|
Log-Analyse und Auswertung: TR/Murdak.A.36Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.01.2009, 17:36 | #1 |
| TR/Murdak.A.36 Huhuhu! Könnte mal jemand das Logfile von Avira checken! Nachdem ich lange suchen musste, hat er nun doch was gefunden, wie schlimm ist es und was ist mit den anderen Festplatten?? Herzlichen Dank! Avira AntiVir Personal Report file date: Samstag, 24. Januar 2009 04:11 Scanning for 1272260 virus strains and unwanted programs. Licensed to: Avira AntiVir PersonalEdition Classic Serial number: 0000149996-ADJIE-0001 Platform: Windows XP Windows version: (Service Pack 3) [5.1.2600] Boot mode: Normally booted Username: SYSTEM Computer name: CICI-ALXCI6OMD4 Version information: BUILD.DAT : 8.2.0.337 16934 Bytes 18.11.2008 13:05:00 AVSCAN.EXE : 8.1.4.10 315649 Bytes 18.11.2008 08:21:26 AVSCAN.DLL : 8.1.4.0 40705 Bytes 26.05.2008 07:56:40 LUKE.DLL : 8.1.4.5 164097 Bytes 12.06.2008 12:44:19 LUKERES.DLL : 8.1.4.0 12033 Bytes 26.05.2008 07:58:52 ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27.10.2008 11:30:36 ANTIVIR1.VDF : 7.1.1.113 2817536 Bytes 14.01.2009 23:51:57 ANTIVIR2.VDF : 7.1.1.172 958464 Bytes 23.01.2009 01:56:30 ANTIVIR3.VDF : 7.1.1.173 2048 Bytes 23.01.2009 01:56:31 Engineversion : 8.2.0.60 AEVDF.DLL : 8.1.0.6 102772 Bytes 14.10.2008 10:05:56 AESCRIPT.DLL : 8.1.1.32 340347 Bytes 23.01.2009 00:36:09 AESCN.DLL : 8.1.1.5 123251 Bytes 07.11.2008 15:06:41 AERDL.DLL : 8.1.1.3 438645 Bytes 04.11.2008 13:58:38 AEPACK.DLL : 8.1.3.5 393588 Bytes 11.01.2009 11:23:20 AEOFFICE.DLL : 8.1.0.33 196987 Bytes 11.01.2009 11:23:19 AEHEUR.DLL : 8.1.0.86 1552759 Bytes 23.01.2009 00:36:08 AEHELP.DLL : 8.1.2.0 119159 Bytes 11.01.2009 11:23:17 AEGEN.DLL : 8.1.1.10 323957 Bytes 17.01.2009 01:03:01 AEEMU.DLL : 8.1.0.9 393588 Bytes 14.10.2008 10:05:56 AECORE.DLL : 8.1.5.2 172405 Bytes 11.01.2009 11:23:15 AEBB.DLL : 8.1.0.3 53618 Bytes 14.10.2008 10:05:56 AVWINLL.DLL : 1.0.0.12 15105 Bytes 09.07.2008 08:40:05 AVPREF.DLL : 8.0.2.0 38657 Bytes 16.05.2008 09:28:01 AVREP.DLL : 8.0.0.2 98344 Bytes 31.07.2008 12:02:15 AVREG.DLL : 8.0.0.1 33537 Bytes 09.05.2008 11:26:40 AVARKT.DLL : 1.0.0.23 307457 Bytes 12.02.2008 08:29:23 AVEVTLOG.DLL : 8.0.0.16 119041 Bytes 12.06.2008 12:27:49 SQLITE3.DLL : 3.3.17.1 339968 Bytes 22.01.2008 17:28:02 SMTPLIB.DLL : 1.2.0.23 28929 Bytes 12.06.2008 12:49:40 NETNT.DLL : 8.0.0.1 7937 Bytes 25.01.2008 12:05:10 RCIMAGE.DLL : 8.0.0.51 2371841 Bytes 12.06.2008 13:48:07 RCTEXT.DLL : 8.0.52.0 86273 Bytes 27.06.2008 13:34:37 Configuration settings for the scan: Jobname..........................: Complete system scan Configuration file...............: c:\programme\avira\antivir personaledition classic\sysscan.avp Logging..........................: low Primary action...................: interactive Secondary action.................: ignore Scan master boot sector..........: on Scan boot sector.................: on Boot sectors.....................: C:, D:, E:, F:, Process scan.....................: on Scan registry....................: on Search for rootkits..............: on Scan all files...................: All files Scan archives....................: on Recursion depth..................: 20 Smart extensions.................: on Macro heuristic..................: on File heuristic...................: medium Start of the scan: Samstag, 24. Januar 2009 04:11 Starting search for hidden objects. '35273' objects were checked, '0' hidden objects were found. The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'rundll32.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'firefox.exe' - '1' Module(s) have been scanned Scan process 'skypePM.exe' - '1' Module(s) have been scanned Scan process 'Dot1XCfg.exe' - '1' Module(s) have been scanned Scan process 'Skype.exe' - '1' Module(s) have been scanned Scan process 'btdna.exe' - '1' Module(s) have been scanned Scan process 'daemon.exe' - '1' Module(s) have been scanned Scan process 'ctfmon.exe' - '1' Module(s) have been scanned Scan process 'avgnt.exe' - '1' Module(s) have been scanned Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned Scan process 'stsystra.exe' - '1' Module(s) have been scanned Scan process 'igfxsrvc.exe' - '1' Module(s) have been scanned Scan process 'igfxpers.exe' - '1' Module(s) have been scanned Scan process 'hkcmd.exe' - '1' Module(s) have been scanned Scan process 'explorer.exe' - '1' Module(s) have been scanned Scan process 'WgaTray.exe' - '1' Module(s) have been scanned Scan process 'alg.exe' - '1' Module(s) have been scanned Scan process 'TUProgSt.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned Scan process 'avguard.exe' - '1' Module(s) have been scanned Scan process 'adminsvcff.exe' - '1' Module(s) have been scanned Scan process 'sched.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'WLKEEPER.exe' - '1' Module(s) have been scanned Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned Scan process 'EvtEng.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'svchost.exe' - '1' Module(s) have been scanned Scan process 'lsass.exe' - '1' Module(s) have been scanned Scan process 'services.exe' - '1' Module(s) have been scanned Scan process 'winlogon.exe' - '1' Module(s) have been scanned Scan process 'csrss.exe' - '1' Module(s) have been scanned Scan process 'smss.exe' - '1' Module(s) have been scanned 39 processes with 39 modules were scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Boot sector 'D:\' [INFO] No virus was found! Boot sector 'E:\' [INFO] No virus was found! Boot sector 'F:\' [INFO] No virus was found! Starting to scan the registry. The registry was scanned ( '50' files ). Starting the file scan: Begin scan in 'C:\' C:\pagefile.sys [WARNING] The file could not be opened! C:\WINDOWS\system32\drivers\sptd.sys [WARNING] The file could not be opened! Begin scan in 'D:\' <Programme> D:\System Volume Information\_restore{CF66CB71-1375-47D7-B106-6226DF736BA7}\RP10\A0001722.exe [0] Archive type: RAR SFX (self extracting) --> 32788R22FWJFW\catchme.cfexe [DETECTION] Is the TR/Murdak.A.36 Trojan [NOTE] The file was moved to '49aa8a14.qua'! Begin scan in 'E:\' <Filme Musik> Begin scan in 'F:\' <Uni & Privat> End of the scan: Samstag, 24. Januar 2009 04:26 Used time: 15:10 Minute(s) The scan has been done completely. 2504 Scanning directories 123968 Files were scanned 1 viruses and/or unwanted programs were found 0 Files were classified as suspicious: 0 files were deleted 0 files were repaired 1 files were moved to quarantine 0 files were renamed 2 Files cannot be scanned 123965 Files not concerned 1216 Archives were scanned 2 Warnings 1 Notes 35273 Objects were scanned with rootkit scan 0 Hidden objects were found |
Themen zu TR/Murdak.A.36 |
.dll, antivir, avg, avgnt.exe, avira, checken, csrss.exe, explorer.exe, festplatte, firefox.exe, logfile, logon.exe, lsass.exe, moved, musik, nt.dll, programme, rundll, rundll32.exe, sched.exe, service pack 3, services.exe, skype.exe, suche, svchost.exe, system volume information, system32, tuprogst.exe, virus, warning, windows, winlogon.exe |