| |
| |||||||
Log-Analyse und Auswertung: bitte umkurze hilfeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.01.2007, 16:33
| #3 |
 |  bitte umkurze hilfe erstmal danke für deine rasche antwort und hilfe !!
__________________zu 1) ich kenne dieses programm nur so weit ich weiß hab ichs selber deaktiviert. zu 2) welche registry meinst du?? zu 3) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Header ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Microsoft Windows XP [Version 5.1.2600] Sun Jan 21 11:47:33 2007 => Deleting Registry Key: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\zango Sun Jan 21 11:15:34 2007 => Virus Database Date: 1/19/2007 Sun Jan 21 11:16:04 2007 => Virus Database Date: 1/21/2007 Sun Jan 21 11:44:43 2007 => Virus Database Date: 1/21/2007 Sun Jan 21 15:40:03 2007 => Virus Database Date: 1/21/2007 Sun Jan 21 15:48:31 2007 => Virus Database Date: 1/21/2007 Sun Jan 21 11:12:37 2007 => Virus-Datenbank Datum: 1/19/2007 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Infektionsmeldungen ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sun Jan 21 11:47:30 2007 => System found infected with funweb Spyware/Adware ({147a976f-eee1-4377-8ea7-4716e4cdd239})! Action taken: Entries Removed. Sun Jan 21 11:47:30 2007 => System found infected with ibis Spyware/Adware ({1d4db7d2-6ec9-47a3-bd87-1e41684e07bb})! Action taken: Entries Removed. Sun Jan 21 11:47:30 2007 => System found infected with istbar Spyware/Adware ({7c559105-9ecf-42b8-b3f7-832e75edd959})! Action taken: Entries Removed. Sun Jan 21 11:47:35 2007 => System found infected with windupdate Spyware/Adware (ide21201.vxd)! Action taken: Entries Removed. Sun Jan 21 11:47:51 2007 => System found infected with lop.com Spyware/Adware (backup.reg)! Action taken: Entries Removed. Sun Jan 21 11:48:21 2007 => System found infected with spylax Trojan (C:\WINDOWS\unvise32.exe)! Action taken: Entries Removed. ~~~~~~~~~~~ Dateien ~~~~~~~~~~~ ~~~~ Infected files ~~~~~~~~~~~ Sun Jan 21 11:55:54 2007 => File C:\Dokumente und Einstellungen\Mythos\Lokale Einstellungen\Anwendungsdaten\Microsoft\Outlook\Outlook.pst infected by "Trojan-Downloader.Win32.Small.dam" Virus! Action Taken: No Action Taken. ~~~~~~~~~~~ ~~~~ Tagged files ~~~~~~~~~~~ Sun Jan 21 14:13:47 2007 => File C:\RECYCLER\S-1-5-21-1547161642-1450960922-725345543-1003\Dc116\Del3D.tmp tagged as "not-a-virus:AdWare.Win32.180Solutions.x". Action Taken: File Deleted. Sun Jan 21 14:14:03 2007 => File C:\RECYCLER\S-1-5-21-1547161642-1450960922-725345543-1003\Dc116\New49.tmp\upgrade.exe tagged as "not-a-virus:AdWare.Win32.NewDotNet.f". Action Taken: File Deleted. Sun Jan 21 14:14:13 2007 => File C:\RECYCLER\S-1-5-21-1547161642-1450960922-725345543-1003\Dc116\res25.tmp tagged as "not-a-virus:AdWare.Win32.180Solutions.q". Action Taken: File Deleted. Sun Jan 21 14:36:24 2007 => File C:\WINDOWS\NDNuninstall6_90.exe tagged as "not-a-virus:AdWare.Win32.NewDotNet.e". Action Taken: File Deleted. Sun Jan 21 14:36:24 2007 => File C:\WINDOWS\NDNuninstall6_98.exe tagged as "not-a-virus:AdWare.Win32.NewDotNet.e". Action Taken: File Deleted. Sun Jan 21 14:36:24 2007 => File C:\WINDOWS\NDNuninstall7_14.exe tagged as "not-a-virus:AdWare.Win32.NewDotNet.e". Action Taken: File Deleted. Sun Jan 21 14:36:25 2007 => File C:\WINDOWS\NDNuninstall7_22.exe tagged as "not-a-virus:AdWare.Win32.NewDotNet.e". Action Taken: File Deleted. ~~~~~~~~~~~ ~~~~ Offending files ~~~~~~~~~~~ Sun Jan 21 11:47:35 2007 => Offending file found: C:\WINDOWS\system32\ide21201.vxd Sun Jan 21 11:47:51 2007 => Offending file found: C:\DOKUME~1\Mythos\Desktop\backup.reg Sun Jan 21 11:48:21 2007 => Offending file found: C:\WINDOWS\unvise32.exe ~~~~~~~~~~~ Ordner ~~~~~~~~~~~ Sun Jan 21 11:47:35 2007 => Offending Folder found: C:\Programme\aveo ~~~~~~~~~~~ Registry ~~~~~~~~~~~ Sun Jan 21 11:47:32 2007 => Offending Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\media gateway !!! Sun Jan 21 11:47:32 2007 => Offending Key found: HKLM\Software\aveo !!! Sun Jan 21 11:47:32 2007 => Offending Key found: HKCU\Software\ist !!! Sun Jan 21 11:47:33 2007 => Offending Key found: HKCU\software\microsoft\windows\currentversion\explorer\menuorder\start menu\programs\zango !!! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Statistiken: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sun Jan 21 11:53:19 2007 => Scanning Folder: C:\Dokumente und Einstellungen\Mythos\Eigene Dateien\Eigene Bilder\Adobe\Gescannte Fotos\*.* zu 4) 01/21/07 16:13:37 [Info]: BlackLight Engine 1.0.55 initialized 01/21/07 16:13:37 [Info]: OS: 5.1 build 2600 (Service Pack 2) 01/21/07 16:13:37 [Note]: 7019 4 01/21/07 16:13:37 [Note]: 7005 0 01/21/07 16:13:40 [Note]: 7006 0 01/21/07 16:13:40 [Note]: 7011 1816 01/21/07 16:13:41 [Note]: 7026 0 01/21/07 16:13:41 [Note]: 7026 0 01/21/07 16:13:51 [Note]: FSRAW library version 1.7.1021 01/21/07 16:19:29 [Note]: 2000 1012 01/21/07 16:22:22 [Note]: 7007 0 |
| Themen zu bitte umkurze hilfe |
| absturz, adobe, antivir, application, avg, avira, bho, computer, excel, explorer, google, hijack, hijackthis, internet, internet explorer, log-file, monitor, neustart, rundll, security, software, starten, system, trend micro, windows, windows xp |
Baum-Darstellung