Trojaner-Board - Avira hat Trojaner gefunden. TR/Ransom.Blocker.bemi. Bitte um Hilfe!!!

hier das logfile

Code:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software

Run date: 2013-05-17 11:33:34

-----------------------------

11:33:34.718    OS Version: Windows x64 6.0.6002 Service Pack 2

11:33:34.719    Number of processors: 2 586 0xF0D

11:33:34.720    ComputerName: ****-PC  UserName: ****

11:33:36.765    Initialize success

11:33:49.309    AVAST engine defs: 13051601

11:34:00.936    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1

11:34:00.941    Disk 0 Vendor: Hitachi_HTS543225L9A300 FBEOC44C Size: 238475MB BusType: 3

11:34:00.949    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T0L0-0

11:34:00.955    Disk 1 Vendor: Hitachi_HTS543225L9A300 FBEOC44C Size: 238475MB BusType: 3

11:34:01.251    Disk 1 MBR read successfully

11:34:01.258    Disk 1 MBR scan

11:34:01.277    Disk 1 unknown MBR code

11:34:01.288    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS       228312 MB offset 63

11:34:01.341    Disk 1 Partition 2 00     07    HPFS/NTFS NTFS        10159 MB offset 467585024

11:34:01.653    Disk 1 scanning C:\Windows\system32\drivers

11:34:25.988    Service scanning

11:35:07.842    Modules scanning

11:35:07.857    Disk 1 trace - called modules:

11:35:08.239    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 

11:35:08.253    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8005e33300]

11:35:08.271    3 CLASSPNP.SYS[fffffa6000a4ec33] -> nt!IofCallDriver -> [0xfffffa8005c29800]

11:35:08.289    5 hpdskflt.sys[fffffa60018020ee] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004c3b060]

11:35:08.302    Scan finished successfully

11:36:16.492    Disk 1 MBR has been saved successfully to "C:\Users\****\Desktop\MBR.dat"

11:36:16.498    The log file has been saved successfully to "C:\Users\****\Desktop\aswMBR.txt"

Hey,

wie lang dauert der scan von ESET? Geht jetzt schon fast 3 stunden und ist bei 30% und 1 Trojanerfund gemeldet

Hier das ESET log

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=45c6d7facd79d0499264d045d394d7a9

# engine=13849

# end=stopped

# remove_checked=false

# archives_checked=false

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-05-17 10:46:25

# local_time=2013-05-17 12:46:25 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=1799 16775165 100 96 5569 234210875 0 0

# compatibility_mode=5892 16776574 100 100 98241153 206311491 0 0

# scanned=119442

# found=0

# cleaned=0

# scan_time=3739

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=45c6d7facd79d0499264d045d394d7a9

# engine=13849

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-05-17 02:50:03

# local_time=2013-05-17 04:50:03 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=1799 16775165 100 96 20187 234225493 7899 0

# compatibility_mode=5892 16776574 100 100 98255771 206326109 0 0

# scanned=240266

# found=5

# cleaned=0

# scan_time=14528

sh=5EF9E5C15A2CBD5778C6EE9948A7C1A93A54E8D0 ft=1 fh=cac44e7c18d08008 vn="probably a variant of Win32/TrojanDownloader.Agent.IDNWLBG trojan" ac=I fn="C:\Users\****\Downloads\Software\Setup59_FreeFlvConverter(nicht installiert).exe"

sh=166A1CC3CE5C144AD4031FE4B29F70EF4F8263D8 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2013-2423.AI trojan" ac=I fn="C:\_OTL\MovedFiles\05162013_102720\C_Users\****\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\4a8b563b-7dfe3294"

sh=7ECBD8CB50E626C7A41F4F2F2ACFB33174FB8EA3 ft=1 fh=a5f7e07d066dde2a vn="a variant of Win32/Kryptik.BBAM trojan" ac=I fn="C:\_OTL\MovedFiles\05162013_102720\C_Users\****\AppData\Roaming\ie_util.exe"

sh=C07D12CA9DCE3CBA9BE59F0052A3CFBE805AE4A7 ft=1 fh=c71c00115582c1ea vn="a variant of Win32/Kryptik.BAOO trojan" ac=I fn="C:\_OTL\MovedFiles\05162013_102720\C_Users\****\AppData\Roaming\Ejnauw\yrkeo.exe"

sh=F6C044B65B5AE6B89777D23AC8E1F9679EF2EA87 ft=1 fh=16d0d37a5c039099 vn="Win32/Spy.Zbot.AAO trojan" ac=I fn="C:\_OTL\MovedFiles\05162013_102720\C_Users\****\AppData\Roaming\Osed\miutx.exe"

Hier der log von security check

Code:

 Results of screen317's Security Check version 0.99.63  

 Windows Vista Service Pack 2 x64 (UAC is enabled)  

 Internet Explorer 7 Out of date! 
 ``````````````Antivirus/Firewall Check:`````````````` 

Avira Desktop   

 Antivirus up to date!   
 `````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware Version 1.75.0.1300  

 CCleaner (remove only)   

 Java(TM) 6 Update 18  

 Java 7 Update 21  

 Java(TM) 6 Update 6  

 Java 2 Runtime Environment, SE v1.4.2_07 

 Adobe Flash Player         11.7.700.169  

 Adobe Reader 8 Adobe Reader out of Date! 

 Adobe Reader 10.1.7 Adobe Reader out of Date!  

 Mozilla Firefox (20.0.1) 
 ````````Process Check: objlist.exe by Laurent````````  

 Avira Antivir avgnt.exe 

 Avira Antivir avguard.exe 

 **** Desktop Virus entfernen SecurityCheck.exe 
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 
 ````````````````````End of Log``````````````````````

Warte auf weitere Anweisungen;)

Gruß Josy