|
Log-Analyse und Auswertung: Kann mir jemand dieses Logfile untersuchen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
16.04.2005, 20:37 | #1 |
| Kann mir jemand dieses Logfile untersuchen? Hallo zusammen... hier wäre das Logfile.. Ich bin ziemlich ratlos, und freue mich auf jede Art von Unterstützung: Logfile of HijackThis v1.99.1 Scan saved at 21:34:43, on 16.04.2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe E:\Programme\Stardock\Object Desktop\WindowBlinds\wbload.exe E:\Antivir\AVGUARD.EXE C:\WINDOWS\system32\Ati2evxx.exe E:\Antivir\AVWUPSRV.EXE C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe C:\Programme\Gemeinsame Dateien\WinTools\WSup.exe C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Gemeinsame Dateien\WinTools\WToolsA.exe D:\firefox.exe C:\Programme\McAfee.com\Agent\mcagent.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe c:\progra~1\mcafee.com\vso\mcvsescn.exe c:\programme\mcafee.com\vso\mcvsshld.exe c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe c:\PROGRA~1\mcafee.com\vso\mcshield.exe c:\windows\system32\hmxniyp.exe C:\PROGRA~1\Toolbar\PIB.exe C:\WINDOWS\Explorer.exe C:\PROGRA~1\Toolbar\TBPS.exe D:\GuitarPro4\GP4.exe C:\Programme\MSN Messenger\msnmsgr.exe c:\progra~1\mcafee.com\vso\mcvsftsn.exe C:\Programme\Messenger\msmsgs.exe C:\Programme\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe C:\PROGRA~1\WINZIP\winzip32.exe C:\Dokumente und Einstellungen\Herceg\Lokale Einstellungen\Temp\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - Default URLSearchHook is missing F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll (file missing) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: BolgerObj Class - {302A3240-4805-4a34-97D7-1645A0B08410} - C:\WINDOWS\Bolger.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1\GEMEIN~1\WinTools\WToolsB.dll O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\system32\nsf16.dll O2 - BHO: {92E1B3F7-0546-421E-9835-904D25B7BA66} - {C4F147D7-BF25-488E-A12B-EFD43E7029BF} - C:\WINDOWS\system32\winvbie.dll O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\ycomp5_5_7_0.dll (file missing) O3 - Toolbar: VisuExplorer - {92E1B3F7-0546-421E-9835-904D25B7BA66} - C:\WINDOWS\system32\msiev32.dll O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe" O4 - HKLM\..\Run: [MCAgentExe] "c:\PROGRA~1\mcafee.com\agent\mcagent.exe" O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\McAfee.com\Agent\McUpdate.exe O4 - HKLM\..\Run: [MPFExe] "C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe" O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Programme\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Programme\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [AudioHQ] "d:\SoundBlaster\AudioHQ\AHQTB.EXE" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.5.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [Gainward] "C:\WINDOWS\TBPanel.exe " /A O4 - HKLM\..\Run: [ATIPTA] "C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [BootSkin Startup Jobs] "E:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs O4 - HKLM\..\Run: [LogonStudio] "E:\Programme\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM O4 - HKLM\..\Run: [QuickTime Task] "E:\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] "C:\WINDOWS\system32\NeroCheck.exe" O4 - HKLM\..\Run: [AVGCtrl] "E:\Antivir\AVGNT.EXE" /min O4 - HKLM\..\Run: [McRegWiz] c:\PROGRA~1\mcafee.com\agent\mcregwiz.exe /autorun O4 - HKLM\..\Run: [uzkwbx] c:\windows\system32\hmxniyp.exe O4 - HKLM\..\Run: [TBPS] C:\PROGRA~1\Toolbar\TBPS.exe O4 - HKLM\..\Run: [WinTools] C:\PROGRA~1\GEMEIN~1\WinTools\WToolsA.exe O4 - HKLM\..\RunOnce: [WinTools] C:\PROGRA~1\GEMEIN~1\WinTools\WToolsA.exe /boot O4 - HKLM\..\RunOnce: [TBPS] C:\PROGRA~1\Toolbar\TBPS.exe /boot O4 - HKCU\..\Run: [Free Download Manager] "C:\Programme\Free Download Manager\fdm.exe " -autorun O4 - HKCU\..\Run: [MsnMsgr] "C:\Programme\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [CursorXP] "E:\Programme\Stardock\CursorXP.exe" O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Microsoft Office.lnk = E:\Microsoft Office XP\Office10\OSA.EXE O8 - Extra context menu item: &Yahoo! Search - file:///C:\Programme\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Programme\Free Download Manager\dlall.htm O8 - Extra context menu item: Download by Free Download Manager - file://C:\Programme\Free Download Manager\dllink.htm O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Programme\Free Download Manager\dlselected.htm O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Programme\Free Download Manager\dlpage.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Programme\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Programme\Yahoo!\Common/ycdict.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\npjpi150_02.dll O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programme\Yahoo!\Messenger\yhexbmes0521.dll (file missing) O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\Programme\Yahoo!\Messenger\yhexbmes0521.dll (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe O12 - Plugin for .mpg: C:\Programme\Internet Explorer\PLUGINS\npqtplugin3.dll O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab31267.cab O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/sh...3/mcinsctl.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary...o.cab32846.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/sh...20/mcgdmgr.cab O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab O20 - Winlogon Notify: WB - E:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - E:\Antivir\AVGUARD.EXE O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - E:\Antivir\AVWUPSRV.EXE O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe Mein Computer spielt verrückt... wenn ich im Taskmanager die Datei Toolbarsearch (TBS) beende, bildet sich einfach ein neuer TBS Prozess... so geht das schon die ganze Zeit... bitte helft mir! Gruss Slash |
16.04.2005, 21:23 | #2 |
| Kann mir jemand dieses Logfile untersuchen? Hallo Slash,
__________________führe bitte dies mal aus: 1. Downloade Dir escan und befolge genau diese Anleitung (Ordner „C:{base“ erstellen, die „mwav.exe“ dorthin entpacken, mit „kavupd.exe“ updaten. Scan IM ABGESICHERTEN MODUS dauert etwa eine Stunde), http://www.systemwiederherstellung-d...indows-xp.html 2. starte nach dem Scan wieder in den normalen Modus dauert, 3. öffne die Datei "mwav.log", klicke auf "bearbeiten" danach auf "suchen" 4. gebe dann "infected" ein, 5. suche weiter bei Treffern, markiere diese und kopiere sie ins Forum, 6. neben den Treffern auch das Gesamtergebnis (befindet sich ganz unter im Logfile) posten. Beispiel: Wed Feb 02 19:48:56 2005 => Total Files Scanned: Wed Feb 02 19:48:56 2005 => Total Virus(es) Found: . . . . dartus
__________________ |
17.04.2005, 02:30 | #3 |
| e-scan Auswertung Die Instruktionen hab ich umgesetzt, hier ist das Resultat:
__________________Sat Apr 16 23:42:44 2005 => File C:\PROGRA~1\GEMEIN~1\WinTools\WToolsB.dll infected by "not-a-virus:AdWare.Wintol.y" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:46 2005 => File C:\PROGRA~1\Toolbar\TBPS.exe infected by "not-a-virus:AdWare.WebSearch.af" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:46 2005 => File c:\Programme\Toolbar\common.dll infected by "not-a-virus:AdWare.WebSearch.ae" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:47 2005 => File C:\PROGRA~1\Toolbar\PIB.exe infected by "not-a-virus:AdWare.WebSearch.af" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:47 2005 => File C:\PROGRA~1\GEMEIN~1\WinTools\WToolsA.exe infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:47 2005 => File C:\PROGRA~1\GEMEIN~1\WinTools\WSup.exe infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:49 2005 => File C:\WINDOWS\system32\msiev32.dll infected by "not-a-virus:AdWare.ToolBar.Visua.a" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:49 2005 => File C:\WINDOWS\Bolger.dll infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:50 2005 => File C:\PROGRA~1\GEMEIN~1\WinTools\WToolsB.dll infected by "not-a-virus:AdWare.Wintol.y" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:50 2005 => File C:\WINDOWS\system32\nsf16.dll infected by "not-a-virus:AdWare.Beginto.c" Virus. Action Taken: No Action Taken. Sat Apr 16 23:42:50 2005 => File C:\WINDOWS\system32\winvbie.dll infected by "not-a-virus:AdWare.ToolBar.Visua.a" Virus. Action Taken: No Action Taken. Sat Apr 16 23:43:03 2005 => File C:\PROGRA~1\Toolbar\TBPS.exe infected by "not-a-virus:AdWare.WebSearch.af" Virus. Action Taken: No Action Taken. Sat Apr 16 23:43:03 2005 => File C:\PROGRA~1\GEMEIN~1\WinTools\WToolsA.exe infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken. Sat Apr 16 23:43:03 2005 => File c:\windows\system32\iqhpwcl.exe infected by "Trojan.Win32.Agent.cp" Virus. Action Taken: No Action Taken. Sat Apr 16 23:43:16 2005 => File C:\WINDOWS\svcproc.exe infected by "Trojan.Win32.Stervis.b" Virus. Action Taken: No Action Taken. Sat Apr 16 23:43:18 2005 => System found infected with BearShare Spyware/Adware ({905d0df2-3a0a-4d94-853c-54a12a745905})! Action taken: No Action Taken. Sat Apr 16 23:43:18 2005 => File System Found infected by "BearShare Spyware/Adware" Virus. Action Taken: No Action Taken. Sat Apr 16 23:43:18 2005 => File System Found infected by "BearShare Spyware/Adware" Virus. Action Taken: No Action Taken. Sat Apr 16 23:43:18 2005 => File System Found infected by "BearShare Spyware/Adware" Virus. Action Taken: No Action Taken. Sat Apr 16 23:43:18 2005 => System found infected with bearshare Spyware/Adware! Action taken: No Action Taken. Sat Apr 16 23:43:18 2005 => File System Found infected by "bearshare Spyware/Adware" Virus. Action Taken: No Action Taken. Sat Apr 16 23:43:34 2005 => File C:\WINDOWS\rsddba.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Sat Apr 16 23:44:19 2005 => File C:\WINDOWS\system32\hmxniyp.exe infected by "Trojan.Win32.Agent.cp" Virus. Action Taken: No Action Taken. Sat Apr 16 23:44:20 2005 => File C:\WINDOWS\system32\hochkaod3.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken. Sat Apr 16 23:45:03 2005 => File C:\WINDOWS\system32\nsz12.dll infected by "not-a-virus:AdWare.Beginto.c" Virus. Action Taken: No Action Taken. Sat Apr 16 23:45:20 2005 => File C:\WINDOWS\system32\q17i9a4j.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken. Sat Apr 16 23:46:04 2005 => File C:\DOKUME~1\Herceg\LOKALE~1\Temp\1.exe infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken. Sat Apr 16 23:46:38 2005 => File C:\DOKUME~1\Herceg\LOKALE~1\Temp\II10.tmp infected by "not-a-virus:AdWare.Beginto.c" Virus. Action Taken: No Action Taken. Sat Apr 16 23:46:38 2005 => File C:\DOKUME~1\Herceg\LOKALE~1\Temp\II4B.tmp infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Sun Apr 17 00:20:20 2005 => File C:\DOKUME~1\Herceg\LOKALE~1\Temp\nsf6.tmp\new_net.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken. Sun Apr 17 00:20:24 2005 => File C:\DOKUME~1\Herceg\LOKALE~1\Temp\setup4002b.cab infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken. Sun Apr 17 00:20:58 2005 => File C:\DOKUME~1\Herceg\LOKALE~1\Temp\VVSNInst.exe infected by "not-a-virus:AdWare.Whenu.a" Virus. Action Taken: No Action Taken. Sun Apr 17 00:22:26 2005 => File C:\DOKUME~1\Herceg\LOKALE~1\TEMPOR~1\Content.IE5\49ORA5OJ\WinTS[1].cab infected by "Trojan-Downloader.Win32.Wintool.a" Virus. Action Taken: No Action Taken. Sun Apr 17 00:26:48 2005 => File C:\Dokumente und Einstellungen\Herceg\Lokale Einstellungen\Temp\1.exe infected by "not-a-virus:AdWare.Sahat.m" Virus. Action Taken: No Action Taken. Sun Apr 17 00:27:19 2005 => File C:\Dokumente und Einstellungen\Herceg\Lokale Einstellungen\Temp\II10.tmp infected by "not-a-virus:AdWare.Beginto.c" Virus. Action Taken: No Action Taken. Sun Apr 17 00:27:20 2005 => File C:\Dokumente und Einstellungen\Herceg\Lokale Einstellungen\Temp\II4B.tmp infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Sun Apr 17 01:01:15 2005 => File C:\Dokumente und Einstellungen\Herceg\Lokale Einstellungen\Temp\nsf6.tmp\new_net.exe infected by "not-a-virus:AdWare.NewDotNet" Virus. Action Taken: No Action Taken. Sun Apr 17 01:01:20 2005 => File C:\Dokumente und Einstellungen\Herceg\Lokale Einstellungen\Temp\setup4002b.cab infected by "not-a-virus:AdWare.Sahat.l" Virus. Action Taken: No Action Taken. Sun Apr 17 01:01:53 2005 => File C:\Dokumente und Einstellungen\Herceg\Lokale Einstellungen\Temp\VVSNInst.exe infected by "not-a-virus:AdWare.Whenu.a" Virus. Action Taken: No Action Taken. Sun Apr 17 01:03:24 2005 => File C:\Dokumente und Einstellungen\Herceg\Lokale Einstellungen\Temporary Internet Files\Content.IE5\49ORA5OJ\WinTS[1].cab infected by "Trojan-Downloader.Win32.Wintool.a" Virus. Action Taken: No Action Taken. Sun Apr 17 01:13:29 2005 => File C:\Programme\Gemeinsame Dateien\WinTools\WSup.exe infected by "not-a-virus:AdWare.Wintol.aa" Virus. Action Taken: No Action Taken. Sun Apr 17 01:13:30 2005 => File C:\Programme\Gemeinsame Dateien\WinTools\WToolsB.dll_tobedeleted infected by "not-a-virus:AdWare.Wintol.y" Virus. Action Taken: No Action Taken. Sun Apr 17 01:13:30 2005 => File C:\Programme\Gemeinsame Dateien\WinTools\WToolsS.exe infected by "Trojan-Downloader.Win32.Wintool.f" Virus. Action Taken: No Action Taken. Sun Apr 17 01:27:51 2005 => File C:\Programme\Toolbar\common.dll infected by "not-a-virus:AdWare.WebSearch.ae" Virus. Action Taken: No Action Taken. Sun Apr 17 01:27:51 2005 => File C:\Programme\Toolbar\PIB.exe infected by "not-a-virus:AdWare.WebSearch.af" Virus. Action Taken: No Action Taken. Sun Apr 17 01:27:51 2005 => File C:\Programme\Toolbar\TBPS.exe infected by "not-a-virus:AdWare.WebSearch.af" Virus. Action Taken: No Action Taken. Sun Apr 17 01:44:38 2005 => File C:\WINDOWS\rsddba.exe infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Sun Apr 17 01:52:11 2005 => File C:\WINDOWS\system32\hmxniyp.exe infected by "Trojan.Win32.Agent.cp" Virus. Action Taken: No Action Taken. Sun Apr 17 01:52:11 2005 => File C:\WINDOWS\system32\hochkaod3.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken. Sun Apr 17 01:52:59 2005 => File C:\WINDOWS\system32\nsz12.dll infected by "not-a-virus:AdWare.Beginto.c" Virus. Action Taken: No Action Taken. Sun Apr 17 01:53:25 2005 => File C:\WINDOWS\system32\q17i9a4j.exe infected by "not-a-virus:AdWare.Sahat.o" Virus. Action Taken: No Action Taken. Sun Apr 17 01:54:44 2005 => File C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\U72RSZ0V\thnall1ac[1].htm infected by "not-a-virus:AdWare.BetterInternet" Virus. Action Taken: No Action Taken. Sun Apr 17 02:18:08 2005 => Scanning Folder: E:\Antivir\INFECTED\*.* So das wären alle... wäre froh wenn mir jemand sagen könnte was das alles nun bedeutet... Und nun noch das Schlussergebnis: Sun Apr 17 02:56:36 2005 => ***** Scanning complete. ***** Sun Apr 17 02:56:36 2005 => Total Objects Scanned: 79476 Sun Apr 17 02:56:36 2005 => Total Virus(es) Found: 54 Sun Apr 17 02:56:36 2005 => Total Disinfected Files: 0 Sun Apr 17 02:56:36 2005 => Total Files Renamed: 0 Sun Apr 17 02:56:36 2005 => Total Deleted Objects: 0 Sun Apr 17 02:56:36 2005 => Total Errors: 328 Sun Apr 17 02:56:36 2005 => Time Elapsed: 03:10:29 Sun Apr 17 02:56:36 2005 => Virus Database Date: 2005/04/16 Sun Apr 17 02:56:37 2005 => Virus Database Count: 126266 Ach ja... zu Bear Share.. das hab ich schon längstens deinstalliert... es zeigts aber trotzdem infected an... weiss nicht was das jetzt konkret bedeutet... Bin um jede Hilfe froh und dankbar.... Gruss Slash |
Themen zu Kann mir jemand dieses Logfile untersuchen? |
.dll, ad-aware, adobe, antivir, antivir update, avgnt.exe, bho, computer, cyberlink, desktop, einstellungen, excel, explorer, file missing, firewall, free download, gainward, hijack, hijackthis, internet, internet explorer, jusched.exe, logfile, nvidia, object, software, studio, system, taskmanager, temp, urlsearchhook, windows, windows messenger, windows xp |