| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bitte MWAV-Log überprüfen, was ist bei mir los?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
18.05.2006, 23:07
| #1 |
 |  Bitte MWAV-Log überprüfen, was ist bei mir los? Hallo, ich habe (immernoch) das Problem, dass meine ActiveX-Sicherheitszoneneinstellung fürs Internet (und damit gleichzeitig für meine Ordner bei WinME) auf unendlich ist, und ich deswegen nichts mehr öffnen kann. Nun habe ich es geschafft, zwei verschiedene Virenscanner (AntiVir und MWAV) durchlaufen zu lassen, aber keiner hat irgendeinen offensichtlichen Virus gefunden. Kann jemand hier dennoch einen Blick auf mein MWAV-Log werfen, falls euch einfällt, was es sein könnte? Es wurden nur Errors angezeigt, also habe ich nur die kopiert. Ansonsten hänge ich noch das HiJack This Log an, je einmal während des abgesicherten Modus und während des "normalen" Betriebes. Sie unterscheiden sich aber nur in den laufenden Prozessen. Übrigens sind die Viren-Definitionen etwas veraltet, aber ich kann nicht ins Internet mit dem Ding und zum einzeln herunterladen habe ich sie nicht gefunden und die aktuellen vom Internetcomputer-Temp-Ordner in den Temp-Ordner vom kaputten Computer zu kopieren hat auch nicht funktioniert... Vielen Dank, Johannes. Wed May 17 20:37:23 2006 => ********************************************************** Wed May 17 20:37:23 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility. Wed May 17 20:37:23 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc. Wed May 17 20:37:23 2006 => ********************************************************** Wed May 17 20:37:23 2006 => Source: C:\***'\MWAV.EXE Wed May 17 20:37:23 2006 => Version 8.2.8 (C:\WINDOWS\TEMP\MEXE.COM) Wed May 17 20:37:23 2006 => Log File: C:\WINDOWS\TEMP\MWAV.LOG Wed May 17 20:37:23 2006 => MWAV Registered: FALSE. Wed May 17 20:37:23 2006 => OS Type: Windows Workstation Wed May 17 20:37:23 2006 => OS: Windows ME Wed May 17 20:37:23 2006 => Ver: Version 4.90 (Build 3000) Wed May 17 20:37:23 2006 => Windows Root Folder: C:\WINDOWS Wed May 17 20:37:23 2006 => Windows Sys32 Folder: C:\WINDOWS\SYSTEM Wed May 17 20:37:23 2006 => Local Fixed Drives: c:\ Wed May 17 20:37:23 2006 => MWAV Mode: Only Scan files. Wed May 17 20:37:23 2006 => Latest Date of files inside MWAV: 12 May 2006 08:34:55. Wed May 17 20:37:29 2006 => AV Library Loaded... Wed May 17 20:37:29 2006 => MWAV doing self scanning... Wed May 17 20:37:29 2006 => Scanning File C:\WINDOWS\TEMP\kavss.exe Wed May 17 20:37:29 2006 => Scanning File C:\WINDOWS\TEMP\Getvlist.exe Wed May 17 20:37:30 2006 => Scanning File C:\WINDOWS\TEMP\kavss.dll Wed May 17 20:37:30 2006 => Scanning File C:\WINDOWS\TEMP\kavssdi.dll Wed May 17 20:37:30 2006 => Scanning File C:\WINDOWS\TEMP\kavssi.dll Wed May 17 20:37:30 2006 => Scanning File C:\WINDOWS\TEMP\kavvlg.dll Wed May 17 20:37:30 2006 => Scanning File C:\WINDOWS\TEMP\msvlclnt.dll Wed May 17 20:37:30 2006 => Scanning File C:\WINDOWS\TEMP\ipc.dll Wed May 17 20:37:30 2006 => Scanning File C:\WINDOWS\TEMP\main.avi Wed May 17 20:37:30 2006 => Scanning File C:\WINDOWS\TEMP\virus.avi Wed May 17 20:37:30 2006 => MWAV files are clean. Wed May 17 20:37:42 2006 => Virus Database Date: 5/12/2006 Wed May 17 20:37:42 2006 => Virus Database Count: 193177 Wed May 17 20:37:50 2006 => Downloading AntiVirus and Anti-Spyware Databases... Wed May 17 20:37:51 2006 => Downloads Not Successful! Wed May 17 20:38:55 2006 => Downloading AntiVirus and Anti-Spyware Databases... Wed May 17 20:38:56 2006 => Downloads Not Successful! Wed May 17 20:39:00 2006 => AV Library Unloaded (3)... Wed May 17 20:39:13 2006 => ********************************************************** Wed May 17 20:39:13 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility. Wed May 17 20:39:13 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc. Wed May 17 20:39:13 2006 => ********************************************************** Wed May 17 20:39:13 2006 => Source: C:\***'\MWAV.EXE Wed May 17 20:39:13 2006 => Version 8.2.8 (C:\WINDOWS\TEMP\MEXE.COM) Wed May 17 20:39:13 2006 => Log File: C:\WINDOWS\TEMP\MWAV.LOG Wed May 17 20:39:13 2006 => MWAV Registered: FALSE. Wed May 17 20:39:13 2006 => OS Type: Windows Workstation Wed May 17 20:39:13 2006 => OS: Windows ME Wed May 17 20:39:13 2006 => Ver: Version 4.90 (Build 3000) Wed May 17 20:39:13 2006 => Windows Root Folder: C:\WINDOWS Wed May 17 20:39:13 2006 => Windows Sys32 Folder: C:\WINDOWS\SYSTEM Wed May 17 20:39:13 2006 => Local Fixed Drives: c:\ Wed May 17 20:39:13 2006 => MWAV Mode: Only Scan files. Wed May 17 20:39:13 2006 => Latest Date of files inside MWAV: 12 May 2006 08:34:55. Wed May 17 20:39:17 2006 => AV Library Loaded... Wed May 17 20:39:17 2006 => MWAV doing self scanning... Wed May 17 20:39:17 2006 => Scanning File C:\WINDOWS\TEMP\kavss.exe Wed May 17 20:39:17 2006 => Scanning File C:\WINDOWS\TEMP\Getvlist.exe Wed May 17 20:39:18 2006 => Scanning File C:\WINDOWS\TEMP\kavss.dll Wed May 17 20:39:18 2006 => Scanning File C:\WINDOWS\TEMP\kavssdi.dll Wed May 17 20:39:18 2006 => Scanning File C:\WINDOWS\TEMP\kavssi.dll Wed May 17 20:39:18 2006 => Scanning File C:\WINDOWS\TEMP\kavvlg.dll Wed May 17 20:39:18 2006 => Scanning File C:\WINDOWS\TEMP\msvlclnt.dll Wed May 17 20:39:18 2006 => Scanning File C:\WINDOWS\TEMP\ipc.dll Wed May 17 20:39:18 2006 => Scanning File C:\WINDOWS\TEMP\main.avi Wed May 17 20:39:18 2006 => Scanning File C:\WINDOWS\TEMP\virus.avi Wed May 17 20:39:18 2006 => MWAV files are clean. Wed May 17 20:39:18 2006 => Virus Database Date: 5/12/2006 Wed May 17 20:39:18 2006 => Virus Database Count: 193177 Wed May 17 20:45:23 2006 => ********************************************************** Wed May 17 20:45:23 2006 => MicroWorld Anti Virus & Spyware Toolkit Utility. Wed May 17 20:45:23 2006 => Copyright © 2003-2006, MicroWorld Technologies Inc. Wed May 17 20:45:23 2006 => Wed May 17 20:45:23 2006 => Support: support@mwti.net Wed May 17 20:45:23 2006 => Web: http://www.mwti.net Wed May 17 20:45:23 2006 => ********************************************************** Wed May 17 20:45:23 2006 => Version 8.2.8 (C:\WINDOWS\TEMP\MEXE.COM) Wed May 17 20:45:23 2006 => Log File: C:\WINDOWS\TEMP\MWAV.LOG Wed May 17 20:45:23 2006 => Windows Root Folder: C:\WINDOWS Wed May 17 20:45:23 2006 => Windows Sys32 Folder: C:\WINDOWS\SYSTEM Wed May 17 20:45:23 2006 => OS: Windows ME Wed May 17 20:45:23 2006 => Ver: Version 4.90 (Build 3000) Wed May 17 20:45:24 2006 => Latest Date of files inside MWAV: 12 May 2006 08:34:55. Wed May 17 20:45:24 2006 => Options Selected by User: Wed May 17 20:45:24 2006 => Memory Check: Enabled Wed May 17 20:45:24 2006 => Registry Check: Enabled Wed May 17 20:45:24 2006 => StartUp Folder Check: Enabled Wed May 17 20:45:24 2006 => System Folder Check: Enabled Wed May 17 20:45:24 2006 => System Area Check: Disabled Wed May 17 20:45:24 2006 => Services Check: Enabled Wed May 17 20:45:24 2006 => Drive Check: Disabled Wed May 17 20:45:24 2006 => All Drive Check :Enabled Wed May 17 20:45:24 2006 => Folder Check: Disabled Wed May 17 20:46:29 2006 => ***** Scanning Registry Files ***** Wed May 17 20:46:29 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Wed May 17 20:46:29 2006 => ERROR!!! Invalid Entry WebCheck = C:\WINDOWS\SYSTEM\SHIMGAPI.DLL (in key SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad). No Action Taken. Wed May 17 20:46:31 2006 => ERROR!!! Invalid Entry {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\SYSTEM\SHIMGAPI.DLL (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). No Action Taken. Wed May 17 20:46:36 2006 => ***** Scanning StartUp Folders ***** Wed May 17 20:46:36 2006 => ERROR!!! Unable to Read User StartUp Folder...Reason Der Schlüssel der Konfigurationsregistrierung ist ungültig. (0x3f2) Wed May 17 20:46:37 2006 => ERROR!!! Invalid Entry \SystemRoot\System\atmarpc.sys in SYSTEM\CurrentControlSet\Services\ATMARPC... Wed May 17 21:54:25 2006 => Result: ERROR!!! File C:\WINDOWS\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\AlexaRelated.zip is Not Scanned Wed May 17 21:54:26 2006 => Result: ERROR!!! File C:\WINDOWS\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MainPean1.zip is Not Scanned Wed May 17 21:54:26 2006 => Result: ERROR!!! File C:\WINDOWS\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MainPean1.zip is Not Scanned Wed May 17 21:54:26 2006 => C:\WINDOWS\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MainPean1.zip not Scanned. Possibly password protected... Wed May 17 21:54:26 2006 => Scanning File C:\WINDOWS\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MainPean.zip Wed May 17 21:54:26 2006 => Result: ERROR!!! File C:\WINDOWS\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MainPean.zip is Not Scanned Wed May 17 21:54:26 2006 => C:\WINDOWS\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\MainPean.zip not Scanned. Possibly password protected... Wed May 17 21:54:26 2006 => Scanning File C:\WINDOWS\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\BackOrificeB.zip Wed May 17 21:54:26 2006 => Result: ERROR!!! File C:\WINDOWS\All Users\Anwendungsdaten\Spybot - Search & Destroy\Recovery\BackOrificeB.zip is Not Scanned Thu May 18 21:09:06 2006 => ***** Scanning Registry Files ***** Thu May 18 21:09:06 2006 => Scanning HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad Thu May 18 21:09:06 2006 => ERROR!!! Invalid Entry WebCheck = C:\WINDOWS\SYSTEM\SHIMGAPI.DLL (in key SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad). No Action Taken. Thu May 18 21:09:08 2006 => ERROR!!! Invalid Entry {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\SYSTEM\SHIMGAPI.DLL (in key SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved). No Action Taken. Thu May 18 21:09:15 2006 => ***** Scanning StartUp Folders ***** Thu May 18 21:09:15 2006 => ERROR!!! Unable to Read User StartUp Folder...Reason Der Schlüssel der Konfigurationsregistrierung ist ungültig. (0x3f2) Thu May 18 21:09:15 2006 => ERROR!!! Invalid Entry \SystemRoot\System\atmarpc.sys in SYSTEM\CurrentControlSet\Services\ATMARPC... Thu May 18 22:37:57 2006 => Result: ERROR!!! File C:\Programme\Lavasoft\Ad-Aware SE Personal\Skins\Ad-Aware SE default.ask is Not Scanned Thu May 18 23:01:24 2006 => ***** Scanning complete. ***** Thu May 18 23:01:24 2006 => Total Objects Scanned: 109814 Thu May 18 23:01:24 2006 => Total Critical Objects: 0 Thu May 18 23:01:24 2006 => Total Disinfected Objects: 0 Thu May 18 23:01:24 2006 => Total Objects Renamed: 0 Thu May 18 23:01:24 2006 => Total Deleted Objects: 0 Thu May 18 23:01:24 2006 => Total Errors: 5 Thu May 18 23:01:24 2006 => Time Elapsed: 01:47:29 Thu May 18 23:01:24 2006 => Virus Database Date: 5/12/2006 Thu May 18 23:01:24 2006 => Virus Database Count: 193177 Thu May 18 23:01:24 2006 => Scan Completed. Thu May 18 23:05:04 2006 => Virus Database Date: 5/12/2006 Thu May 18 23:05:04 2006 => Virus Database Count: 193177 Thu May 18 23:05:10 2006 => AV Library Unloaded (3)... |
| Themen zu Bitte MWAV-Log überprüfen, was ist bei mir los? |
| abgesicherten modus, ad-aware, antivir, antivirus, c:\windows\temp, check, einstellung, ellung, file, hijack, hijack this, internet, kopieren, log file, microsoft, nicht gefunden, ordner, problem, programme, prozesse, recovery, registry, scan, services, software, spybot, spyware, virus, webcheck, windows, windows\temp |
Baum-Darstellung