Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   eScan -Virus LOg (https://www.trojaner-board.de/38637-escan-virus-log.html)

Alpat 05.05.2007 17:18

eScan -Virus LOg
 
find.bat Version 2007.05.01.01

Microsoft Windows XP [Version 5.1.2600]
Bootmodus: NORMAL

eScan Version: 9.1.9
Sprache:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Infektionsmeldungen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Sat May 05 15:23:53 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swreg.exe)! Action taken: No Action Taken.
Sat May 05 15:23:53 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swsc.exe)! Action taken: No Action Taken.
Sat May 05 16:09:08 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swreg.exe)! Action taken: No Action Taken.
Sat May 05 16:09:08 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swsc.exe)! Action taken: No Action Taken.
Sat May 05 15:23:46 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 15:23:46 2007 => Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 15:23:50 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 15:23:54 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Sat May 05 15:23:55 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:01 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:01 2007 => Object "funwebproducts Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:04 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:09 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Sat May 05 16:09:09 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.

Alpat 05.05.2007 17:19

weiss nich ob der rest auch wichtig ist, bitte mal dringend um Hilfe ;-)


Dateien
~~~~~~~~~~~
~~~~ Infected files
~~~~~~~~~~~
~~~~~~~~~~~
~~~~ Tagged files
~~~~~~~~~~~
~~~~~~~~~~~
~~~~ Offending files
~~~~~~~~~~~
Sat May 05 15:23:53 2007 => Offending file found: C:\WINDOWS\system32\swreg.exe
Sat May 05 15:23:53 2007 => Offending file found: C:\WINDOWS\system32\swsc.exe
Sat May 05 16:09:08 2007 => Offending file found: C:\WINDOWS\system32\swreg.exe
Sat May 05 16:09:08 2007 => Offending file found: C:\WINDOWS\system32\swsc.exe
~~~~~~~~~~~
Ordner
~~~~~~~~~~~
Sat May 05 15:23:54 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq\bart\1024
Sat May 05 15:23:55 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq6\bart\1024
Sat May 05 16:09:09 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq\bart\1024
Sat May 05 16:09:09 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq6\bart\1024
~~~~~~~~~~~
Registry
~~~~~~~~~~~
Sat May 05 15:23:46 2007 => Offending Key found: HKLM\Software\magnet !!!
Sat May 05 15:23:46 2007 => Offending Key found: HKCU\Software\funwebproducts !!!
Sat May 05 15:23:50 2007 => Offending Key found: HKCU\\magnet !!!
Sat May 05 16:09:01 2007 => Offending Key found: HKLM\Software\magnet !!!
Sat May 05 16:09:01 2007 => Offending Key found: HKCU\Software\funwebproducts !!!
Sat May 05 16:09:04 2007 => Offending Key found: HKCU\\magnet !!!

MightyMarc 05.05.2007 17:48

Zitat:

Zitat von Alpat (Beitrag 266778)
weiss nich ob der rest auch wichtig ist, bitte mal dringend um Hilfe ;-)

In der Anleitung steht "Den Inhalt des erscheinenden Fensters kopieren und im Forum posten." und nicht, dass Du ausgewählte Inhalte posten sollst. Also, den kompletten Inhalt der Datei escan_neu.txt bitte.

Vor allem: wieso machst Du noch nen Thread auf. Poste das Log in Deinem alten Thread sonst weiß keiner was bei Dir eigentlich los ist.


Alle Zeitangaben in WEZ +1. Es ist jetzt 03:57 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131