| |
| |||||||
Log-Analyse und Auswertung: escan logsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
13.12.2005, 22:15
| #1 |
| |  escan logs (need help -> winfix2005) hey leute ... ich hab mir heute nachmittag den winfix 2005 eingefangen und ueber euer forum mit escan die logs erstellt ... schonmal danke fuer die anleitung dazu ... ich hab schonmal nen blick auf die logs geworfen und zu meiner verwunderung stehen da auch dinge drin, die ich selbst installiert habe und benutzt ... zbsp das vnc tool ... daher habe ich die befuerchtung, dass bei dem recht umfangreichen log auhc dinge drin stehen, die ich besser nicht terminieren sollte ... ich wuerde mich freuen, wenn ihr mich da beraten koennt ... zur info ... die zwei logs sind von zwei unterschiedlichen rechnern (im selben netzwerk) und beide wurden innerhalb der letzten zwei tage einem check mit adaware und antivir im abgesicherten modus unterzogen ... dennoch kommen die umfangreichen logs zustande =/ bei meinem rechner (xp3000+) liegt es wohl an dem winfix2005 ... =/ nun hier die logs: xp3000+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Funde für "infected" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Tue Dec 13 16:33:50 2005 => System found infected with searchexe Spyware/Adware ({807553e5-5146-11d5-a672-00b0d022e945})! Action taken: No Action Taken. Tue Dec 13 16:33:50 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken. Tue Dec 13 16:33:56 2005 => System found infected with lop.com Spyware/Adware (backup.reg)! Action taken: No Action Taken. Tue Dec 13 16:33:57 2005 => System found infected with ezula Spyware/Adware (ebay.url)! Action taken: No Action Taken. Tue Dec 13 16:33:57 2005 => System found infected with clientman Spyware/Adware (firstrun.log)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (pop[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (pop[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:58 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (pop[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (pop[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 16:33:59 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken. Tue Dec 13 17:00:41 2005 => File C:\DOKUME~1\ADMINI~1\ANWEND~1\HoleRegs\mp3bone.exe infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus! Action Taken: No Action Taken. Tue Dec 13 17:01:05 2005 => System found infected with searchexe Spyware/Adware ({807553e5-5146-11d5-a672-00b0d022e945})! Action taken: No Action Taken. Tue Dec 13 17:01:05 2005 => System found infected with alexa Spyware/Adware ({c95fe080-8f5d-11d2-a20b-00aa003c157a})! Action taken: No Action Taken. Tue Dec 13 17:01:11 2005 => System found infected with lop.com Spyware/Adware (backup.reg)! Action taken: No Action Taken. Tue Dec 13 17:01:13 2005 => System found infected with ezula Spyware/Adware (ebay.url)! Action taken: No Action Taken. Tue Dec 13 17:01:13 2005 => System found infected with clientman Spyware/Adware (firstrun.log)! Action taken: No Action Taken. Tue Dec 13 17:01:13 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:13 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken. Tue Dec 13 17:01:13 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (pop[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (pop[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken. Tue Dec 13 17:01:14 2005 => System found infected with whenu.savenow Spyware/Adware (adswrapper[1].js)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (adsend[1].js)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (pop[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (pop[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (stylesheet[1].css)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (show_ads[2].js)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (ads[1].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (ads[2].htm)! Action taken: No Action Taken. Tue Dec 13 17:01:15 2005 => System found infected with whenu.savenow Spyware/Adware (formie[1].css)! Action taken: No Action Taken. Tue Dec 13 17:11:54 2005 => File C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Temp\bis2FB.exe infected by "Trojan-Downloader.Win32.Swizzor.co" Virus! Action Taken: No Action Taken. Tue Dec 13 18:34:22 2005 => Scanning Folder: C:\Programme\antivir\INFECTED\*.* Tue Dec 13 18:40:38 2005 => File D:\DownLoads\exe\security\pccillininternetsecurity2005v12.0keygencore\mirror_plugin.exe infected by "Trojan-Downloader.Win32.INService.gen" Virus! Action Taken: No Action Taken. Tue Dec 13 20:38:30 2005 => Total Disinfected Files: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Geändert von sto`teac (13.12.2005 um 23:13 Uhr) |
| Themen zu escan logs |
| abgesicherten modus, adaware, administrator, anleitung, antivir, blue, check, danke, einstellungen, escan, file, fix, forum, gen, help, infected, netzwerk, programme, rechner, security, system, temp, tool, total, virus, vnc |
Baum-Darstellung