Habe ein problem mit diesem trojaner "Zlob-BN"

#16 so, nun aber! (lag daran, daß beim active-x Kaspersky-Fenster das accept oder decline - Feld kaum sichtbar war...)

KASPERSKY ON-LINE SCANNER REPORT
Tuesday, June 06, 2006 9:18:47 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 6/06/2006
Kaspersky Anti-Virus database records: 186696


Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target Folders
A:\
C:\
D:\

Scan Statistics
Total number of scanned objects 57225
Number of viruses found 1
Number of infected objects 29
Number of suspicious objects 0
Duration of the scan process 00:32:02

Infected Object Name Virus Name Last Action
C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP49\A0047559.exe Infected: Trojan-Downloader.Win32.Zlob.qs skipped

Scan process completed.


KASPERSKY ON-LINE SCANNER REPORT
Tuesday, June 06, 2006 8:31:31 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 6/06/2006
Kaspersky Anti-Virus database records: 186696


Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 57191
Number of viruses found 1
Number of infected objects 29
Number of suspicious objects 0
Duration of the scan process 00:32:17

Infected Object Name Virus Name Last Action
C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP49\A0047559.exe Infected: Trojan-Downloader.Win32.Zlob.qs skipped

Scan process completed.

#17 hank4

1.
Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.

2.
scanne noch mal mit kaspersky, dann aktiviere wieder die Systemwiederherstellung + installiere Firefox neu + berichte
__________
MfG Sabina

rund um die PC-Sicherheit

#18 Der rote Pferde?kopf scheint normales firefoxlogo zu sein. Ist der zlob-qs mit dem Kasperskyscan nun entfernt?
MfG Hank4




Tuesday, June 06, 2006 2:00:32 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.78.0
Kaspersky Anti-Virus database last update: 6/06/2006
Kaspersky Anti-Virus database records: 198659


Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true

Scan Target My Computer
A:\
C:\
D:\
E:\

Scan Statistics
Total number of scanned objects 57928
Number of viruses found 1
Number of infected objects 29
Number of suspicious objects 0
Duration of the scan process 00:32:10

Infected Object Name Virus Name Last Action
C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047375.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047376.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047377.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047378.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047379.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047380.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe/data0008 Infected: Trojan-Downloader.Win32.Zlob.qs skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe NSIS: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP48\A0047381.exe PE_Patch.UPX: infected - 1 skipped

C:\System Volume Information\_restore{66234F2B-C93E-4D94-8BDB-1899CBBA9319}\RP49\A0047559.exe Infected: Trojan-Downloader.Win32.Zlob.qs skipped

Scan process completed.
deinstallieren, dann Punkt 2. von oben...

#19 hank4

Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.
(dann wieder aktvieren)

ich hoffe, ich muss nicht ein drittes mal das gleiche schreiben, denn wenn du die Systemwiederherstellung nicht deaktivierst, wirst du vom Kaspersky immer das gleiche Ergebnis erhalten..............
__________
MfG Sabina

rund um die PC-Sicherheit

#20 ...ist ja schon gut... Scans waren clean, ich hoffe das wars damit. In summa nochmals herzliches Dankeschön und Hochachtung an Dich!

Ciao, Hank4