| Sushimaster | 06.08.2013 10:27 |
TR/Agent hab ich mir eingefangen :I
Moin liebe Trojaner und Trojanerinnen ^^
Ich hab mir gestern den TR/Agent 6417.1 geholt und würde gerne wissen wie ich den loswerde.
Log: Code:
Avira Free Antivirus
Report file date: Dienstag, 6. August 2013 11:18
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira Free Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows 7 Home Premium
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Username : Sascha
Computer name : USER-PC
Version information:
BUILD.DAT : 13.0.0.3885 54851 Bytes 01.08.2013 14:44:00
AVSCAN.EXE : 13.6.0.1722 634936 Bytes 03.07.2013 15:24:34
AVSCANRC.DLL : 13.6.0.1550 52280 Bytes 03.07.2013 15:24:34
LUKE.DLL : 13.6.0.1550 65080 Bytes 03.07.2013 15:24:44
AVSCPLR.DLL : 13.6.0.1712 92216 Bytes 03.07.2013 15:24:34
AVREG.DLL : 13.6.0.1550 247864 Bytes 03.07.2013 15:24:33
avlode.dll : 13.6.2.1704 449592 Bytes 03.07.2013 15:24:33
avlode.rdf : 13.0.1.22 26240 Bytes 11.07.2013 12:28:36
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 07:34:43
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 13:46:13
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 16:12:57
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 15:48:35
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 10:33:07
VBASE005.VDF : 7.11.91.177 2048 Bytes 23.07.2013 10:33:07
VBASE006.VDF : 7.11.91.178 2048 Bytes 23.07.2013 10:33:07
VBASE007.VDF : 7.11.91.179 2048 Bytes 23.07.2013 10:33:07
VBASE008.VDF : 7.11.91.180 2048 Bytes 23.07.2013 10:33:07
VBASE009.VDF : 7.11.91.181 2048 Bytes 23.07.2013 10:33:07
VBASE010.VDF : 7.11.91.182 2048 Bytes 23.07.2013 10:33:07
VBASE011.VDF : 7.11.91.183 2048 Bytes 23.07.2013 10:33:07
VBASE012.VDF : 7.11.91.184 2048 Bytes 23.07.2013 10:33:08
VBASE013.VDF : 7.11.92.32 156160 Bytes 24.07.2013 09:52:31
VBASE014.VDF : 7.11.92.147 168960 Bytes 25.07.2013 12:18:23
VBASE015.VDF : 7.11.93.93 419328 Bytes 28.07.2013 13:17:35
VBASE016.VDF : 7.11.93.170 1403392 Bytes 29.07.2013 15:55:31
VBASE017.VDF : 7.11.94.31 222208 Bytes 31.07.2013 18:04:28
VBASE018.VDF : 7.11.94.141 273408 Bytes 03.08.2013 11:12:50
VBASE019.VDF : 7.11.94.203 200192 Bytes 04.08.2013 10:30:26
VBASE020.VDF : 7.11.95.8 1925632 Bytes 05.08.2013 16:30:22
VBASE021.VDF : 7.11.95.81 203776 Bytes 06.08.2013 09:14:42
VBASE022.VDF : 7.11.95.82 2048 Bytes 06.08.2013 09:14:42
VBASE023.VDF : 7.11.95.83 2048 Bytes 06.08.2013 09:14:42
VBASE024.VDF : 7.11.95.84 2048 Bytes 06.08.2013 09:14:42
VBASE025.VDF : 7.11.95.85 2048 Bytes 06.08.2013 09:14:42
VBASE026.VDF : 7.11.95.86 2048 Bytes 06.08.2013 09:14:42
VBASE027.VDF : 7.11.95.87 2048 Bytes 06.08.2013 09:14:42
VBASE028.VDF : 7.11.95.88 2048 Bytes 06.08.2013 09:14:42
VBASE029.VDF : 7.11.95.89 2048 Bytes 06.08.2013 09:14:42
VBASE030.VDF : 7.11.95.90 2048 Bytes 06.08.2013 09:14:42
VBASE031.VDF : 7.11.95.92 30208 Bytes 06.08.2013 09:14:42
Engine version : 8.2.12.94
AEVDF.DLL : 8.1.3.4 102774 Bytes 13.06.2013 17:39:11
AESCRIPT.DLL : 8.1.4.136 504190 Bytes 26.07.2013 09:56:55
AESCN.DLL : 8.1.10.4 131446 Bytes 05.04.2013 07:37:47
AESBX.DLL : 8.2.5.12 606578 Bytes 28.08.2012 15:58:06
AERDL.DLL : 8.2.0.128 688504 Bytes 13.06.2013 17:39:10
AEPACK.DLL : 8.3.2.24 749945 Bytes 20.06.2013 15:59:29
AEOFFICE.DLL : 8.1.2.74 205181 Bytes 26.07.2013 09:56:55
AEHEUR.DLL : 8.1.4.504 6046074 Bytes 26.07.2013 09:56:55
AEHELP.DLL : 8.1.27.4 266617 Bytes 27.06.2013 15:12:02
AEGEN.DLL : 8.1.7.10 442743 Bytes 26.07.2013 09:56:53
AEEXP.DLL : 8.4.1.36 278903 Bytes 26.07.2013 09:56:56
AEEMU.DLL : 8.1.3.2 393587 Bytes 19.09.2012 13:42:55
AECORE.DLL : 8.1.31.6 201081 Bytes 27.06.2013 15:12:02
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 14:00:38
AVWINLL.DLL : 13.6.0.1550 23608 Bytes 03.07.2013 15:24:30
AVPREF.DLL : 13.6.0.1550 48184 Bytes 03.07.2013 15:24:33
AVREP.DLL : 13.6.0.1550 175672 Bytes 03.07.2013 15:24:33
AVARKT.DLL : 13.6.0.1626 258104 Bytes 03.07.2013 15:24:30
AVEVTLOG.DLL : 13.6.0.1550 164920 Bytes 03.07.2013 15:24:32
SQLITE3.DLL : 3.7.0.1 397088 Bytes 19.09.2012 17:17:40
AVSMTP.DLL : 13.6.0.1550 59960 Bytes 03.07.2013 15:24:34
NETNT.DLL : 13.6.0.1550 13368 Bytes 03.07.2013 15:24:44
RCIMAGE.DLL : 13.4.0.360 4782880 Bytes 28.11.2012 14:09:40
RCTEXT.DLL : 13.6.0.1624 65080 Bytes 03.07.2013 15:24:30
Configuration settings for the scan:
Jobname.............................: Manual Selection
Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\folder.avp
Reporting...........................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:, F:, G:, Q:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: Intelligent file selection
Scan archives.......................: on
Limit recursion depth...............: 20
Smart extensions....................: on
Macrovirus heuristic................: on
File heuristic......................: extended
Start of the scan: Dienstag, 6. August 2013 11:18
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
The scan of running processes will be started:
Scan process 'svchost.exe' - '55' Module(s) have been scanned
Scan process 'launcher_service.exe' - '50' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '38' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'cmdagent.exe' - '112' Module(s) have been scanned
Scan process 'svchost.exe' - '92' Module(s) have been scanned
Scan process 'svchost.exe' - '99' Module(s) have been scanned
Scan process 'svchost.exe' - '123' Module(s) have been scanned
Scan process 'svchost.exe' - '88' Module(s) have been scanned
Scan process 'svchost.exe' - '177' Module(s) have been scanned
Scan process 'svchost.exe' - '31' Module(s) have been scanned
Scan process 'nvxdsync.exe' - '58' Module(s) have been scanned
Scan process 'nvvsvc.exe' - '72' Module(s) have been scanned
Scan process 'WLANExt.exe' - '37' Module(s) have been scanned
Scan process 'conhost.exe' - '19' Module(s) have been scanned
Scan process 'svchost.exe' - '87' Module(s) have been scanned
Scan process 'spoolsv.exe' - '83' Module(s) have been scanned
Scan process 'taskeng.exe' - '31' Module(s) have been scanned
Scan process 'sched.exe' - '49' Module(s) have been scanned
Scan process 'armsvc.exe' - '36' Module(s) have been scanned
Scan process 'taskhost.exe' - '74' Module(s) have been scanned
Scan process 'FlashPlayerUpdateService.exe' - '49' Module(s) have been scanned
Scan process 'Dwm.exe' - '39' Module(s) have been scanned
Scan process 'avguard.exe' - '89' Module(s) have been scanned
Scan process 'Explorer.EXE' - '187' Module(s) have been scanned
Scan process 'SeaPort.EXE' - '60' Module(s) have been scanned
Scan process 'BrowserProtect.exe' - '38' Module(s) have been scanned
Scan process 'dragon_updater.exe' - '89' Module(s) have been scanned
Scan process 'taskeng.exe' - '33' Module(s) have been scanned
Scan process 'EFUpdater.exe' - '75' Module(s) have been scanned
Scan process 'BrowserProtect.exe' - '39' Module(s) have been scanned
Scan process 'dsiwmis.exe' - '41' Module(s) have been scanned
Scan process 'LMworker.exe' - '36' Module(s) have been scanned
Scan process 'ePowerSvc.exe' - '48' Module(s) have been scanned
Scan process 'LMutilps32.exe' - '47' Module(s) have been scanned
Scan process 'GeekBuddyRSP.exe' - '52' Module(s) have been scanned
Scan process 'GREGsvc.exe' - '33' Module(s) have been scanned
Scan process 'hamachi-2.exe' - '73' Module(s) have been scanned
Scan process 'taskeng.exe' - '35' Module(s) have been scanned
Scan process 'HiPatchService.exe' - '91' Module(s) have been scanned
Scan process 'clear.fiAgent.exe' - '42' Module(s) have been scanned
Scan process 'hamachi-2-ui.exe' - '54' Module(s) have been scanned
Scan process 'DMREngine.exe' - '72' Module(s) have been scanned
Scan process 'igfxtray.exe' - '34' Module(s) have been scanned
Scan process 'hkcmd.exe' - '33' Module(s) have been scanned
Scan process 'igfxpers.exe' - '54' Module(s) have been scanned
Scan process 'nvtray.exe' - '57' Module(s) have been scanned
Scan process 'TSVNCache.exe' - '41' Module(s) have been scanned
Scan process 'ETDCtrl.exe' - '60' Module(s) have been scanned
Scan process 'RAVCpl64.exe' - '54' Module(s) have been scanned
Scan process 'RAVBg64.exe' - '51' Module(s) have been scanned
Scan process 'ePowerTray.exe' - '61' Module(s) have been scanned
Scan process 'cistray.exe' - '62' Module(s) have been scanned
Scan process 'uTorrent.exe' - '91' Module(s) have been scanned
Scan process 'Steam.exe' - '142' Module(s) have been scanned
Scan process 'cmw_srv.exe' - '70' Module(s) have been scanned
Scan process 'chrome.exe' - '135' Module(s) have been scanned
Scan process 'SnapDo.exe' - '153' Module(s) have been scanned
Scan process 'Skype.exe' - '172' Module(s) have been scanned
Scan process 'hsswd.exe' - '44' Module(s) have been scanned
Scan process 'HWDeviceService64.exe' - '35' Module(s) have been scanned
Scan process 'UpdaterService.exe' - '35' Module(s) have been scanned
Scan process 'DCSHelper.exe' - '40' Module(s) have been scanned
Scan process 'NOBuAgent.exe' - '33' Module(s) have been scanned
Scan process 'IScheduleSvc.exe' - '76' Module(s) have been scanned
Scan process 'AdobeARM.exe' - '75' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '43' Module(s) have been scanned
Scan process 'BackupManagerTray.exe' - '82' Module(s) have been scanned
Scan process 'LManager.exe' - '78' Module(s) have been scanned
Scan process 'unit_manager.exe' - '49' Module(s) have been scanned
Scan process 'pcee4.exe' - '79' Module(s) have been scanned
Scan process 'clear.fiMovieService.exe' - '59' Module(s) have been scanned
Scan process 'AllShareAgent.exe' - '77' Module(s) have been scanned
Scan process 'Updater.exe' - '51' Module(s) have been scanned
Scan process 'avgnt.exe' - '101' Module(s) have been scanned
Scan process 'SweetIM.exe' - '77' Module(s) have been scanned
Scan process 'SweetPacksUpdateManager.exe' - '71' Module(s) have been scanned
Scan process 'MMDx64Fx.exe' - '34' Module(s) have been scanned
Scan process 'jusched.exe' - '86' Module(s) have been scanned
Scan process 'schtasks.exe' - '36' Module(s) have been scanned
Scan process 'conhost.exe' - '19' Module(s) have been scanned
Scan process 'sftvsa.exe' - '40' Module(s) have been scanned
Scan process 'unit.exe' - '106' Module(s) have been scanned
Scan process 'GeekBuddyRSP.exe' - '42' Module(s) have been scanned
Scan process 'TeamViewer_Service.exe' - '101' Module(s) have been scanned
Scan process 'sftlist.exe' - '80' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'avshadow.exe' - '22' Module(s) have been scanned
Scan process 'CVHSVC.EXE' - '72' Module(s) have been scanned
Scan process 'ipmGui.exe' - '132' Module(s) have been scanned
Scan process 'AVWEBGRD.EXE' - '74' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '40' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '68' Module(s) have been scanned
Scan process 'hsscp.exe' - '102' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '72' Module(s) have been scanned
Scan process 'svchost.exe' - '41' Module(s) have been scanned
Scan process 'alg.exe' - '36' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'igfxext.exe' - '31' Module(s) have been scanned
Scan process 'igfxsrvc.exe' - '35' Module(s) have been scanned
Scan process 'unsecapp.exe' - '34' Module(s) have been scanned
Scan process 'ePowerEvent.exe' - '24' Module(s) have been scanned
Scan process 'cavwp.exe' - '56' Module(s) have been scanned
Scan process 'SteamService.exe' - '60' Module(s) have been scanned
Scan process 'ETDCtrlHelper.exe' - '32' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '120' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'avcenter.exe' - '142' Module(s) have been scanned
Scan process 'cis.exe' - '99' Module(s) have been scanned
Scan process 'DllHost.exe' - '48' Module(s) have been scanned
Scan process 'IAStorDataMgrSvc.exe' - '62' Module(s) have been scanned
Scan process 'LMS.exe' - '43' Module(s) have been scanned
Scan process 'daemonu.exe' - '74' Module(s) have been scanned
Scan process 'AllShareDMS.exe' - '121' Module(s) have been scanned
Scan process 'sppsvc.exe' - '29' Module(s) have been scanned
Scan process 'svchost.exe' - '63' Module(s) have been scanned
Scan process 'UNS.exe' - '50' Module(s) have been scanned
Scan process 'IELowutil.exe' - '49' Module(s) have been scanned
Scan process 'TrustedInstaller.exe' - '52' Module(s) have been scanned
Scan process 'avscan.exe' - '113' Module(s) have been scanned
Scan process 'svchost.exe' - '18' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'chrome.exe' - '51' Module(s) have been scanned
Scan process 'chrome.exe' - '50' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned
Scan process 'csrss.exe' - '19' Module(s) have been scanned
Scan process 'csrss.exe' - '19' Module(s) have been scanned
Scan process 'wininit.exe' - '29' Module(s) have been scanned
Scan process 'winlogon.exe' - '32' Module(s) have been scanned
Scan process 'services.exe' - '39' Module(s) have been scanned
Scan process 'lsass.exe' - '76' Module(s) have been scanned
Scan process 'lsm.exe' - '25' Module(s) have been scanned
Starting to scan executable files (registry):
C:\Windows\web\logon.exe
[DETECTION] Is the TR/Agent.6417.1 Trojan
The registry was scanned ( '1372' files ).
End of the scan: Dienstag, 6. August 2013 11:19
Used time: 01:33 Minute(s)
The scan has been canceled!
0 Scanned directories
2649 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
0 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2648 Files not concerned
16 Archives were scanned
0 Warnings
0 Notes
| 
FRST 32-Bit | FRST 64-Bit
Lesestoff: