| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner auf USB: Exploit CVE 2010-2568Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.07.2011, 08:59
| #1 |
 |  Trojaner auf USB: Exploit CVE 2010-2568 Hallo Forum, ich habe gestern mit Erschrecken feststellen müssen, dass ich auf meinem USB-Stick einen Trojaner mit dem Namen Exploit CVE 2010-2568 habe. Auf dem Stick selbst befindet sich ein RECYCLER-Ordner, daneben 2 Dateien mit dem Namen "Copy of Shortcut to (1)" bzw. "...(2)". McAfee findet den Trojaner, meldet ihn als entfernt, er taucht jedoch immer wieder auf, lässt sich also nicht entfernen. Ich habe auch schon andere Antivirenprogramme versucht, unter anderem AVG Antivirus, der findet zwar auch den Trojaner, kann ihn aber auch nicht entfernen. (Andere Sticks scheinen nicht befallen zu sein, sie zeigen mir zumindest keine der oben genannten Dateien an bzw. ich bekomme auch keine Meldung vom Antiviren-Programm, dass dort etwas drauf ist - aber das muss ja vielleicht nichts heißen....) Den Stick einfach nicht mehr benutzen kann ich nicht, den brauche ich, da sind quasi alle wichtigen Unidaten nochmal gesichert und z.T. einiges, was ich nicht auf dem Rechner habe. Ich habe mich bereits ein wenig eingelesen bei euch und habe defogger runtergeladen und wie beschrieben auf "disable" geklickt. Zum Neustart hat mich das Programm nicht aufgefordert, die Log-Datei ist aber trotzdem erstellt worden und schreibt dabei folgendes: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:37 on 29/07/2011
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Ich hoffe, ihr könnt mir helfen. Danke und Grüße vom Schreibtisch |
|
29.07.2011, 10:25
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Trojaner auf USB: Exploit CVE 2010-2568 Deaktivier erstmal die automatische Wiedergabe komplett => Einstellungen für automatische Wiedergabe ändern
__________________Danach wird ein Autorun-Schädling nicht mehr automatisch gestartet wenn ein derart infizierter Datenträger angesteckt wird. Bitte dann routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. (alle externen Datenträger auch überprüfen lassen!) Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten! Danach OTL-Custom: CustomScan mit OTL Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
__________________ |
|
29.07.2011, 12:23
| #3 |
| | Trojaner auf USB: Exploit CVE 2010-2568 Hallo Cosinus,
__________________schonmal danke für deine Antwort und dass du dich mit meinem Problem befasst. Ich habe den Scan mit Malware ausgeführt und die Log-Datei zeigt folgendes an: Code:
ATTFilter Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Datenbank Version: 7315
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
29.07.2011 12:41:42
mbam-log-2011-07-29 (12-41-42).txt
Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 275540
Laufzeit: 1 Stunde(n), 3 Minute(n), 33 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 239
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{D1B40E74-AF7B-B217-576C-93620E923162} (Trojan.ZbotR.Gen) -> Value: {D1B40E74-AF7B-B217-576C-93620E923162} -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
c:\Users\***\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\A8JGPJ2N\ndhpjrck[1].htm (Backdoor.IRCBot.Gen) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\C2MW5X06\luckrmksmy[1].htm (Trojan.EnoV.Gen) -> Quarantined and deleted successfully.
c:\Users\***\AppData\Local\Temp\B3BC.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\qbTplyZo.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\aRNfqsWs.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ieTfXIWP.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ShkOFVSk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\BPGDYVAH.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\YKDNCCTO.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\AHhUeLKG.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\qIibWHYD.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\dKtbaeIR.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\kwFDiNyc.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\aOPIqytt.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\VMKsjiAi.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\GhheadwA.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\EFaklmIn.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\lWXHfwoh.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\TSwcxvUI.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\Frjsjvkk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\xOxpGrUT.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\urpkojMm.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\uyNjVnkU.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\fGwwxBQQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\FGmXZOng.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\kDtfBANp.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ihyCBmDZ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\APTMmnCr.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\sOIuBVTZ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\sZyZELHk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\rBwvcPcv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\YYrRIOcD.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\NOHiWBRP.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ArPidEIh.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\EMSnsaFY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\JRApRpHG.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ENJSPQtk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\slnJqidV.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ylXKVRKc.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\MjidZiwQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\IJVmmEWo.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\jnsskLPE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\stkJcaCV.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\WnHKVvBp.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\TmoVEgGe.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\sHatFAms.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\HMTEBIkS.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\vUysLWWT.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\rQWvMyDR.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\nFDGUdAA.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\sdOPZcrK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\QfHSsnet.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\qHfqhUuO.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\umnahIIg.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\hnRlRAoT.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\usMWnesX.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\JaRBnSEH.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ggNjYUxy.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\XskvdMpH.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ZEGvtAAU.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\MWWRNpdy.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ikQKPOdd.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\chsrfXJA.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\bvVXDhSL.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\cmXsSAWk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\LVVCIoWq.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\srvRFwxH.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\GbSsGSkr.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\LZMCsvOJ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\cWgoirdF.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\vXdujVve.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\sspiCrvw.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\aiwNdRpC.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\OlsltiOK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\JhQgpbFk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\BnvjCDtY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\DhfdLraL.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\QpBJkxWm.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\AEakdOfp.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\xwBTWCXR.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\LZKRoBXa.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\NfdRUZlB.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\OOVIeFOY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\arUeaYBf.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\BmrDsvEQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\mIpOdFCD.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\AxhTMsxa.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\XRfWJOrL.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\eSUdKTDK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\lunTHhYZ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\brxbAMUP.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\IjKwiVZB.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\jBnAxUbq.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\TKmiIJiU.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\NSRKkbeX.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\GgRxxney.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\bCOThQGH.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\mSpwreqK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\VYRfOVaE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\qxmCfAVQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\RCfiBFSe.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\afIxKceW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\bbUSqHEK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\nbuvwGZV.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\HfevRKPk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\EIENBHMf.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\LrddpSgR.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\xVwARXZY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\EpIpFbAG.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\OGvgUogv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\xDkRaQax.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\VOldthSa.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\IpWqthRN.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\qYCVsTAu.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\pIALWVKn.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\irNufWNB.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\lhWWJnRE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\TeBrOJZE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\kIXTYGIn.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\gIxKKNWr.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\gDbKlyIv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\PHEmMqJW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\WTGEpgup.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\boCEyIBK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ageqivby.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\XayiybEn.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\mLNDbjZr.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\tTcghFlh.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\LjZvJGkm.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\sUmTfkiQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\wKkFNTUI.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\vECuswjD.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ZjHHmXnf.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\AqiADnHW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\BmBKMwPk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\VYfGGnfK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\eGrGVZUM.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\aKRRcwyH.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\AHAZrQHh.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\iSjwhoto.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\HyRscYip.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ETLjyiEF.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\BVoSAyNy.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\aFWcwkAP.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\YWghoVFV.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\wAcoxTOA.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\risuWKee.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\gDTPdHFB.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\VJRCTnUp.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\dogfTEmR.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\txREtNJM.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\QPOuEgBl.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\AUcIDEnc.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\WAQajCPv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\CXkSsbWw.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\RDJKWrQc.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\gcJmbaDn.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\TYnYZyfN.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\SvCeEXVs.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\GgwrmiDE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\sxqNayyk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\tANjOUBg.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\KYIvbGbq.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\TSZQaaJq.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\DpDxDwfW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\wtUojTyj.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\iQrYsKAW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ynxhhuXt.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ShueHLbK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ijMCbOeL.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\fryvsBMJ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\nsbDCFNk.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\xtGmLBpv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\uEPpOWZU.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\fFqmYPGv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\QTgZLNGQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\NiSmsmXR.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\HpClpEyx.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\vafpfAaO.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\LJDtTXSc.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ySGiiITf.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\VkSyPHPu.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\vmTQGJZA.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\GZwiPLYY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\wZXwWdIW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\OUUVAcNa.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\MmPrEDFE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\fRTYsCRf.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\HcpCsmMX.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\TkNiRHgv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\pJJuasTA.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ydoGmaII.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\WICuCBAi.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\lbHkwWxh.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\muFYOwMn.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\YPBNbgmZ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ZbNUUEbq.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\DfJwLbDQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\bAvAAAJv.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ADlhFGFM.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\HpsUVWdK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\vcHSqRnI.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\CcDvvgtQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\sfiDdhfC.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\HmwGkeHQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\JryDldhO.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\EHUeLwJe.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\FypcTTGF.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\imQJOsxK.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\bCCcjpWa.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ioHgokCI.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\lmIjVfAJ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\swOMEUYg.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ShlUfnhG.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\McvyncjY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\THnrOSyn.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\QMkZNIBm.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\pByMqukO.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\sSRGTVeG.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\rHydeVbt.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\NEYVjcLW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\hxOeXLRN.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\BlBvxwAa.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\mlpFooxT.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\HTfjFCIB.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\oDtMiFvZ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\keReQPgh.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\vQSaaFAQ.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\CAKwnGFd.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ZcRrJvKq.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\iNGNDAwW.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\mIeklofR.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\ZOgWUSYS.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\aGVaqmFb.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\acPeUQdE.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\eTyJHOeY.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\FgKxIaYp.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\pbIGQRHs.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
f:\RECYCLER\s-7-4-58-7046232575-6175146116-312348370-1503\IAHJoQEa.cpl (Virus.Ramnit) -> Quarantined and deleted successfully.
Die OTL.txt und die extras.txt habe ich als Anhang angefügt, ich hoffe, ich habe das richtige eingefügt, ich war mir nicht ganz sicher, was du als Inhalt meintest. Grüße vom Schreibtisch |
|
29.07.2011, 12:26
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner auf USB: Exploit CVE 2010-2568 Laufwerk F: ist deine externe Platte? Hattest du diese mal bei einem Bekannten an einem infizierten Rechner angeschlossen?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.07.2011, 12:35
| #5 |
| | Trojaner auf USB: Exploit CVE 2010-2568 Hallo, ja, F: ist der Stick. Ich bin mir nicht mehr ganz sicher, ob ich den in letzter Zeit an einen anderen Rechner angeschlossen habe... Wenn überhaupt, dann auch nur an den Laptop meiner Mutter (vor ca. 2 Wochen), der, soweit ich weiß, aber nicht infiziert ist/war. Danach habe ich den nur noch an meinem Laptop angeschlossen gehabt und bekam da keine Trojaner-Meldung. Die habe ich erst gestern bekommen, letzte Woche habe ich den Stick aber noch benutzt und etwas darauf gespeichert (Word-Dokument). Grüße vom Schreibtisch |
|
29.07.2011, 13:28
| #6 |
| | Trojaner auf USB: Exploit CVE 2010-2568 Hallo, ich hab da nochmal eine kurze Frage: Kann ich die Daten, die auf dem Stick drauf sind, auf meinen Rechner kopieren, OHNE mir den Trojaner auch auf den Rechner zu überspielen, oder überträgt der sich dann mit? Könnt ihr sehen, ob der sich schon auf das System übertragen hat? Wenn ich nämlich einfach nur z.B. nach dem RECYCLER-Ordner suche, dann finde ich so nichts (wenn der Stick nicht angeschlossen ist)... Grüße vom Schreibtisch |
|
29.07.2011, 13:28
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner auf USB: Exploit CVE 2010-2568 Hast du die automatische Wiederhabe wie beschrieben deaktiviert? Lass dir auch alle Dateien anzeigen => http://www.trojaner-board.de/59624-a...-sichtbar.html Danach mal den Stick im Arbeitsplatz/Computer öffnen, falls eine autorun.inf zu sehen ist, diese umbenennen von autorun.inf zu autorun.txt, dann mit dem Texteditor öffnen und den Inhalt (Text) hier posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.07.2011, 13:53
| #8 |
| | Trojaner auf USB: Exploit CVE 2010-2568 Hallo, ja, die automatische Wiedergabe habe ich deaktiviert. McAfee findet den Trojaner trotzdem immer noch - falls die Info von Bedeutung ist, ich kenn mich wie gesagt damit gar nicht aus... Ich habe jetzt auch alle Daten entsprechend der Anleitung sichtbar gemacht. Auf dem Stick war eine autorun.inf-Datei, die ich dann umbenannt habe. Der Inhalt ist folgender: RmN Grüße vom Schreibtisch |
|
29.07.2011, 14:02
| #9 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner auf USB: Exploit CVE 2010-2568Zitat:
Die automatische Wiedergabe entfernt nichts, sie sorgt nur dafür, dass die autorun.inf nicht automatisch verarbeitet wird! Zitat:
Lösch mal den gesamten Inhalt in f:\RECYCLER\
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.07.2011, 14:12
| #10 |
| | Trojaner auf USB: Exploit CVE 2010-2568 Hallo, ich dachte, wenn die automatische Wiedergabe deaktiviert ist, greift der da vielleicht nicht mehr drauf zu, mir war schon klar, dass der Trojaner deswegen nicht weg ist. Ich sagte schon, ich kenn mich auf dem Gebiet doch gar nicht aus... Mehr als die 3 Buchstaben stehen in der autorun-Datei nicht. Den gesamten Recycler-Ordner habe ich schon mehrfach versucht zu löschen, er taucht allerdings innerhalb weniger Sekunden danach wieder auf. Es scheint auch so zu sein, dass der Ordner mit der Zeit immer größer wird (vom Dateivolumen), falls das eine relevante Info ist. Im Recycler-Ordner ist weiterer Ordner mit einer elends langen Zahlenkombination. Grüße vom Schreibtisch |
|
29.07.2011, 14:31
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner auf USB: Exploit CVE 2010-2568 Lass den Stick mal dran und führe ESET aus: ESET Online Scanner
n.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.07.2011, 16:24
| #12 |
| | Trojaner auf USB: Exploit CVE 2010-2568 Hallo, ich habe den Eset-Scan durchgeführt und dann die Log-Datei erstellt und sie hier als Anhang an den Beitrag gehängt.
__________________ Grüße vom Schreibtisch |
|
30.07.2011, 18:08
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner auf USB: Exploit CVE 2010-2568 Ich befürchet dein System ist im Eimer. ESET meldet da massenweise Infektionen vom Fileinfektor Ramnit... Ich würde dir eine Neuinstallation von Windows dringend empfehlen.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.08.2011, 08:49
| #14 |
| | Trojaner auf USB: Exploit CVE 2010-2568 Hallo, ich hab's schon fast befürchtet bei den ganzen gemeldeten Funden...ist dann wohl auch die bessere Idee. Dann habe ich dazu aber noch ein paar Fragen: Inwiefern darf ich vorher eine Datensicherung machen, ohne nachher die ganze Malware wieder mit aufzuspielen? Kann ich überhaupt irgendwas sichern? Darf ich eine andere externe Festplatte anschließen und dann Sachen darauf speichern oder ist das zu "riskant", nach dem Befall vom Stick? Was mache ich denn nun mit meinem USB-Stick (also Laufwerk F: )? Ist da "nie wieder benutzen" bzw. formatieren die einzige Möglichkeit? Kann ich da noch Daten auf den PC holen, dann eine Datensicherung machen und dann alles neu installieren, oder fange ich mir unweigerlich damit was ein? Ich bedanke mich schonmal für deine Geduld und deine Hilfe, ohne Anleitung hätte ich das so nicht geschafft, geschweige denn rausgefunden...
__________________ Grüße vom Schreibtisch |
|
01.08.2011, 10:11
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Trojaner auf USB: Exploit CVE 2010-2568Zitat:
Folge dem 2. Link in meiner Signatur - Datensicherung via Ubuntu.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Trojaner auf USB: Exploit CVE 2010-2568 |
| ahnung, antiviren-programm, autostart, avg, avg antivirus, backdoor.ircbot.gen, brauche, code, einfach, entfernt, erstellt, exploit, folge, forum, geschlossen, log-datei, meldet, namen, neustart, nichts, programme, shortcut, trojan.downloader, trojan.enov.gen, trojan.zbotr.gen, trojaner, virus.ramnit, wenig ahnung |
Textbox.
.
Linear-Darstellung
