Das hier ist das Antivir-Log vom aggressiven Durchlauf, ich denke der hat dort einiges in Quarantäne geschoben, was da nicht hingehört....
Zitat:
Avira AntiVir Personal
Report file date: Montag, 20. April 2009 12:58
Scanning for 1357813 virus strains and unwanted programs.
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 2) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : X-TFM6HGSIRGD2B
Version information:
BUILD.DAT : 9.0.0.387 17962 Bytes 24.03.2009 11:04:00
AVSCAN.EXE : 9.0.3.3 464641 Bytes 24.02.2009 10:13:26
AVSCAN.DLL : 9.0.3.0 40705 Bytes 27.02.2009 08:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 20.02.2009 09:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 27.02.2009 08:58:52
ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27.10.2008 10:30:36
ANTIVIR1.VDF : 7.1.2.12 3336192 Bytes 11.02.2009 18:33:26
ANTIVIR2.VDF : 7.1.3.63 1588224 Bytes 16.04.2009 21:34:34
ANTIVIR3.VDF : 7.1.3.77 46592 Bytes 20.04.2009 10:56:02
Engineversion : 8.2.0.148
AEVDF.DLL : 8.1.1.0 106868 Bytes 27.01.2009 15:36:42
AESCRIPT.DLL : 8.1.1.75 373113 Bytes 19.04.2009 21:34:36
AESCN.DLL : 8.1.1.10 127348 Bytes 19.04.2009 21:34:36
AERDL.DLL : 8.1.1.3 438645 Bytes 29.10.2008 16:24:41
AEPACK.DLL : 8.1.3.14 397685 Bytes 19.04.2009 21:34:36
AEOFFICE.DLL : 8.1.0.36 196987 Bytes 26.02.2009 18:01:56
AEHEUR.DLL : 8.1.0.119 1724791 Bytes 19.04.2009 21:34:35
AEHELP.DLL : 8.1.2.2 119158 Bytes 26.02.2009 18:01:56
AEGEN.DLL : 8.1.1.36 340341 Bytes 19.04.2009 21:34:35
AEEMU.DLL : 8.1.0.9 393588 Bytes 09.10.2008 12:32:40
AECORE.DLL : 8.1.6.9 176500 Bytes 19.04.2009 21:34:34
AEBB.DLL : 8.1.0.3 53618 Bytes 09.10.2008 12:32:40
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12.12.2008 06:47:59
AVPREF.DLL : 9.0.0.1 43777 Bytes 05.12.2008 08:32:15
AVREP.DLL : 8.0.0.3 155905 Bytes 20.01.2009 12:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 05.12.2008 08:32:09
AVARKT.DLL : 9.0.0.1 292609 Bytes 09.02.2009 05:52:24
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30.01.2009 08:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 28.01.2009 13:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02.02.2009 06:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 05.12.2008 08:32:10
RCIMAGE.DLL : 9.0.0.21 2438401 Bytes 09.02.2009 09:45:45
RCTEXT.DLL : 9.0.35.0 87297 Bytes 11.03.2009 13:55:12
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\programme\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, F:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,
Start of the scan: Montag, 20. April 2009 12:58
Starting search for hidden objects.
'52571' objects were checked, '0' hidden objects were found.
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'epmworker.exe' - '1' Module(s) have been scanned
Scan process 'Generic.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ir.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'SUPERAntiSpyware.exe' - '1' Module(s) have been scanned
Scan process 'daemon.exe' - '1' Module(s) have been scanned
Scan process 'Wallpaper.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'EPGClient.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'vsnpstd.exe' - '1' Module(s) have been scanned
Scan process 'EM_EXEC.EXE' - '1' Module(s) have been scanned
Scan process 'Application Launcher.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'CTHELPER.EXE' - '1' Module(s) have been scanned
Scan process 'CTDVDDET.exe' - '1' Module(s) have been scanned
Scan process 'CTSysVol.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'EPGService.exe' - '1' Module(s) have been scanned
Scan process 'CTSVCCDA.EXE' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
50 processes with 50 modules were scanned
Starting master boot sector scan:
Start scanning boot sectors:
Starting to scan executable files (registry).
The registry was scanned ( '60' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Dokumente und Einstellungen\X\Desktop\SmitfraudFix.exe
[0] Archive type: RAR SFX (self extracting)
--> SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
--> SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
C:\Dokumente und Einstellungen\X\Desktop\SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
C:\Dokumente und Einstellungen\X\Desktop\SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
C:\Programme\MAGIX\Foto_Manager_2008\Fotobuch\setup.exe
[0] Archive type: NSIS
--> Settings/process.exe
[DETECTION] Contains recognition pattern of the APPL/PrcView.A application
C:\Programme\MAGIX\MAGIX-Fotobuch\xtras\process.exe
[DETECTION] Contains recognition pattern of the APPL/PrcView.A application
C:\Programme\Mozilla Firefox\SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
C:\Programme\Mozilla Firefox\SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
C:\WINDOWS\system32\drivers\sptd.sys
[WARNING] The file could not be opened!
Begin scan in 'F:\' <Datenmeister>
Beginning disinfection:
C:\Dokumente und Einstellungen\X\Desktop\SmitfraudFix.exe
[NOTE] The file was moved to '4a556e3f.qua'!
C:\Dokumente und Einstellungen\X\Desktop\SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
[NOTE] The file was moved to '4a4e6e37.qua'!
C:\Dokumente und Einstellungen\X\Desktop\SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '4a5f6e37.qua'!
C:\Programme\MAGIX\Foto_Manager_2008\Fotobuch\setup.exe
[NOTE] The file was moved to '4a606e37.qua'!
C:\Programme\MAGIX\MAGIX-Fotobuch\xtras\process.exe
[DETECTION] Contains recognition pattern of the APPL/PrcView.A application
[NOTE] The file was moved to '4a5b6e44.qua'!
C:\Programme\Mozilla Firefox\SmitfraudFix\Reboot.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Reboot.F program
[NOTE] The file was moved to '4a4e6e38.qua'!
C:\Programme\Mozilla Firefox\SmitfraudFix\restart.exe
[DETECTION] Contains recognition pattern of the SPR/Tool.Hardoff.A program
[NOTE] The file was moved to '4a5f6e38.qua'!
End of the scan: Montag, 20. April 2009 14:42
Used time: 1:43:55 Hour(s)
The scan has been done completely.
9118 Scanned directories
378834 Files were scanned
8 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
7 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
378824 Files not concerned
3037 Archives were scanned
2 Warnings
8 Notes
52571 Objects were scanned with rootkit scan
0 Hidden objects were found
|
20.04.2009, 13:45
Baum-Darstellung