| |
| |||||||
Log-Analyse und Auswertung: TR/spy.zBot.kumd in C:/Dokumente und Einstellungen/Laptop/Anwendungsdaten/EglateWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
23.05.2013, 22:35
| #1 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  TR/spy.zBot.kumd in C:/Dokumente und Einstellungen/Laptop/Anwendungsdaten/Eglate Hallo und  Zitat:
Oder ist das rein zufällig ein Büro-/Firmen-PC bzw. ein Uni-Rechner? Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
26.05.2013, 14:10
| #2 | ||
| | TR/spy.zBot.kumd in C:/Dokumente und Einstellungen/Laptop/Anwendungsdaten/Eglate Super, dass du mir hilfst!
__________________ Zitat:
Zitat:
Code:
ATTFilter
Avira Free Antivirus
Report file date: Donnerstag, 25. April 2013 18:33
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Microsoft Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : Laptop
Computer name : THINKPAD-1F443C
Version information:
BUILD.DAT : 13.0.0.3499 49286 Bytes 19.03.2013 16:37:00
AVSCAN.EXE : 13.6.0.986 639712 Bytes 13.04.2013 09:41:03
AVSCANRC.DLL : 13.4.0.360 54560 Bytes 13.04.2013 09:41:03
LUKE.DLL : 13.6.0.902 67808 Bytes 13.04.2013 09:41:31
AVSCPLR.DLL : 13.6.0.986 94944 Bytes 13.04.2013 09:42:21
AVREG.DLL : 13.6.0.940 250592 Bytes 13.04.2013 09:42:21
avlode.dll : 13.6.2.940 434912 Bytes 13.04.2013 09:41:01
avlode.rdf : 13.0.0.46 15591 Bytes 13.04.2013 09:42:22
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 22:27:23
VBASE001.VDF : 7.11.70.1 2048 Bytes 04.04.2013 22:27:24
VBASE002.VDF : 7.11.70.2 2048 Bytes 04.04.2013 22:27:24
VBASE003.VDF : 7.11.70.3 2048 Bytes 04.04.2013 22:27:24
VBASE004.VDF : 7.11.70.4 2048 Bytes 04.04.2013 22:27:24
VBASE005.VDF : 7.11.70.5 2048 Bytes 04.04.2013 22:27:24
VBASE006.VDF : 7.11.70.6 2048 Bytes 04.04.2013 22:27:24
VBASE007.VDF : 7.11.70.7 2048 Bytes 04.04.2013 22:27:25
VBASE008.VDF : 7.11.70.8 2048 Bytes 04.04.2013 22:27:25
VBASE009.VDF : 7.11.70.9 2048 Bytes 04.04.2013 22:27:25
VBASE010.VDF : 7.11.70.10 2048 Bytes 04.04.2013 22:27:25
VBASE011.VDF : 7.11.70.11 2048 Bytes 04.04.2013 22:27:25
VBASE012.VDF : 7.11.70.12 2048 Bytes 04.04.2013 22:27:25
VBASE013.VDF : 7.11.70.13 2048 Bytes 04.04.2013 22:27:25
VBASE014.VDF : 7.11.70.103 136192 Bytes 05.04.2013 20:16:33
VBASE015.VDF : 7.11.70.183 183808 Bytes 06.04.2013 20:16:34
VBASE016.VDF : 7.11.71.9 145920 Bytes 08.04.2013 21:10:24
VBASE017.VDF : 7.11.71.115 169472 Bytes 10.04.2013 11:47:48
VBASE018.VDF : 7.11.71.197 172544 Bytes 11.04.2013 11:47:48
VBASE019.VDF : 7.11.72.17 135168 Bytes 12.04.2013 11:47:49
VBASE020.VDF : 7.11.72.103 158208 Bytes 15.04.2013 10:33:39
VBASE021.VDF : 7.11.72.137 152064 Bytes 15.04.2013 10:33:58
VBASE022.VDF : 7.11.72.223 159232 Bytes 16.04.2013 12:21:57
VBASE023.VDF : 7.11.73.59 204288 Bytes 18.04.2013 16:00:08
VBASE024.VDF : 7.11.73.133 164864 Bytes 19.04.2013 19:44:18
VBASE025.VDF : 7.11.73.201 225792 Bytes 22.04.2013 09:26:07
VBASE026.VDF : 7.11.73.251 161280 Bytes 23.04.2013 19:49:44
VBASE027.VDF : 7.11.74.55 126976 Bytes 24.04.2013 14:39:09
VBASE028.VDF : 7.11.74.56 2048 Bytes 24.04.2013 14:39:09
VBASE029.VDF : 7.11.74.57 2048 Bytes 24.04.2013 14:39:09
VBASE030.VDF : 7.11.74.58 2048 Bytes 24.04.2013 14:39:09
VBASE031.VDF : 7.11.74.98 178176 Bytes 25.04.2013 16:26:33
Engine version : 8.2.12.32
AEVDF.DLL : 8.1.2.10 102772 Bytes 08.10.2012 12:34:46
AESCRIPT.DLL : 8.1.4.108 483709 Bytes 25.04.2013 14:15:44
AESCN.DLL : 8.1.10.4 131446 Bytes 27.03.2013 12:41:16
AESBX.DLL : 8.2.5.12 606578 Bytes 17.06.2012 14:28:36
AERDL.DLL : 8.2.0.88 643444 Bytes 11.01.2013 12:15:25
AEPACK.DLL : 8.3.2.6 827767 Bytes 02.04.2013 17:14:58
AEOFFICE.DLL : 8.1.2.56 205180 Bytes 11.03.2013 18:55:19
AEHEUR.DLL : 8.1.4.318 5894521 Bytes 25.04.2013 14:15:41
AEHELP.DLL : 8.1.25.2 258423 Bytes 11.10.2012 23:00:54
AEGEN.DLL : 8.1.7.2 442741 Bytes 27.03.2013 12:41:12
AEEXP.DLL : 8.4.0.24 196982 Bytes 25.04.2013 14:15:45
AEEMU.DLL : 8.1.3.2 393587 Bytes 08.10.2012 12:34:41
AECORE.DLL : 8.1.31.2 201080 Bytes 06.03.2013 00:00:14
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 21:22:52
AVWINLL.DLL : 13.6.0.480 26480 Bytes 13.04.2013 09:40:15
AVPREF.DLL : 13.6.0.480 51056 Bytes 13.04.2013 09:41:02
AVREP.DLL : 13.6.0.480 178544 Bytes 13.04.2013 09:42:21
AVARKT.DLL : 13.6.0.902 260832 Bytes 13.04.2013 09:40:53
AVEVTLOG.DLL : 13.6.0.902 167648 Bytes 13.04.2013 09:40:56
SQLITE3.DLL : 3.7.0.1 397704 Bytes 13.04.2013 09:41:54
AVSMTP.DLL : 13.6.0.480 62832 Bytes 13.04.2013 09:41:05
NETNT.DLL : 13.6.0.480 16240 Bytes 13.04.2013 09:41:41
RCIMAGE.DLL : 13.4.0.360 4782880 Bytes 13.04.2013 09:40:17
RCTEXT.DLL : 13.6.0.976 67296 Bytes 13.04.2013 09:40:17
Configuration settings for the scan:
Jobname.............................: Local Drives
Configuration file..................: c:\programme\avira\antivir desktop\alldrives.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Deviating risk categories...........: +APPL,+JOKE,+PCK,+SPR,
Start of the scan: Donnerstag, 25. April 2013 18:33
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
The scan of running processes will be started:
Scan process 'taskmgr.exe' - '36' Module(s) have been scanned
Scan process 'avscan.exe' - '93' Module(s) have been scanned
Scan process 'avcenter.exe' - '83' Module(s) have been scanned
Scan process 'ccc.exe' - '159' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '45' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'SMAgent.exe' - '14' Module(s) have been scanned
Scan process 'c2c_service.exe' - '31' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '21' Module(s) have been scanned
Scan process 'NLSSRV32.EXE' - '14' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '36' Module(s) have been scanned
Scan process 'ctfmon.exe' - '26' Module(s) have been scanned
Scan process 'jqs.exe' - '88' Module(s) have been scanned
Scan process 'avgnt.exe' - '66' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '23' Module(s) have been scanned
Scan process 'MOM.EXE' - '54' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '16' Module(s) have been scanned
Scan process 'TpScrex.exe' - '30' Module(s) have been scanned
Scan process 'SMax4PNP.exe' - '33' Module(s) have been scanned
Scan process 'TPONSCR.exe' - '29' Module(s) have been scanned
Scan process 'acs.exe' - '49' Module(s) have been scanned
Scan process 'tposdsvc.exe' - '44' Module(s) have been scanned
Scan process 'TPHKSVC.exe' - '38' Module(s) have been scanned
Scan process 'TPHKLOAD.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'sched.exe' - '40' Module(s) have been scanned
Scan process 'spoolsv.exe' - '56' Module(s) have been scanned
Scan process 'Explorer.EXE' - '125' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '38' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '160' Module(s) have been scanned
Scan process 'svchost.exe' - '39' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '29' Module(s) have been scanned
Scan process 'ibmpmsvc.exe' - '11' Module(s) have been scanned
Scan process 'avshadow.exe' - '18' Module(s) have been scanned
Scan process 'avguard.exe' - '62' Module(s) have been scanned
Scan process 'lsass.exe' - '63' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '92' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '5512' files ).
Starting the file scan:
Begin scan in 'C:\' <WinXP>
Begin scan in 'D:\'
Search path D:\ could not be opened!
System error [21]: Das Gerät ist nicht bereit.
End of the scan: Donnerstag, 25. April 2013 22:15
Used time: 3:42:06 Hour(s)
The scan has been done completely.
9855 Scanned directories
435557 Files were scanned
0 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
435557 Files not concerned
4888 Archives were scanned
0 Warnings
0 Notes
Aber dann hat meine Frau erstmal die Registry gereinigt und unbenutzte Programme gelöscht. Der Laptop ging aber immer nur schlechter, also habe ich einen zweiten Anlauf gemacht, die Scans ein zweites Mal gemacht und Avira Filewalker nochmal drüber laufen lassen: Code:
ATTFilter
Avira Free Antivirus
Report file date: Montag, 20. Mai 2013 19:47
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Microsoft Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : THINKPAD-1F443C
Version information:
BUILD.DAT : 13.0.0.3640 54852 Bytes 18.04.2013 13:36:00
AVSCAN.EXE : 13.6.0.1262 636984 Bytes 07.05.2013 09:36:12
AVSCANRC.DLL : 13.4.0.360 54560 Bytes 13.04.2013 09:41:03
LUKE.DLL : 13.6.0.1262 65080 Bytes 07.05.2013 09:36:45
AVSCPLR.DLL : 13.6.0.1262 92216 Bytes 07.05.2013 09:36:12
AVREG.DLL : 13.6.0.1262 247864 Bytes 07.05.2013 09:36:10
avlode.dll : 13.6.2.1262 432184 Bytes 07.05.2013 09:36:10
avlode.rdf : 13.0.1.12 25921 Bytes 16.05.2013 15:30:35
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 22:27:23
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 21:37:22
VBASE002.VDF : 7.11.74.227 2048 Bytes 30.04.2013 21:37:22
VBASE003.VDF : 7.11.74.228 2048 Bytes 30.04.2013 21:37:22
VBASE004.VDF : 7.11.74.229 2048 Bytes 30.04.2013 21:37:22
VBASE005.VDF : 7.11.74.230 2048 Bytes 30.04.2013 21:37:22
VBASE006.VDF : 7.11.74.231 2048 Bytes 30.04.2013 21:37:22
VBASE007.VDF : 7.11.74.232 2048 Bytes 30.04.2013 21:37:22
VBASE008.VDF : 7.11.74.233 2048 Bytes 30.04.2013 21:37:23
VBASE009.VDF : 7.11.74.234 2048 Bytes 30.04.2013 21:37:23
VBASE010.VDF : 7.11.74.235 2048 Bytes 30.04.2013 21:37:23
VBASE011.VDF : 7.11.74.236 2048 Bytes 30.04.2013 21:37:23
VBASE012.VDF : 7.11.74.237 2048 Bytes 30.04.2013 21:37:23
VBASE013.VDF : 7.11.74.238 2048 Bytes 30.04.2013 21:37:23
VBASE014.VDF : 7.11.75.97 181248 Bytes 02.05.2013 09:33:56
VBASE015.VDF : 7.11.75.183 217600 Bytes 03.05.2013 22:22:18
VBASE016.VDF : 7.11.76.27 183808 Bytes 04.05.2013 13:20:41
VBASE017.VDF : 7.11.76.101 194048 Bytes 06.05.2013 17:20:41
VBASE018.VDF : 7.11.76.213 163328 Bytes 07.05.2013 22:33:33
VBASE019.VDF : 7.11.77.41 134656 Bytes 08.05.2013 20:32:48
VBASE020.VDF : 7.11.77.145 141312 Bytes 10.05.2013 12:47:59
VBASE021.VDF : 7.11.77.225 155648 Bytes 12.05.2013 12:32:50
VBASE022.VDF : 7.11.78.21 202752 Bytes 13.05.2013 14:04:41
VBASE023.VDF : 7.11.78.71 140800 Bytes 13.05.2013 09:52:08
VBASE024.VDF : 7.11.78.147 167936 Bytes 15.05.2013 19:30:42
VBASE025.VDF : 7.11.78.207 147456 Bytes 16.05.2013 15:30:14
VBASE026.VDF : 7.11.79.17 198656 Bytes 17.05.2013 20:23:33
VBASE027.VDF : 7.11.79.81 251392 Bytes 20.05.2013 13:11:11
VBASE028.VDF : 7.11.79.82 2048 Bytes 20.05.2013 13:11:11
VBASE029.VDF : 7.11.79.83 2048 Bytes 20.05.2013 13:11:11
VBASE030.VDF : 7.11.79.84 2048 Bytes 20.05.2013 13:11:11
VBASE031.VDF : 7.11.79.94 14848 Bytes 20.05.2013 17:41:57
Engine version : 8.2.12.44
AEVDF.DLL : 8.1.2.10 102772 Bytes 08.10.2012 12:34:46
AESCRIPT.DLL : 8.1.4.116 487805 Bytes 16.05.2013 15:30:33
AESCN.DLL : 8.1.10.4 131446 Bytes 27.03.2013 12:41:16
AESBX.DLL : 8.2.5.12 606578 Bytes 17.06.2012 14:28:36
AERDL.DLL : 8.2.0.88 643444 Bytes 11.01.2013 12:15:25
AEPACK.DLL : 8.3.2.12 754040 Bytes 08.05.2013 14:28:11
AEOFFICE.DLL : 8.1.2.56 205180 Bytes 11.03.2013 18:55:19
AEHEUR.DLL : 8.1.4.368 5943673 Bytes 16.05.2013 15:30:31
AEHELP.DLL : 8.1.25.10 258425 Bytes 08.05.2013 14:28:02
AEGEN.DLL : 8.1.7.4 442741 Bytes 08.05.2013 14:28:02
AEEXP.DLL : 8.4.0.30 201078 Bytes 16.05.2013 15:30:34
AEEMU.DLL : 8.1.3.2 393587 Bytes 08.10.2012 12:34:41
AECORE.DLL : 8.1.31.2 201080 Bytes 06.03.2013 00:00:14
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 21:22:52
AVWINLL.DLL : 13.6.0.480 26480 Bytes 13.04.2013 09:40:15
AVPREF.DLL : 13.6.0.480 51056 Bytes 13.04.2013 09:41:02
AVREP.DLL : 13.6.0.480 178544 Bytes 13.04.2013 09:42:21
AVARKT.DLL : 13.6.0.1262 258104 Bytes 07.05.2013 09:36:05
AVEVTLOG.DLL : 13.6.0.1262 164920 Bytes 07.05.2013 09:36:08
SQLITE3.DLL : 3.7.0.1 397704 Bytes 13.04.2013 09:41:54
AVSMTP.DLL : 13.6.0.480 62832 Bytes 13.04.2013 09:41:05
NETNT.DLL : 13.6.0.480 16240 Bytes 13.04.2013 09:41:41
RCIMAGE.DLL : 13.4.0.360 4782880 Bytes 13.04.2013 09:40:17
RCTEXT.DLL : 13.6.0.976 67296 Bytes 13.04.2013 09:40:17
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\programme\avira\antivir desktop\sysscan.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Deviating risk categories...........: +APPL,+JOKE,+PCK,+SPR,
Start of the scan: Montag, 20. Mai 2013 19:47
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Starting search for hidden objects.
The scan of running processes will be started:
Scan process 'msdtc.exe' - '40' Module(s) have been scanned
Scan process 'dllhost.exe' - '60' Module(s) have been scanned
Scan process 'dllhost.exe' - '45' Module(s) have been scanned
Scan process 'vssvc.exe' - '48' Module(s) have been scanned
Scan process 'avscan.exe' - '96' Module(s) have been scanned
Scan process 'avcenter.exe' - '70' Module(s) have been scanned
Scan process 'alg.exe' - '33' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '45' Module(s) have been scanned
Scan process 'ccc.exe' - '158' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'SMAgent.exe' - '14' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '36' Module(s) have been scanned
Scan process 'c2c_service.exe' - '31' Module(s) have been scanned
Scan process 'ctfmon.exe' - '26' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '21' Module(s) have been scanned
Scan process 'avgnt.exe' - '64' Module(s) have been scanned
Scan process 'NLSSRV32.EXE' - '14' Module(s) have been scanned
Scan process 'MOM.EXE' - '54' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '23' Module(s) have been scanned
Scan process 'jqs.exe' - '88' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '16' Module(s) have been scanned
Scan process 'SMax4PNP.exe' - '32' Module(s) have been scanned
Scan process 'acs.exe' - '49' Module(s) have been scanned
Scan process 'svchost.exe' - '34' Module(s) have been scanned
Scan process 'sched.exe' - '40' Module(s) have been scanned
Scan process 'spoolsv.exe' - '56' Module(s) have been scanned
Scan process 'Explorer.EXE' - '104' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '32' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '38' Module(s) have been scanned
Scan process 'EvtEng.exe' - '55' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '32' Module(s) have been scanned
Scan process 'svchost.exe' - '162' Module(s) have been scanned
Scan process 'svchost.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '51' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '29' Module(s) have been scanned
Scan process 'ibmpmsvc.exe' - '11' Module(s) have been scanned
Scan process 'avshadow.exe' - '26' Module(s) have been scanned
Scan process 'avguard.exe' - '62' Module(s) have been scanned
Scan process 'lsass.exe' - '63' Module(s) have been scanned
Scan process 'services.exe' - '27' Module(s) have been scanned
Scan process 'winlogon.exe' - '85' Module(s) have been scanned
Scan process 'csrss.exe' - '12' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Starting to scan executable files (registry):
The registry was scanned ( '853' files ).
Starting the file scan:
Begin scan in 'C:\' <WinXP>
[0] Archive type: Runtime Packed
--> C:\Dokumente und Einstellungen\Laptop\Eigene Dateien\Downloads\jre-7u21-windows-i586-iftw.exe
[1] Archive type: Runtime Packed
--> C:\Dokumente und Einstellungen\Laptop\Lokale Einstellungen\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\41\24ae3ae9-38b99e99
[2] Archive type: ZIP
--> Bottom.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.bzw Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom010.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.cah Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom011.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.bzx Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom012.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.bzy Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom013.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.bzz Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom014.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.caa Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom02.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.cai Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom03.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.cab Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom04.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.cac Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom05.class
[DETECTION] Contains recognition pattern of the EXP/CVE-2013-0431.BT exploit
[WARNING] Infected files in archives cannot be repaired
--> Bottom06.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.cad Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom07.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.cae Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom08.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.caj Java virus
[WARNING] Infected files in archives cannot be repaired
--> Bottom09.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.caf Java virus
[WARNING] Infected files in archives cannot be repaired
--> hw.class
[DETECTION] Contains recognition pattern of the JAVA/Jogek.cak Java virus
[WARNING] Infected files in archives cannot be repaired
C:\Dokumente und Einstellungen\Laptop\Lokale Einstellungen\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\41\24ae3ae9-38b99e99
[DETECTION] Contains recognition pattern of the JAVA/Jogek.cak Java virus
Beginning disinfection:
C:\Dokumente und Einstellungen\Laptop\Lokale Einstellungen\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\41\24ae3ae9-38b99e99
[DETECTION] Contains recognition pattern of the JAVA/Jogek.cak Java virus
[NOTE] The file was moved to the quarantine directory under the name '57d50c67.qua'!
End of the scan: Dienstag, 21. Mai 2013 00:46
Used time: 3:36:06 Hour(s)
The scan has been done completely.
9321 Scanned directories
373374 Files were scanned
16 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
373358 Files not concerned
4274 Archives were scanned
15 Warnings
1 Notes
661086 Objects were scanned with rootkit scan
0 Hidden objects were found
Nicola Geändert von Nicola Sacco (26.05.2013 um 14:12 Uhr) Grund: hatte mich verschrieben |
|
| Themen zu TR/spy.zBot.kumd in C:/Dokumente und Einstellungen/Laptop/Anwendungsdaten/Eglate |
| 32 bit, ad-ons, adobe, adobe reader xi, avira, computer, computern, converter, dvdvideosoft ltd., euro, excel, explorer, firefox, flash player, format, internet browser, java/jogek.cak, logfile, mozilla, msiinstaller, ntdll.dll, opera, plug-in, registry, security, seiten, software, spontaner neustart, spybot, system, thinkpad, total commander, tr/spy.zbot.kumd, trojaner, udp, windows internet |
Hybrid-Darstellung
