Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Hi Könnte Jemand über die HJT und Find.bat Auswertung einmal drübersehen ? (https://www.trojaner-board.de/44571-hi-koennte-jemand-hjt-find-bat-auswertung-einmal-druebersehen.html)

candelaver 15.10.2007 22:45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Infektionsmeldungen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thu Oct 04 15:19:04 2007 => System found infected with flashfxp Spyware/Adware ({e5a1691b-d188-4419-ad02-90002030b8ee})! Action taken: No Action Taken.
Thu Oct 04 15:19:05 2007 => System found infected with flashfxp Spyware/Adware ({e5a1691b-d188-4419-ad02-90002030b8ee})! Action taken: No Action Taken.
Thu Oct 04 15:19:11 2007 => System found infected with inetspeak Spyware/Adware (maria.lnk)! Action taken: No Action Taken.
Thu Oct 04 15:19:11 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (process.exe)! Action taken: No Action Taken.
Thu Oct 04 15:19:11 2007 => System found infected with drivecleaner2006 Corrupted Adware/Spyware (pv.exe)! Action taken: No Action Taken.
Thu Oct 04 15:19:11 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swreg.exe)! Action taken: No Action Taken.
Thu Oct 04 15:28:59 2007 => System found infected with flashfxp Spyware/Adware ({e5a1691b-d188-4419-ad02-90002030b8ee})! Action taken: No Action Taken.
Thu Oct 04 15:28:59 2007 => System found infected with flashfxp Spyware/Adware ({e5a1691b-d188-4419-ad02-90002030b8ee})! Action taken: No Action Taken.
Thu Oct 04 15:29:06 2007 => System found infected with inetspeak Spyware/Adware (maria.lnk)! Action taken: No Action Taken.
Thu Oct 04 15:29:06 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (process.exe)! Action taken: No Action Taken.
Thu Oct 04 15:29:06 2007 => System found infected with drivecleaner2006 Corrupted Adware/Spyware (pv.exe)! Action taken: No Action Taken.
Thu Oct 04 15:29:06 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swreg.exe)! Action taken: No Action Taken.
Thu Oct 04 15:47:34 2007 => System found infected with flashfxp Spyware/Adware ({e5a1691b-d188-4419-ad02-90002030b8ee})! Action taken: Entries Removed.
Thu Oct 04 15:47:42 2007 => System found infected with inetspeak Spyware/Adware (maria.lnk)! Action taken: Entries Removed.
Thu Oct 04 15:47:43 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (process.exe)! Action taken: Entries Removed.
Thu Oct 04 15:47:43 2007 => System found infected with drivecleaner2006 Corrupted Adware/Spyware (pv.exe)! Action taken: Entries Removed.
Thu Oct 04 15:47:43 2007 => System found infected with trojan-downloader.bat.ftp.ab Trojan-Downloader (swreg.exe)! Action taken: Entries Removed.
Thu Oct 04 15:19:11 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Thu Oct 04 15:29:06 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Thu Oct 04 15:47:34 2007 => Object "flashfxp Spyware/Adware" found in File System! Action Taken: Entries Removed.
Thu Oct 04 15:47:42 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: Entries Removed.
Thu Oct 04 15:47:42 2007 => Object "inetspeak Spyware/Adware" found in File System! Action Taken: Entries Removed.
Thu Oct 04 15:47:43 2007 => Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: Entries Removed.
Thu Oct 04 15:47:43 2007 => Object "drivecleaner2006 Corrupted Adware/Spyware" found in File System! Action Taken: Entries Removed.
Thu Oct 04 15:47:43 2007 => Object "trojan-downloader.bat.ftp.ab Trojan-Downloader" found in File System! Action Taken: Entries Removed.
Sun Oct 14 14:34:19 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
Mon Oct 15 13:42:58 2007 => Object "smitfraud Browser Hijacker" found in File System! Action Taken: No Action Taken.
~~~~~~~~~~~
Dateien
~~~~~~~~~~~
~~~~ Infected files
~~~~~~~~~~~
Sun Oct 14 14:59:06 2007 => File H:\System Volume Information\_restore{96B1CE24-F6AB-4E8C-A9D6-BBF0F1F37590}\RP28\A0010371.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
Sun Oct 14 14:59:06 2007 => File H:\System Volume Information\_restore{96B1CE24-F6AB-4E8C-A9D6-BBF0F1F37590}\RP28\A0010372.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
Sun Oct 14 15:01:36 2007 => File I:\[0000]---DOWNLOADS---\smitRem.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
Sun Oct 14 15:01:47 2007 => File I:\[0000]---DOWNLOADS---\WindowsXP-KB835935-SP2-DEU.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
Sun Oct 14 15:02:25 2007 => File J:\System Volume Information\_restore{B1BE7B4E-0BD4-4E14-9BA5-2C42192619A5}\RP52\A0008918.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
Sun Oct 14 15:02:25 2007 => File J:\System Volume Information\_restore{B1BE7B4E-0BD4-4E14-9BA5-2C42192619A5}\RP52\A0008922.exe infected by "NULL.Corrupted" Virus! Action Taken: No Action Taken.
~~~~~~~~~~~
~~~~ Offending files
~~~~~~~~~~~
Thu Oct 04 15:19:11 2007 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\microsoft\office\recent\maria.lnk
Thu Oct 04 15:19:11 2007 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\sm\smitrem\process.exe
Thu Oct 04 15:19:11 2007 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\sm\smitrem\pv.exe
Thu Oct 04 15:19:11 2007 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\sm\smitrem\swreg.exe
Thu Oct 04 15:29:06 2007 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\microsoft\office\recent\maria.lnk
Thu Oct 04 15:29:06 2007 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\sm\smitrem\process.exe
Thu Oct 04 15:29:06 2007 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\sm\smitrem\pv.exe
Thu Oct 04 15:29:06 2007 => Offending file found: C:\Dokumente und Einstellungen\Administrator\Desktop\sm\smitrem\swreg.exe
Thu Oct 04 15:47:42 2007 => Offending file found: C:\DOKUME~1\ADMINI~1\ANWEND~1\MICROS~1\office\recent\maria.lnk
Thu Oct 04 15:47:43 2007 => Offending file found: C:\DOKUME~1\ADMINI~1\Desktop\sm\smitrem\process.exe
Thu Oct 04 15:47:43 2007 => Offending file found: C:\DOKUME~1\ADMINI~1\Desktop\sm\smitrem\pv.exe
Thu Oct 04 15:47:43 2007 => Offending file found: C:\DOKUME~1\ADMINI~1\Desktop\sm\smitrem\swreg.exe
~~~~~~~~~~~
~~~~ Tagged files
~~~~~~~~~~~
Sun Oct 14 14:54:18 2007 => Scanning File F:\[00000000000000] BASE\Templates\Web Design Index 5\files\260_1\www.teco.edu\~bschmidt\grafic\markiert.css
Sun Oct 14 14:54:18 2007 => ERROR!!! ScanFile fails for F:\_00000~1\TEMPLA~1\WEBDES~2\files\260_1\WWWTEC~1.EDU\~BSCHM~1\grafic\markiert.css
Sun Oct 14 15:01:45 2007 => Scanning File I:\[0000]---DOWNLOADS---\Web design index\files\260_1\www.teco.edu\~bschmidt\grafic\markiert.css
Sun Oct 14 15:01:45 2007 => ERROR!!! ScanFile fails for I:\_0000_~2\WEBDES~1\files\260_1\WWWTEC~1.EDU\~BSCHM~1\grafic\markiert.css
~~~~~~~~~~~
Ordner
~~~~~~~~~~~
Thu Oct 04 15:19:11 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq\bart\1024
Thu Oct 04 15:29:06 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq\bart\1024
Thu Oct 04 15:47:42 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq\bart\1024
Sun Oct 14 14:34:16 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq\bart\1024
Mon Oct 15 13:42:56 2007 => Offending Folder found: C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\icq\bart\1024
~~~~~~~~~~~
Registry
~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Statistiken:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thu Oct 04 15:22:45 2007 => Total Errors: 62
Thu Oct 04 15:24:49 2007 => Total Errors: 1
Thu Oct 04 15:46:38 2007 => Total Errors: 61
Thu Oct 04 16:08:34 2007 => Total Errors: 54
Thu Oct 04 16:19:36 2007 => Total Errors: 0
Thu Oct 04 16:31:43 2007 => Total Errors: 4
Fri Oct 05 18:52:02 2007 => Total Errors: 48
Sun Oct 14 15:05:23 2007 => Total Errors: 9
Mon Oct 15 15:00:55 2007 => Total Errors: 16
Thu Oct 04 15:22:45 2007 => Time Elapsed: 00:04:51
Thu Oct 04 15:24:49 2007 => Time Elapsed: 00:01:40
Thu Oct 04 15:46:38 2007 => Time Elapsed: 00:18:08
Thu Oct 04 16:08:34 2007 => Time Elapsed: 00:21:45
Thu Oct 04 16:19:36 2007 => Time Elapsed: 00:00:02
Thu Oct 04 16:31:43 2007 => Time Elapsed: 00:12:03
Fri Oct 05 18:52:02 2007 => Time Elapsed: 02:05:24
Sun Oct 14 15:05:23 2007 => Time Elapsed: 00:32:05
Mon Oct 15 15:00:55 2007 => Time Elapsed: 01:18:47
Thu Oct 04 15:22:45 2007 => Total Objects Scanned: 31467
Thu Oct 04 15:24:49 2007 => Total Objects Scanned: 212
Thu Oct 04 15:46:37 2007 => Total Objects Scanned: 38899
Thu Oct 04 16:08:34 2007 => Total Objects Scanned: 48790
Thu Oct 04 16:19:36 2007 => Total Objects Scanned: 32
Thu Oct 04 16:31:43 2007 => Total Objects Scanned: 48968
Fri Oct 05 18:52:02 2007 => Total Objects Scanned: 195048
Sun Oct 14 15:05:23 2007 => Total Objects Scanned: 397070
Mon Oct 15 15:00:55 2007 => Total Objects Scanned: 155151
Thu Oct 04 15:22:45 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 15:22:49 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 15:24:49 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 15:26:20 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 15:28:13 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 15:46:38 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 15:46:41 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 16:08:34 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 16:08:53 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 16:19:31 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 16:19:36 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 16:19:38 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 16:31:43 2007 => Virus Database Date: 9/18/2007
Thu Oct 04 16:36:47 2007 => Virus Database Date: 9/18/2007
Fri Oct 05 16:20:26 2007 => Virus Database Date: 5/28/2007
Fri Oct 05 16:38:59 2007 => Virus Database Date: 5/28/2007
Fri Oct 05 16:44:24 2007 => Virus Database Date: 10/3/2007
Fri Oct 05 18:52:03 2007 => Virus Database Date: 10/3/2007
Sun Oct 14 14:31:53 2007 => Virus Database Date: 10/11/2007
Sun Oct 14 14:32:46 2007 => Virus Database Date: 10/14/2007
Sun Oct 14 15:05:23 2007 => Virus Database Date: 10/14/2007
Sun Oct 14 15:57:00 2007 => Virus Database Date: 10/14/2007
Mon Oct 15 13:41:31 2007 => Virus Database Date: 10/14/2007
Mon Oct 15 13:41:50 2007 => Virus Database Date: 10/15/2007
Mon Oct 15 15:00:55 2007 => Virus Database Date: 10/15/2007
Mon Oct 15 15:46:36 2007 => Virus Database Date: 10/15/2007
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan-Optionen
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thu Oct 04 15:17:53 2007 => Memory Check: Enabled
Thu Oct 04 15:22:54 2007 => Memory Check: Enabled
Thu Oct 04 15:28:23 2007 => Memory Check: Enabled
Thu Oct 04 15:46:46 2007 => Memory Check: Enabled
Thu Oct 04 16:19:34 2007 => Memory Check: Enabled
Thu Oct 04 16:19:41 2007 => Memory Check: Enabled
Fri Oct 05 16:46:07 2007 => Memory Check: Enabled
Sun Oct 14 14:33:15 2007 => Memory Check: Enabled
Mon Oct 15 13:42:03 2007 => Memory Check: Enabled
Thu Oct 04 15:17:53 2007 => Registry Check: Enabled
Thu Oct 04 15:22:54 2007 => Registry Check: Enabled
Thu Oct 04 15:28:23 2007 => Registry Check: Enabled
Thu Oct 04 15:46:46 2007 => Registry Check: Enabled
Thu Oct 04 16:19:34 2007 => Registry Check: Enabled
Thu Oct 04 16:19:41 2007 => Registry Check: Enabled
Fri Oct 05 16:46:07 2007 => Registry Check: Enabled
Sun Oct 14 14:33:15 2007 => Registry Check: Enabled
Mon Oct 15 13:42:03 2007 => Registry Check: Enabled
Thu Oct 04 15:17:53 2007 => StartUp Folder Check: Enabled
Thu Oct 04 15:22:54 2007 => StartUp Folder Check: Enabled
Thu Oct 04 15:28:23 2007 => StartUp Folder Check: Enabled
Thu Oct 04 15:46:46 2007 => StartUp Folder Check: Enabled
Thu Oct 04 16:19:34 2007 => StartUp Folder Check: Enabled
Thu Oct 04 16:19:41 2007 => StartUp Folder Check: Enabled
Fri Oct 05 16:46:07 2007 => StartUp Folder Check: Enabled
Sun Oct 14 14:33:15 2007 => StartUp Folder Check: Enabled
Mon Oct 15 13:42:03 2007 => StartUp Folder Check: Enabled
Thu Oct 04 15:17:53 2007 => System Area Check: Disabled
Thu Oct 04 15:22:54 2007 => System Area Check: Disabled
Thu Oct 04 15:28:23 2007 => System Area Check: Disabled
Thu Oct 04 15:46:46 2007 => System Area Check: Disabled
Thu Oct 04 16:19:34 2007 => System Area Check: Disabled
Thu Oct 04 16:19:41 2007 => System Area Check: Disabled
Fri Oct 05 16:46:07 2007 => System Area Check: Disabled
Sun Oct 14 14:33:15 2007 => System Area Check: Disabled
Mon Oct 15 13:42:03 2007 => System Area Check: Disabled
Thu Oct 04 15:17:53 2007 => Services Check: Enabled
Thu Oct 04 15:22:54 2007 => Services Check: Enabled
Thu Oct 04 15:28:23 2007 => Services Check: Enabled
Thu Oct 04 15:46:46 2007 => Services Check: Enabled
Thu Oct 04 16:19:34 2007 => Services Check: Enabled
Thu Oct 04 16:19:41 2007 => Services Check: Enabled
Fri Oct 05 16:46:07 2007 => Services Check: Enabled
Fri Oct 05 17:25:58 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\checkbox_disabled.png
Fri Oct 05 17:25:58 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\checkbox_selected_disabled.png
Fri Oct 05 17:26:00 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\InputFields\inputField_normal_disabled.png
Fri Oct 05 17:26:00 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\InputFields\inputField_search_disabled.png
Fri Oct 05 17:26:00 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\searchInput_clearText_enabled.png
Fri Oct 05 17:26:33 2007 => Scanning File C:\Programme\eigene\ICQ6\services\icqApp\ver1\theme\IMAGES\Common\IcqOverWriteElem\checkbox_mixed_disabled.png
Sun Oct 14 14:33:15 2007 => Services Check: Enabled
Sun Oct 14 14:40:39 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\checkbox_disabled.png
Sun Oct 14 14:40:39 2007 => ERROR!!! ScanFile fails for C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\checkbox_disabled.png
Sun Oct 14 14:40:39 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\checkbox_selected_disabled.png
Sun Oct 14 14:40:39 2007 => ERROR!!! ScanFile fails for C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\checkbox_selected_disabled.png
Sun Oct 14 14:40:39 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\InputFields\inputField_normal_disabled.png
Sun Oct 14 14:40:39 2007 => ERROR!!! ScanFile fails for C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\InputFields\inputField_normal_disabled.png
Sun Oct 14 14:40:39 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\InputFields\inputField_search_disabled.png
Sun Oct 14 14:40:39 2007 => ERROR!!! ScanFile fails for C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\InputFields\inputField_search_disabled.png
Sun Oct 14 14:40:39 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\searchInput_clearText_enabled.png
Sun Oct 14 14:40:39 2007 => ERROR!!! ScanFile fails for C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\searchInput_clearText_enabled.png
Sun Oct 14 14:40:42 2007 => Scanning File C:\Programme\eigene\ICQ6\services\icqApp\ver1\theme\IMAGES\Common\IcqOverWriteElem\checkbox_mixed_disabled.png
Sun Oct 14 14:40:42 2007 => ERROR!!! ScanFile fails for C:\Programme\eigene\ICQ6\services\icqApp\ver1\theme\IMAGES\Common\IcqOverWriteElem\checkbox_mixed_disabled.png
Mon Oct 15 13:42:03 2007 => Services Check: Enabled
Mon Oct 15 14:04:01 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\checkbox_disabled.png
Mon Oct 15 14:04:01 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\checkbox_selected_disabled.png
Mon Oct 15 14:04:02 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\InputFields\inputField_normal_disabled.png
Mon Oct 15 14:04:02 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\InputFields\inputField_search_disabled.png
Mon Oct 15 14:04:02 2007 => Scanning File C:\Programme\eigene\ICQ6\services\boxelyToolkit\VER1_12_2_1\theme\images\searchInput_clearText_enabled.png
Mon Oct 15 14:04:38 2007 => Scanning File C:\Programme\eigene\ICQ6\services\icqApp\ver1\theme\IMAGES\Common\IcqOverWriteElem\checkbox_mixed_disabled.png
Thu Oct 04 15:17:53 2007 => Drive Check Option Disabled
Thu Oct 04 15:22:54 2007 => Drive Check Option Disabled
Thu Oct 04 15:28:23 2007 => Drive Check Option Disabled
Thu Oct 04 15:46:46 2007 => Drive Check Option Disabled
Thu Oct 04 16:19:34 2007 => Drive Check Option Disabled
Thu Oct 04 16:19:41 2007 => Drive Check Option Disabled
Fri Oct 05 16:46:07 2007 => Drive Check: Disabled
Fri Oct 05 16:46:07 2007 => All Drive Check :Enabled
Fri Oct 05 18:33:56 2007 => Scanning File D:\Windows\winsxs\Manifests\x86_microsoft-windows-tabledriventextservice_31bf3856ad364e35_6.0.6000.16386_none_e534957594063d30.manifest
Sun Oct 14 14:33:15 2007 => Drive Check: Disabled
Sun Oct 14 14:33:15 2007 => All Drive Check :Enabled
Sun Oct 14 14:50:50 2007 => Scanning File D:\Windows\winsxs\Manifests\x86_microsoft-windows-tabledriventextservice_31bf3856ad364e35_6.0.6000.16386_none_e534957594063d30.manifest
Sun Oct 14 14:50:50 2007 => ERROR!!! ScanFile fails for D:\Windows\winsxs\Manifests\x86_microsoft-windows-tabledriventextservice_31bf3856ad364e35_6.0.6000.16386_none_e534957594063d30.manifest
Mon Oct 15 13:42:03 2007 => Drive Check: Enabled
Mon Oct 15 13:42:03 2007 => All Drive Check :Disabled
Fri Oct 05 16:46:07 2007 => All Drive Check :Enabled
Sun Oct 14 14:33:15 2007 => All Drive Check :Enabled
Mon Oct 15 13:42:03 2007 => All Drive Check :Disabled

undoreal 16.10.2007 05:25
:teufel1:


Schädlinge im Ordner der Systemwiederherstellung:

* Deaktiviere die Systemwiederherstellung -> So wird es gemacht.
* Danach das System neu starten, und mit deinem AV-Scanner nach dem Neustart
alles überprüfen.
(Systemwiederherstellung kann nun wieder aktiviert werden.)

candelaver 16.10.2007 09:12
Morgen Undoreal,

zunächst Danke für deine Umfangreiche Hilfe.

1.) Systemwiederherstellung hatte ich bereits deaktiviert.
2.) habe mit Safeboot-minimal den Rechner in den Abgesicherten Modus neugestartet.

3.) Mein Panda Internet Security 2008 musste ich abgesicherten Modus von Hand starten und auch die integrierten Module.

4) die Panda Module Schutz vor bekannten Bedrohungen und Firewall Schutz
meldeten nach dem manuellen Start Fehler.

unter Windows XP im Normalbetrieb sind diese Module ordnungsgemäß im Dienst. Kann es sein das Panda bei Minimal Konfiguration diese Element nicht startet ?

5) es ist trotzdem Möglich mit Panda den Desktop zu Scannen.

6) Würdest du eine Alternative AV Software für den abgesicherten Modus empfehlen ?

Danke dir

undoreal 16.10.2007 16:01
Hä?

Zitat:
und mit deinem AV-Scanner nach dem Neustart
alles überprüfen.
der scanner soll nicht im abgesicherten Modus laufen!

Nach dem Abschalten der Systemwiederherstellung + Reboot sollte dein Rechner sauber sein

candelaver 16.10.2007 16:49
Ups Ah Ok ,
das war wohl ein wenig zu früh für mich der Sacnner ist im abgesicherten Modus durchgleaufen und war erfolgreich.

ich lasse den Scanner dann nochmals so im Normal Betrieb laufen.

candelaver 16.10.2007 18:35
der Scanner ist diesmal im Normalen Betrieb von Xp durchgelaufen.
und es sieht sehr gut aus, es blieben nur der Crack und der Keygen übrig, alles Infektionen etc. wurden bereits beim Scan im abgesicherten Modus entfernt.

Im Normalbetrieb lief der Scanner halt schneller durch.

ist es im Normalfall nicht besser im abgesicherten Modus zu scannen??



bye


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:40 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131