| |
| |||||||
Log-Analyse und Auswertung: Verschiedene Viren gefunden mit AntivirWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.08.2012, 22:25
| #1 |
| |  Verschiedene Viren gefunden mit Antivir Hallo zusammen, Ich habe einen Full scan mit Antivir seit geraumer Zeit gemacht und leider über 16 verschiedene Viren gefunden. Zur zeit weiss ich nicht genau wie ich vorgehen soll, 7 davon hat es in die Quarantäne verschoben nach dem Log, was is mit den anderen 9? Würdet Ihr empfehlen noch ein zusätzliches mealware programm zu installieren damit alles entfernt werden kann? Hier die Übersicht der Viren: EXP/JAVA.Ternub.Gen exploit EXP/Java.BQ exploit EXP/CVE-2010-0840 exploit EXP/CVE-2010-4452 exploit JAVA/Dldr.Treams.AF Java virus HTML/FakeAV.AT HTML script virus Hier ist mein log: Code:
ATTFilter Avira Free Antivirus
Report file date: Mittwoch, 8. August 2012 19:41
Scanning for 4079953 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available.
Licensee : Avira AntiVir Personal - Free Antivirus
Platform : Windows 7 Professional
Windows version : (Service Pack 1) [6.1.7601]
Boot mode : Normally booted
Version information:
BUILD.DAT : 12.0.0.1167 40870 Bytes 18.07.2012 20:07:00
AVSCAN.EXE : 12.3.0.33 468472 Bytes 01.08.2012 09:09:14
AVSCAN.DLL : 12.3.0.15 54736 Bytes 02.05.2012 13:31:39
LUKE.DLL : 12.3.0.15 68304 Bytes 01.05.2012 23:31:47
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 01.05.2012 22:13:36
AVREG.DLL : 12.3.0.17 232200 Bytes 08.06.2012 22:06:21
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 23:23:21
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 23:32:24
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 09:58:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 10:43:53
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 08:33:45
VBASE006.VDF : 7.11.34.117 2048 Bytes 29.06.2012 08:33:45
VBASE007.VDF : 7.11.34.118 2048 Bytes 29.06.2012 08:33:45
VBASE008.VDF : 7.11.34.119 2048 Bytes 29.06.2012 08:33:45
VBASE009.VDF : 7.11.34.120 2048 Bytes 29.06.2012 08:33:45
VBASE010.VDF : 7.11.34.121 2048 Bytes 29.06.2012 08:33:45
VBASE011.VDF : 7.11.34.122 2048 Bytes 29.06.2012 08:33:45
VBASE012.VDF : 7.11.34.123 2048 Bytes 29.06.2012 08:33:45
VBASE013.VDF : 7.11.34.124 2048 Bytes 29.06.2012 08:33:46
VBASE014.VDF : 7.11.38.18 2554880 Bytes 30.07.2012 20:34:49
VBASE015.VDF : 7.11.38.70 556032 Bytes 31.07.2012 09:09:12
VBASE016.VDF : 7.11.38.143 171008 Bytes 02.08.2012 16:33:01
VBASE017.VDF : 7.11.38.221 178176 Bytes 06.08.2012 17:05:52
VBASE018.VDF : 7.11.39.37 168448 Bytes 08.08.2012 17:05:52
VBASE019.VDF : 7.11.39.38 2048 Bytes 08.08.2012 17:05:52
VBASE020.VDF : 7.11.39.39 2048 Bytes 08.08.2012 17:05:52
VBASE021.VDF : 7.11.39.40 2048 Bytes 08.08.2012 17:05:52
VBASE022.VDF : 7.11.39.41 2048 Bytes 08.08.2012 17:05:52
VBASE023.VDF : 7.11.39.42 2048 Bytes 08.08.2012 17:05:52
VBASE024.VDF : 7.11.39.43 2048 Bytes 08.08.2012 17:05:53
VBASE025.VDF : 7.11.39.44 2048 Bytes 08.08.2012 17:05:53
VBASE026.VDF : 7.11.39.45 2048 Bytes 08.08.2012 17:05:53
VBASE027.VDF : 7.11.39.46 2048 Bytes 08.08.2012 17:05:53
VBASE028.VDF : 7.11.39.47 2048 Bytes 08.08.2012 17:05:53
VBASE029.VDF : 7.11.39.48 2048 Bytes 08.08.2012 17:05:53
VBASE030.VDF : 7.11.39.49 2048 Bytes 08.08.2012 17:05:53
VBASE031.VDF : 7.11.39.68 74752 Bytes 08.08.2012 17:36:33
Engine version : 8.2.10.130
AEVDF.DLL : 8.1.2.10 102772 Bytes 10.07.2012 11:14:58
AESCRIPT.DLL : 8.1.4.38 455033 Bytes 03.08.2012 19:04:24
AESCN.DLL : 8.1.8.2 131444 Bytes 16.02.2012 16:11:36
AESBX.DLL : 8.2.5.12 606578 Bytes 29.06.2012 08:33:45
AERDL.DLL : 8.1.9.15 639348 Bytes 20.01.2012 23:22:40
AEPACK.DLL : 8.3.0.24 811381 Bytes 08.08.2012 17:05:54
AEOFFICE.DLL : 8.1.2.42 201083 Bytes 19.07.2012 20:27:23
AEHEUR.DLL : 8.1.4.84 5112182 Bytes 03.08.2012 19:04:24
AEHELP.DLL : 8.1.23.2 258422 Bytes 29.06.2012 08:33:43
AEGEN.DLL : 8.1.5.34 434548 Bytes 19.07.2012 20:27:22
AEEXP.DLL : 8.1.0.74 86387 Bytes 03.08.2012 19:04:24
AEEMU.DLL : 8.1.3.2 393587 Bytes 10.07.2012 11:14:57
AECORE.DLL : 8.1.27.4 201078 Bytes 08.08.2012 17:05:53
AEBB.DLL : 8.1.1.0 53618 Bytes 20.01.2012 23:22:35
AVWINLL.DLL : 12.3.0.15 27344 Bytes 01.05.2012 22:59:21
AVPREF.DLL : 12.3.0.15 51920 Bytes 01.05.2012 22:44:31
AVREP.DLL : 12.3.0.15 179208 Bytes 01.05.2012 22:13:35
AVARKT.DLL : 12.3.0.15 211408 Bytes 01.05.2012 22:21:32
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 01.05.2012 22:28:49
SQLITE3.DLL : 3.7.0.1 398288 Bytes 16.04.2012 21:11:02
AVSMTP.DLL : 12.3.0.32 63480 Bytes 01.08.2012 09:09:14
NETNT.DLL : 12.3.0.15 17104 Bytes 01.05.2012 23:33:29
RCIMAGE.DLL : 12.3.0.31 4445944 Bytes 01.08.2012 09:09:11
RCTEXT.DLL : 12.3.0.31 97784 Bytes 01.08.2012 09:09:11
Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Logging.............................: default
Primary action......................: Interactive
Secondary action....................: Ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, E:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: extended
Start of the scan: Mittwoch, 8. August 2012 19:41
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'E:\'
[INFO] No virus was found!
Starting search for hidden objects.
The scan of running processes will be started
Scan process 'avscan.exe' - '89' Module(s) have been scanned
Scan process 'avcenter.exe' - '93' Module(s) have been scanned
Scan process 'daemonu.exe' - '41' Module(s) have been scanned
Scan process 'COCIManager.exe' - '39' Module(s) have been scanned
Scan process 'avgnt.exe' - '83' Module(s) have been scanned
Scan process 'adawarebp.exe' - '59' Module(s) have been scanned
Scan process 'AdobeARM.exe' - '70' Module(s) have been scanned
Scan process 'jusched.exe' - '25' Module(s) have been scanned
Scan process 'SSMMgr.exe' - '38' Module(s) have been scanned
Scan process 'LWS.exe' - '69' Module(s) have been scanned
Scan process 'winampa.exe' - '22' Module(s) have been scanned
Scan process 'AAM Updates Notifier.exe' - '73' Module(s) have been scanned
Scan process 'SpotifyWebHelper.exe' - '36' Module(s) have been scanned
Scan process 'LVPrS64H.exe' - '25' Module(s) have been scanned
Scan process 'avguard.exe' - '62' Module(s) have been scanned
Scan process 'svchost.exe' - '61' Module(s) have been scanned
Scan process 'sched.exe' - '43' Module(s) have been scanned
Scan process 'nvSCPAPISvr.exe' - '30' Module(s) have been scanned
Starting to scan executable files (registry).
The registry was scanned ( '1273' files ).
Starting the file scan:
Begin scan in 'C:\'
E:\UIDOP4\Backup Set 2011-02-06 190000\Backup Files 2011-02-13 192358\Backup files 1.zip
[0] Archive type: ZIP
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/4/8f85c44-51214c78
[1] Archive type: ZIP
--> vmain.class
[DETECTION] Contains recognition pattern of the EXP/JAVA.Ternub.Gen exploit
E:\UIDOP4\Backup Set 2011-02-20 200924\Backup Files 2011-02-20 200924\Backup files 2.zip
[0] Archive type: ZIP
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/23/5866a617-6179b179
[1] Archive type: ZIP
--> encode/ANSI.class
[DETECTION] Is the TR/Agent.435.2 Trojan
--> encode/Unicode.class
[DETECTION] Contains recognition pattern of the EXP/Java.BQ exploit
--> setup/lang.class
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-0840 exploit
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/4/8f85c44-51214c78
[1] Archive type: ZIP
--> vmain.class
[DETECTION] Contains recognition pattern of the EXP/JAVA.Ternub.Gen exploit
E:\UIDOP4\Backup Set 2011-04-17 213434\Backup Files 2011-05-15 125738\Backup files 1.zip
[0] Archive type: ZIP
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/12/3cc664c-7d5c8e30
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-4452 exploit
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/23/5866a617-6179b179
[1] Archive type: ZIP
--> encode/ANSI.class
[DETECTION] Is the TR/Agent.435.2 Trojan
--> encode/Unicode.class
[DETECTION] Contains recognition pattern of the EXP/Java.BQ exploit
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/9/7be78a09-79ccc6e9
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-4452 exploit
E:\UIDOP4\Backup Set 2011-06-12 195355\Backup Files 2011-09-18 210433\Backup files 1.zip
[0] Archive type: ZIP
--> C/Users/uidop/AppData/Local/Microsoft/WLSetup/wlt1C39.tmp
[1] Archive type: CAB (Microsoft)
--> LanguageSelector64.7z
[2] Archive type: 7-Zip
--> LanguageSelector64.cab
[3] Archive type: CAB (Microsoft)
--> LanguageSelector64.msi
[WARNING] The file could not be read!
E:\UIDOP4\Backup Set 2011-10-02 190000\Backup Files 2011-10-02 190000\Backup files 2.zip
[0] Archive type: ZIP
--> C/Users/uidop/AppData/Local/Microsoft/WLSetup/wlt1C39.tmp
[1] Archive type: CAB (Microsoft)
--> LanguageSelector64.7z
[2] Archive type: 7-Zip
--> LanguageSelector64.cab
[3] Archive type: CAB (Microsoft)
--> LanguageSelector64.msi
[WARNING] The file could not be read!
E:\UIDOP4\Backup Set 2012-01-08 190005\Backup Files 2012-01-15 190000\Backup files 2.zip
[0] Archive type: ZIP
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/13/737ea30d-2da5b03a
[1] Archive type: ZIP
--> Java.class
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Treams.AF Java virus
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/27/6049ccdb-31e7c078
[1] Archive type: ZIP
--> Java.class
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Treams.AF Java virus
E:\UIDOP4\Backup Set 2012-01-08 190005\Backup Files 2012-01-23 104703\Backup files 4.zip
[0] Archive type: ZIP
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/23/43eca757-170655e7
[1] Archive type: ZIP
--> Java.class
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Treams.AF Java virus
E:\UIDOP4\Backup Set 2012-02-19 190000\Backup Files 2012-02-19 190000\Backup files 11.zip
[0] Archive type: ZIP
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/13/737ea30d-2da5b03a
[1] Archive type: ZIP
--> Java.class
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Treams.AF Java virus
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/23/43eca757-170655e7
[1] Archive type: ZIP
--> Java.class
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Treams.AF Java virus
--> C/Users/uidop/AppData/LocalLow/Sun/Java/Deployment/cache/6.0/27/6049ccdb-31e7c078
[1] Archive type: ZIP
--> Java.class
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Treams.AF Java virus
E:\UIDOP4\Backup Set 2012-02-19 190000\Backup Files 2012-03-04 205221\Backup files 1.zip
[0] Archive type: ZIP
--> C/Users/uidop/AppData/Local/Mozilla/Firefox/Profiles/5azerq6s.default/Cache/1/B5/8617Ad01
[DETECTION] Contains recognition pattern of the HTML/FakeAV.AT HTML script virus
Beginning disinfection:
E:\UIDOP4\Backup Set 2012-02-19 190000\Backup Files 2012-03-04 205221\Backup files 1.zip
[DETECTION] Contains recognition pattern of the HTML/FakeAV.AT HTML script virus
[NOTE] The file was moved to the quarantine directory under the name '524a7306.qua'.
E:\UIDOP4\Backup Set 2012-02-19 190000\Backup Files 2012-02-19 190000\Backup files 11.zip
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Treams.AF Java virus
[NOTE] The file was moved to the quarantine directory under the name '4add5cbe.qua'.
E:\UIDOP4\Backup Set 2012-01-08 190005\Backup Files 2012-01-23 104703\Backup files 4.zip
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Treams.AF Java virus
[NOTE] The file was moved to the quarantine directory under the name '1882065c.qua'.
E:\UIDOP4\Backup Set 2012-01-08 190005\Backup Files 2012-01-15 190000\Backup files 2.zip
[DETECTION] Contains recognition pattern of the JAVA/Dldr.Treams.AF Java virus
[NOTE] The file was moved to the quarantine directory under the name '7eb5499e.qua'.
E:\UIDOP4\Backup Set 2011-04-17 213434\Backup Files 2011-05-15 125738\Backup files 1.zip
[DETECTION] Contains recognition pattern of the EXP/CVE-2010-4452 exploit
[NOTE] The file was moved to the quarantine directory under the name '3b3164a0.qua'.
E:\UIDOP4\Backup Set 2011-02-20 200924\Backup Files 2011-02-20 200924\Backup files 2.zip
[DETECTION] Contains recognition pattern of the EXP/JAVA.Ternub.Gen exploit
[NOTE] The file was moved to the quarantine directory under the name '442a56b0.qua'.
E:\UIDOP4\Backup Set 2011-02-06 190000\Backup Files 2011-02-13 192358\Backup files 1.zip
[DETECTION] Contains recognition pattern of the EXP/JAVA.Ternub.Gen exploit
[NOTE] The file was moved to the quarantine directory under the name '08927ae7.qua'.
End of the scan: Mittwoch, 8. August 2012 22:56
Used time: 3:11:52 Hour(s)
The scan has been done completely.
57221 Scanned directories
2678480 Files were scanned
16 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 Files were deleted
0 Viruses and unwanted programs were repaired
7 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
2678464 Files not concerned
43565 Archives were scanned
224 Warnings
7 Notes
801599 Objects were scanned with rootkit scan
0 Hidden objects were found
Geändert von uidop4 (08.08.2012 um 23:02 Uhr) |
|
15.08.2012, 15:30
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Verschiedene Viren gefunden mit Antivir Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
__________________Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Die Funde mit Malwarebytes bitte alle entfernen, sodass sie in der Quarantäne von Malwarebytes aufgehoben werden! NICHTS voreilig aus der Quarantäne entfernen! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! ESET Online Scanner
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
| Themen zu Verschiedene Viren gefunden mit Antivir |
| .dll, antivir, avg, avira antivir, bytes, ccc, desktop, empfehlen, file, free, hallo zusammen, information, log, lws.exe, mas, mein log, moved, personal, programm, quarantäne, scan, services, svchost.exe, updates, viren, warning, windows, windows 7 |
Linear-Darstellung
