| |
| |||||||
Log-Analyse und Auswertung: bitte hickjackthis.log auswertenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.08.2005, 22:31
| #6 |
 |  bitte hickjackthis.log auswerten leider klappt auch die find_alt.bat nicht, escan ist im ordner c:\bases_x ordnungsgemaess entpackt, die mwav.log wurde erstellt aber die escan_neu.txt bleibt leer. Hier also nochmal per hand die escan: Wed Aug 24 21:38:49 2005 => ********************************************************** Wed Aug 24 21:38:49 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility. Wed Aug 24 21:38:49 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc. Wed Aug 24 21:38:49 2005 => ********************************************************** Wed Aug 24 21:38:49 2005 => Version 7.0.9 (C:\BASES_X\MWAVSCAN.COM) Wed Aug 24 21:38:49 2005 => Log File: C:\BASES_X\MWAV.LOG Wed Aug 24 21:38:49 2005 => Last Scan Date and Time: 24.08.2005 20:18:15 Wed Aug 24 21:38:49 2005 => MWAV Registered: FALSE. Wed Aug 24 21:38:49 2005 => MWAV Mode: Only Scan files. Wed Aug 24 21:38:50 2005 => Latest Date of files inside MWAV: 24 Aug 2005 19:33:33. Wed Aug 24 21:38:59 2005 => AV Library Loaded... Wed Aug 24 21:38:59 2005 => MWAV doing self scanning... Wed Aug 24 21:38:59 2005 => Scanning File C:\BASES_X\kavss.exe Wed Aug 24 21:39:00 2005 => Scanning File C:\BASES_X\Getvlist.exe Wed Aug 24 21:39:01 2005 => Scanning File C:\BASES_X\kavss.dll Wed Aug 24 21:39:01 2005 => Scanning File C:\BASES_X\kavssdi.dll Wed Aug 24 21:39:01 2005 => Scanning File C:\BASES_X\kavssi.dll Wed Aug 24 21:39:01 2005 => Scanning File C:\BASES_X\kavvlg.dll Wed Aug 24 21:39:01 2005 => Scanning File C:\BASES_X\msvlclnt.dll Wed Aug 24 21:39:01 2005 => Scanning File C:\BASES_X\ipc.dll Wed Aug 24 21:39:01 2005 => Scanning File C:\BASES_X\main.avi Wed Aug 24 21:39:01 2005 => Scanning File C:\BASES_X\virus.avi Wed Aug 24 21:39:01 2005 => MWAV files are clean. Wed Aug 24 21:39:05 2005 => Virus Database Date: 2005/08/24 Wed Aug 24 21:39:05 2005 => Virus Database Count: 145419 Wed Aug 24 21:39:37 2005 => ********************************************************** Wed Aug 24 21:39:37 2005 => MicroWorld Anti Virus & Spyware Toolkit Utility. Wed Aug 24 21:39:37 2005 => Copyright © 2003-2005, MicroWorld Technologies Inc. Wed Aug 24 21:39:37 2005 => Wed Aug 24 21:39:37 2005 => Support: support@mwti.net Wed Aug 24 21:39:37 2005 => Web: http://www.mwti.net Wed Aug 24 21:39:37 2005 => ********************************************************** Wed Aug 24 21:39:37 2005 => Version 7.0.9 (C:\BASES_X\MWAVSCAN.COM) Wed Aug 24 21:39:37 2005 => Log File: C:\BASES_X\MWAV.LOG Wed Aug 24 21:39:37 2005 => Windows Root Folder: C:\WINDOWS Wed Aug 24 21:39:37 2005 => Windows Sys32 Folder: C:\WINDOWS\SYSTEM Wed Aug 24 21:39:37 2005 => OS: Windows 98 Wed Aug 24 21:39:37 2005 => Latest Date of files inside MWAV: 24 Aug 2005 19:33:33. Wed Aug 24 21:39:37 2005 => Options Selected by User: Wed Aug 24 21:39:37 2005 => Memory Check: Enabled Wed Aug 24 21:39:37 2005 => Registry Check: Enabled Wed Aug 24 21:39:37 2005 => StartUp Folder Check: Disabled Wed Aug 24 21:39:37 2005 => System Folder Check: Disabled Wed Aug 24 21:39:37 2005 => System Area Check: Disabled Wed Aug 24 21:39:37 2005 => Services Check: Enabled Wed Aug 24 21:39:37 2005 => Drive Check: Disabled Wed Aug 24 21:39:37 2005 => All Drive Check :Enabled Wed Aug 24 21:39:37 2005 => Folder Check: Disabled Infected Wed Aug 24 21:40:11 2005 => File C:\WINDOWS\SYSTEM\HCLEAN32.EXE infected by "Trojan.Win32.Qhost.qr" Virus! Action Taken: No Action Taken. Wed Aug 24 21:40:15 2005 => File C:\WINDOWS\SYSTEM\csmwc.exe infected by "Trojan-Dropper.Win32.Vidro.u" Virus! Action Taken: No Action Taken. Wed Aug 24 21:40:31 2005 => System found infected with AdWare.ToolBar.SBSoft.h Spyware/Adware ({08BEC6AA-49FC-4379-3587-4B21E286C19E})! Action taken: No Action Taken. Wed Aug 24 21:40:50 2005 => Offending value found in HKLM\Software\Microsoft\Windows\CurrentVersion\Run !!! Wed Aug 24 21:40:50 2005 => Object "Unknown Trojan Spyware/Adware" found in File System! Action Taken: No Action Taken. Wed Aug 24 21:49:32 2005 => File C:\WINDOWS\SYSTEM\csyxd.exe infected by "Trojan-Dropper.Win32.Vidro.u" Virus! Action Taken: No Action Taken. Wed Aug 24 21:46:47 2005 => File C:\WINDOWS\SYSTEM\dmyhs.exe infected by "Trojan-Dropper.Win32.Vidro.u" Virus! Action Taken: No Action Taken. Wed Aug 24 21:49:08 2005 => File C:\WINDOWS\SYSTEM\csqvn.exe infected by "Trojan-Dropper.Win32.Vidro.u" Virus! Action Taken: No Action Taken. Wed Aug 24 21:49:23 2005 => File C:\WINDOWS\SYSTEM\gpsresl32.exe infected by "Trojan.Win32.Dialer.bl" Virus! Action Taken: No Action Taken. Wed Aug 24 21:49:32 2005 => File C:\WINDOWS\SYSTEM\csyxd.exe infected by "Trojan-Dropper.Win32.Vidro.u" Virus! Action Taken: No Action Taken. Tagged Wed Aug 24 21:49:23 2005 => File C:\WINDOWS\SYSTEM\vjvgz.dll tagged as "not-a-virus:AdWare.ToolBar.SBSoft.h". Action Taken: No Action Taken. Wed Aug 24 21:49:23 2005 => File C:\WINDOWS\SYSTEM\rdsndin.exe tagged as "not-a-virus:AdWare.FindSpy.a". Action Taken: No Action Taken. Wed Aug 24 21:49:24 2005 => File C:\WINDOWS\SYSTEM\msexnpbi.exe tagged as "not-a-virus:AdWare.BetterInternet". Action Taken: No Action Taken. Wed Aug 24 21:49:25 2005 => File C:\WINDOWS\SYSTEM\ntfsnlpa.exe tagged as "not-a-virus:AdWare.Msnagent.b". Action Taken: No Action Taken. Wed Aug 24 22:30:57 2005 => File C:\Hijackthis\backups\backup-20050821-174326-475.dll tagged as "not-a-virus:AdWare.ToolBar.SBSoft.h". Action Taken: No Action Taken. Wed Aug 24 22:37:41 2005 => ***** Scanning complete. ***** Wed Aug 24 22:37:42 2005 => Total Objects Scanned: 27366 Wed Aug 24 22:37:42 2005 => Total Virus(es) Found: 14 Wed Aug 24 22:37:42 2005 => Total Disinfected Files: 0 Wed Aug 24 22:37:42 2005 => Total Files Renamed: 0 Wed Aug 24 22:37:42 2005 => Total Deleted Objects: 0 Wed Aug 24 22:37:42 2005 => Total Errors: 169 Wed Aug 24 22:37:42 2005 => Time Elapsed: 00:54:56 Wed Aug 24 22:37:42 2005 => Virus Database Date: 2005/08/24 Wed Aug 24 22:37:42 2005 => Virus Database Count: 145419 Wed Aug 24 22:37:42 2005 => Scan Completed. Wed Aug 24 22:39:11 2005 => Virus Database Date: 2005/08/24 Wed Aug 24 22:39:11 2005 => Virus Database Count: 145419 Wed Aug 24 22:39:15 2005 => AV Library Unloaded (3)... Clearprog hab ich auch im safemode laufen lassen und abgehakt wie angewiesen. Was genau muss ich jetzt noch machen? Neu aufsetzen oder ist da noch etwas zu retten? |
| Themen zu bitte hickjackthis.log auswerten |
| antivirus, auswerten, bho, button, explorer, hijack, hijackthis, internet, internet explorer, logfile, microsoft, norton, office, registry, rundll, rundll32.exe, services, spybot, suche, system, tools, upd.exe, updates, windows, windows update |
Baum-Darstellung