30:55 2006 => Total Objects Scanned: 69893
Sun Jan 22 20:30:55 2006 => Total Critical Objects: 50
Sun Jan 22 20:30:55 2006 => Total Disinfected Objects: 0
Sun Jan 22 20:30:55 2006 => Total Deleted Objects: 0
Sun Jan 22 20:30:55 2006 => Total Errors: 66
Sun Jan 22 20:30:55 2006 => Time Elapsed: 00:59:59
Sun Jan 22 19:30:40 2006 => Virus Database Date: 1/16/2006
Sun Jan 22 20:30:55 2006 => Virus Database Date: 1/16/2006
Sun Jan 22 20:31:16 2006 => Virus Database Date: 1/16/2006
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~ © Haui ;-) ~~~~~~~
~~~~~~~ Dank an Cidre ~~~~~~~

hoerni26 23.01.2006 12:04
hallo,

da du unter anderem einen trojaner mit backdoor funktion auf deinem system hast rate ich dire dein system nach anleitung in meiner signatur neu aufzusetzen.
da es bei einem solchen trojaner keine sonstige sichere lösung gibt..

Lavone 23.01.2006 16:24
hmm davon hab ich nicht so viel Ahnung...
Gibt es denn nicht erstmal ne andere LÖsung, bis ich jemanden gefunden habe, der mir das neu aufsetzt?


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:16 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19