Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   eScan -Virus LOg (https://www.trojaner-board.de/38637-escan-virus-log.html)

Alpat 05.05.2007 17:18

eScan -Virus LOg
 
find.bat Version 2007.05.01.01

Microsoft Windows XP [Version 5.1.2600]
Bootmodus: NORMAL

eScan Version: 9.1.9
Sprache:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Infektionsmeldungen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sat May 05 15:23:53 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swreg.exe)! Action taken: No Action Taken.
Sat May 05 15:23:53 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swsc.exe)! Action taken: No Action Taken.
Sat May 05 16:09:08 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swreg.exe)! Action taken: No Action Taken.
Sat May 05 16:09:08 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swsc.exe)! Action taken: No Action Taken.
Sat May 05 15:23:46 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 15:23:46 2007 => Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 15:23:50 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 15:23:54 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Sat May 05 15:23:55 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:01 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:01 2007 => Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:04 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:09 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:09 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.

Alpat 05.05.2007 17:19

weiss nich ob der rest auch wichtig ist, bitte mal dringend um Hilfe ;-)


Dateien
~~~~~~~~~~~
~~~~ Infected files
~~~~~~~~~~~
~~~~~~~~~~~
~~~~ Tagged files
~~~~~~~~~~~
~~~~~~~~~~~
~~~~ Offending files
~~~~~~~~~~~
Sat May 05 15:23:53 2007 => Offending file found: C:\WINDOWS\system32\swreg.exe
Sat May 05 15:23:53 2007 => Offending file found: C:\WINDOWS\system32\swsc.exe
Sat May 05 16:09:08 2007 => Offending file found: C:\WINDOWS\system32\swreg.exe
Sat May 05 16:09:08 2007 => Offending file found: C:\WINDOWS\system32\swsc.exe
~~~~~~~~~~~
Ordner
~~~~~~~~~~~
Sat May 05 15:23:54 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq\bart\1024
Sat May 05 15:23:55 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq6\bart\1024
Sat May 05 16:09:09 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq\bart\1024
Sat May 05 16:09:09 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq6\bart\1024
~~~~~~~~~~~
Registry
~~~~~~~~~~~
Sat May 05 15:23:46 2007 => Offending Key found: HKLM\Software\magnet !!!
Sat May 05 15:23:46 2007 => Offending Key found: HKCU\Software\funwebproducts !!!
Sat May 05 15:23:50 2007 => Offending Key found: HKCU\\magnet !!!
Sat May 05 16:09:01 2007 => Offending Key found: HKLM\Software\magnet !!!
Sat May 05 16:09:01 2007 => Offending Key found: HKCU\Software\funwebproducts !!!
Sat May 05 16:09:04 2007 => Offending Key found: HKCU\\magnet !!!

MightyMarc 05.05.2007 17:48

Zitat:

Zitat von Alpat (Beitrag 266778)
weiss nich ob der rest auch wichtig ist, bitte mal dringend um Hilfe ;-)

In der Anleitung steht "Den Inhalt des erscheinenden Fensters kopieren und im Forum posten." und nicht, dass Du ausgewählte Inhalte posten sollst. Also, den kompletten Inhalt der Datei escan_neu.txt bitte.

Vor allem: wieso machst Du noch nen Thread auf. Poste das Log in Deinem alten Thread sonst weiß keiner was bei Dir eigentlich los ist.


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:57 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27