Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Computer mit TR/Ransom.EJ.3 infiziert

Computer mit TR/Ransom.EJ.3 infiziert


Log-Analyse und Auswertung: Computer mit TR/Ransom.EJ.3 infiziert

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.04.2012, 11:38   #1
Ceterrec
 
Computer mit TR/Ransom.EJ.3 infiziert - Standard

Computer mit TR/Ransom.EJ.3 infiziert


Hallo,

der Computer meines Vaters wurde von TR/Ransom.EJ.3 befallen. Er zeigte die dafür üblichen Symptome: Der Bildschirminhalt wird abgedunkelt und ein Fenster öffnet sich, dass zu einer Zahlung von 50 Euro aufruft.

Ich habe mit defogger Emulator-Treiber deaktiviert und den Computer neugestartet.
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:05 on 02/04/2012 (***)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
Hier die Logdateien von DDS:

DDS.txt
[CODE].DDS Logfile:
Code:
ATTFilter
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 10.3.1
Run by *** at 11:12:15 on 2012-04-02
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.2046.991 [GMT 2:00]
.
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
C:\Windows\system32\svchost.exe -k HsfXAudioService
c:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\system32\lxbscoms.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\iashost.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Power Manager\PM.exe
C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DSL-Manager\DslMgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DSL-Manager\DslMgrSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Explorer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conime.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mURLSearchHooks: SearchElf 1.2 Toolbar: {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - c:\program files\searchelf_1.2\prxtbSea0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.0 runtime\bin\jp2ssv.dll
BHO: SearchElf 1.2 Toolbar: {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - c:\program files\searchelf_1.2\prxtbSea0.dll
TB: SearchElf 1.2 Toolbar: {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - c:\program files\searchelf_1.2\prxtbSea0.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - No File
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [PowerManager] c:\program files\power manager\PM.exe
mRun: [CLMLServer] "c:\program files\homecinema\power2go\CLMLSvc.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
StartupFolder: c:\users\***\appdata\roaming\micros~1\windows\startm~1\programs\startup\dsl-ma~1.lnk - c:\program files\dsl-manager\DslMgr.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{8660B1CA-198A-4D32-A3BD-4630E08FAD64} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{AD197E5A-BCDB-411A-84B2-A2144B7340F9} : DhcpNameServer = 192.168.0.1
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-4-2 36000]
R1 DslMNLwf;DSL-Manager NDIS LightWeight Filter;c:\windows\system32\drivers\dslmnlwf.sys [2009-7-17 16448]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
R2 AntiVirSchedulerService;Avira Planer;c:\program files\avira\antivir desktop\sched.exe [2012-4-2 86224]
R2 AntiVirService;Avira Echtzeit Scanner;c:\program files\avira\antivir desktop\avguard.exe [2012-4-2 110032]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-4-2 74640]
R2 FontCache;Windows-Dienst für Schriftartencache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-17 21504]
R2 FSCLBaseUpdaterService;FSCLBaseUpdaterService;c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\FSCWBaseUpdaterService.exe [2007-6-4 65536]
R2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe -k HsfXAudioService [2008-5-17 21504]
R3 smscirrx;SMSC CIR Receive;c:\windows\system32\drivers\smscirrx.sys [2008-1-17 40448]
R3 TDslMgrService;DSL-Manager;c:\program files\dsl-manager\DslMgrSvc.exe [2009-7-17 307200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 253600]
S3 dsltestSp5;dsltestSp5 NDIS Protocol Driver;c:\windows\system32\drivers\DslTestSp5.sys [2009-7-17 26816]
S3 TridVid;Video Grabber;c:\windows\system32\drivers\tridvid.sys [2008-12-23 168704]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S3 WSDPrintDevice;WSD-Druckunterstützung durch UMB;c:\windows\system32\drivers\WSDPrint.sys [2008-5-17 16896]
S3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys [2009-10-18 19968]
.
=============== Created Last 30 ================
.
2012-04-02 09:09:44	418464	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-04-02 08:23:09	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-04-02 07:23:45	--------	d-----w-	c:\program files\Microsoft WSE
2012-04-02 07:22:34	--------	d-----w-	c:\program files\Netzmanager
2012-04-02 07:21:46	--------	d-----w-	c:\users\***\appdata\local\PackageAware
2012-04-02 06:53:14	--------	d-----w-	c:\users\***\appdata\roaming\Avira
2012-04-02 06:50:57	36000	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-04-02 06:50:56	74640	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-04-02 06:50:55	--------	d-----w-	c:\programdata\Avira
2012-04-02 06:50:55	--------	d-----w-	c:\program files\Avira
2012-04-01 19:21:42	--------	d-----w-	c:\program files\iPod
2012-04-01 19:21:39	--------	d-----w-	c:\program files\iTunes
2012-04-01 18:10:56	2044416	----a-w-	c:\windows\system32\win32k.sys
2012-04-01 18:10:47	613376	----a-w-	c:\windows\system32\rdpencom.dll
2012-04-01 18:10:47	180736	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-04-01 18:10:45	2409784	----a-w-	c:\program files\windows mail\OESpamFilter.dat
2012-04-01 18:10:43	683008	----a-w-	c:\windows\system32\d2d1.dll
2012-04-01 18:10:43	219648	----a-w-	c:\windows\system32\d3d10_1core.dll
2012-04-01 18:10:43	160768	----a-w-	c:\windows\system32\d3d10_1.dll
2012-04-01 18:10:43	1172480	----a-w-	c:\windows\system32\d3d10warp.dll
2012-04-01 18:10:43	1068544	----a-w-	c:\windows\system32\DWrite.dll
2012-04-01 14:44:09	--------	d-----w-	c:\users\***\appdata\roaming\Malwarebytes
2012-04-01 14:43:59	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-01 14:43:57	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2012-03-31 19:53:02	--------	d-----w-	c:\program files\common files\Java(1)
2012-03-25 16:34:01	--------	d-----w-	c:\programdata\Avira(91)
.
==================== Find3M  ====================
.
2012-04-02 09:09:44	70304	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-10 11:57:14	637848	----a-w-	c:\windows\system32\npdeployJava1.dll
2012-01-10 11:57:10	567696	----a-w-	c:\windows\system32\deployJava1.dll
.
============= FINISH: 11:14:35,54 ===============
--- --- ---


Attach.txt
Code:
ATTFilter
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium 
Boot Device: \Device\HarddiskVolume2
Install Date: 09.02.2008 12:27:00
System Uptime: 02.04.2012 11:06:53 (0 hours ago)
.
Motherboard: FUJITSU SIEMENS |  | XTB71___
Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-56 | Socket A | 1800/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 148 GiB total, 82,608 GiB free.
D: is FIXED (NTFS) - 73 GiB total, 33,266 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.2) - Deutsch
Adobe Shockwave Player 11.5
AeroFly Professional Deluxe (inkl. Add-On 1)
ALPS Touch Pad Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoBase 3
ArcSoft PhotoStudio 5
Audacity 1.3.12 (Unicode)
Avira Free Antivirus
Bison WebCam
Bonjour
CanoScan Toolbox Ver4.1
ChargerMonitor V1.0
Compatibility Pack für 2007 Office System
COMPUTER BILD Windows Wiki 2010
Conduit Engine 
Corel Graphics Suite 11
CorelDRAW Graphics Suite 11
CP2101 USB to UART Bridge Controller Driver Installation
CyberLink PhotoNow!
CyberLink Power2Go
CyberLink PowerDirector
CyberLink PowerProducer
DHTML Editing Component
DivX-Setup
dm-Fotowelt
DruckShop Weihnachten
DSL-Manager
EPSON SX430 Series Printer Uninstall
EZ Vinyl/Tape Converter 4.1 by MixMeister
FFmpeg for Audacity on Windows
FirstSteps Diagnostics
FSCLounge
Future Pinball
Game Booster
glasklar Komplettpaket DVD1
Hardcopy (C:\Program Files\Hardcopy)
HDAUDIO Soft Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
InterVideo WinDVD 8
iTunes
Java Auto Updater
Java(TM) 7 Update 3
JavaFX 2.0.3
klickTel OEM 2007
LAME v3.98.3 for Audacity
Lexmark 810 Series
LibreOffice 3.4
MA-VIN
Malwarebytes Anti-Malware Version 1.60.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 German Language Pack
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile DEU Language Pack
Microsoft Application Error Reporting
Microsoft Office PowerPoint Viewer 2007 (German)
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Word 2002
Microsoft Works
Microsoft WSE 3.0 Runtime
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neox Sudoku Trainer 1.0
Nero 7 Essentials
neroxml
NVIDIA Display Control Panel
NVIDIA Drivers
NVIDIA ForceWare Network Access Manager
NVIDIA PhysX
Paint.NET v3.20
PhotoScape
Power Manager 2.1.7
PowerDV
QuickTime
Realtek High Definition Audio Driver
SearchElf 1.2 Toolbar
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
System Requirements Lab
T-Online 6.0
T-Online WLAN-Access Finder
Ulead COOL 360 1.0
Ulead Photo Explorer 8.0 SE Basic
Ulead Photo Express 5 SE
Universallexikon 2008
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
VC80CRTRedist - 8.0.50727.4053
vispa
VLC media player 1.0.5
WinSysClean 2008
XMedia Recode 2.2.1.6
XnView 1.74
.
==== End Of File ===========================
Dann noch ein Scan mit Gmer (Tut mir leid, dass der Internet Explorer geöffnet war!):
Code:
ATTFilter
GMER 1.0.15.14966 - hxxp://www.gmer.net
Rootkit scan 2012-04-02 11:54:00
Windows 6.0.6002 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT            8A1EE7D6                                                                                             ZwCreateSection
SSDT            8A1EE7E0                                                                                             ZwRequestWaitReplyPort
SSDT            8A1EE7DB                                                                                             ZwSetContextThread
SSDT            8A1EE7E5                                                                                             ZwSetSecurityObject
SSDT            8A1EE7EA                                                                                             ZwSystemDebugControl
SSDT            8A1EE777                                                                                             ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text           ntkrnlpa.exe!KeSetEvent + 215                                                                        820AC998 4 Bytes  [D6, E7, 1E, 8A]
.text           ntkrnlpa.exe!KeSetEvent + 539                                                                        820ACCBC 4 Bytes  [E0, E7, 1E, 8A]
.text           ntkrnlpa.exe!KeSetEvent + 56D                                                                        820ACCF0 4 Bytes  [DB, E7, 1E, 8A]
.text           ntkrnlpa.exe!KeSetEvent + 5D1                                                                        820ACD54 4 Bytes  [E5, E7, 1E, 8A]
.text           ntkrnlpa.exe!KeSetEvent + 619                                                                        820ACD9C 4 Bytes  JMP 628A1EE7 
.text           ...                                                                                                  
?               C:\Users\***\AppData\Local\Temp\mbr.sys                                                         Das System kann die angegebene Datei nicht finden. !

---- User code sections - GMER 1.0.15 ----

.text           C:\Program Files\Internet Explorer\iexplore.exe[832] USER32.dll!EnableWindow                         75E0CD8B 5 Bytes  JMP 68B19A14 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[832] USER32.dll!DialogBoxParamW                      75E310B0 5 Bytes  JMP 68A7170B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[832] USER32.dll!DialogBoxIndirectParamW              75E32EF5 5 Bytes  JMP 68C66336 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[832] USER32.dll!DialogBoxParamA                      75E48152 5 Bytes  JMP 68C662D1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[832] USER32.dll!DialogBoxIndirectParamA              75E4847D 5 Bytes  JMP 68C6639B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[832] USER32.dll!MessageBoxIndirectA                  75E5D4D9 5 Bytes  JMP 68C66258 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[832] USER32.dll!MessageBoxIndirectW                  75E5D5D3 5 Bytes  JMP 68C661DF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[832] USER32.dll!MessageBoxExA                        75E5D639 5 Bytes  JMP 68C6617B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[832] USER32.dll!MessageBoxExW                        75E5D65D 5 Bytes  JMP 68C66117 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] kernel32.dll!CreateThread                      75B6CB2E 5 Bytes  JMP 68AD7303 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!CreateDialogParamW                  75E072A2 5 Bytes  JMP 68C666A0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!GetAsyncKeyState                    75E0863C 5 Bytes  JMP 68ABDD8D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!SetWindowsHookExW                   75E087AD 5 Bytes  JMP 68B12194 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!CallNextHookEx                      75E08E3B 5 Bytes  JMP 68B37BAF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!UnhookWindowsHookEx                 75E098DB 5 Bytes  JMP 68B5EB00 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!EnableWindow                        75E0CD8B 5 Bytes  JMP 68B19A14 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!DefWindowProcA                      75E0DB88 7 Bytes  JMP 68AD952D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!CreateWindowExA                     75E0DC2A 5 Bytes  JMP 68AE3363 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!CreateWindowExW                     75E11305 5 Bytes  JMP 68B3FF87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!GetKeyState                         75E18CB1 5 Bytes  JMP 68ABDC67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!DefWindowProcW                      75E203B4 7 Bytes  JMP 68B37C12 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!IsDialogMessageW                    75E20745 5 Bytes  JMP 68C66E05 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!CreateDialogParamA                  75E217AA 5 Bytes  JMP 68C66668 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!IsDialogMessage                     75E21847 2 Bytes  JMP 68C66DDD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!IsDialogMessage + 3                 75E2184A 2 Bytes  [E4, F2] {IN AL, 0xf2}
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!CreateDialogIndirectParamA          75E226F1 5 Bytes  JMP 68C666D8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!CreateDialogIndirectParamW          75E29A62 5 Bytes  JMP 68C66710 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!SetKeyboardState                    75E30987 5 Bytes  JMP 68C676D1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!DialogBoxParamW                     75E310B0 5 Bytes  JMP 68A7170B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!DialogBoxIndirectParamW             75E32EF5 5 Bytes  JMP 68C66336 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!SendInput                           75E32F75 5 Bytes  JMP 68C67679 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!EndDialog                           75E3326E 5 Bytes  JMP 68C670B4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!SetCursorPos                        75E46FB2 5 Bytes  JMP 68C67752 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!DialogBoxParamA                     75E48152 5 Bytes  JMP 68C662D1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!DialogBoxIndirectParamA             75E4847D 5 Bytes  JMP 68C6639B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!MessageBoxIndirectA                 75E5D4D9 5 Bytes  JMP 68C66258 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!MessageBoxIndirectW                 75E5D5D3 5 Bytes  JMP 68C661DF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!MessageBoxExA                       75E5D639 5 Bytes  JMP 68C6617B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!MessageBoxExW                       75E5D65D 5 Bytes  JMP 68C66117 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] USER32.dll!keybd_event                         75E5D972 5 Bytes  JMP 68C67636 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] SHELL32.dll!SHRestricted + D95                 761A89A8 4 Bytes  [CF, 01, C2, 66]
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] SHELL32.dll!SHRestricted + D9D                 761A89B0 8 Bytes  [E0, 61, C1, 66, 79, F7, C1, ...]
.text           C:\Program Files\Internet Explorer\iexplore.exe[2872] ole32.dll!OleLoadFromStream                    76F51E80 5 Bytes  JMP 68C66B0F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] kernel32.dll!CreateThread                      75B6CB2E 5 Bytes  JMP 68AD7303 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!CreateDialogParamW                  75E072A2 5 Bytes  JMP 68C666A0 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!GetAsyncKeyState                    75E0863C 5 Bytes  JMP 68ABDD8D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!SetWindowsHookExW                   75E087AD 5 Bytes  JMP 68B12194 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!CallNextHookEx                      75E08E3B 5 Bytes  JMP 68B37BAF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!UnhookWindowsHookEx                 75E098DB 5 Bytes  JMP 68B5EB00 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!EnableWindow                        75E0CD8B 5 Bytes  JMP 68B19A14 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!DefWindowProcA                      75E0DB88 7 Bytes  JMP 68AD952D C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!CreateWindowExA                     75E0DC2A 5 Bytes  JMP 68AE3363 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!CreateWindowExW                     75E11305 5 Bytes  JMP 68B3FF87 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!GetKeyState                         75E18CB1 5 Bytes  JMP 68ABDC67 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!DefWindowProcW                      75E203B4 7 Bytes  JMP 68B37C12 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!IsDialogMessageW                    75E20745 5 Bytes  JMP 68C66E05 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!CreateDialogParamA                  75E217AA 5 Bytes  JMP 68C66668 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!IsDialogMessage                     75E21847 2 Bytes  JMP 68C66DDD C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!IsDialogMessage + 3                 75E2184A 2 Bytes  [E4, F2] {IN AL, 0xf2}
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!CreateDialogIndirectParamA          75E226F1 5 Bytes  JMP 68C666D8 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!CreateDialogIndirectParamW          75E29A62 5 Bytes  JMP 68C66710 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!SetKeyboardState                    75E30987 5 Bytes  JMP 68C676D1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!DialogBoxParamW                     75E310B0 5 Bytes  JMP 68A7170B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!DialogBoxIndirectParamW             75E32EF5 5 Bytes  JMP 68C66336 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!SendInput                           75E32F75 5 Bytes  JMP 68C67679 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!EndDialog                           75E3326E 5 Bytes  JMP 68C670B4 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!SetCursorPos                        75E46FB2 5 Bytes  JMP 68C67752 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!DialogBoxParamA                     75E48152 5 Bytes  JMP 68C662D1 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!DialogBoxIndirectParamA             75E4847D 5 Bytes  JMP 68C6639B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!MessageBoxIndirectA                 75E5D4D9 5 Bytes  JMP 68C66258 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!MessageBoxIndirectW                 75E5D5D3 5 Bytes  JMP 68C661DF C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!MessageBoxExA                       75E5D639 5 Bytes  JMP 68C6617B C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!MessageBoxExW                       75E5D65D 5 Bytes  JMP 68C66117 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] USER32.dll!keybd_event                         75E5D972 5 Bytes  JMP 68C67636 C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] SHELL32.dll!SHRestricted + D95                 761A89A8 4 Bytes  [CF, 01, C2, 66]
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] SHELL32.dll!SHRestricted + D9D                 761A89B0 8 Bytes  [E0, 61, C1, 66, 79, F7, C1, ...]
.text           C:\Program Files\Internet Explorer\iexplore.exe[3656] ole32.dll!OleLoadFromStream                    76F51E80 5 Bytes  JMP 68C66B0F C:\Windows\system32\IEFRAME.dll (Internet Browser/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device          \Driver\BTHUSB \Device\00000074                                                                      bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)
Device          \Driver\BTHUSB \Device\00000076                                                                      bthport.sys (Bluetooth-Bustreiber/Microsoft Corporation)

AttachedDevice  \FileSystem\fastfat \Fat                                                                             fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d01269                          
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001060d0161a                          
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                  0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew               0x4B 0x7A 0xA4 0xC6 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001060d01269                              
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001060d0161a                              
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04                         
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0                      0
Reg             HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew                   0x4B 0x7A 0xA4 0xC6 ...

---- Files - GMER 1.0.15 ----

File            C:\Windows\System32\config\systemprofile\AppData\Roaming\Apple Computer\Logs\asl.084709_02Apr12.log  (size mismatch) 5154/0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Roaming\Apple Computer\Logs\asl.110817_02Apr12.log  (size mismatch) 4720/0 bytes
File            C:\Windows\System32\config\systemprofile\AppData\Roaming\Apple Computer\Logs\asl.211932_01Apr12.log  (size mismatch) 5154/0 bytes
File            C:\Windows\System32\LogFiles\IN1204.log                                                              (size mismatch) 1280/1148 bytes
File            C:\Windows\System32\LogFiles\Scm\SCM.EVM                                                             (size mismatch) 360448/0 bytes
File            C:\Windows\System32\LogFiles\WUDF\WUDFTrace.etl                                                      (size mismatch) 16384/0 bytes
File            C:\Windows\System32\spool\SpoolerETW.etl                                                             (size mismatch) 4096/0 bytes
File            C:\Windows\System32\wfp\wfpdiag.etl                                                                  (size mismatch) 65536/0 bytes
File            C:\Windows\System32\WDI\LogFiles\WdiContextLog.etl.002                                               (size mismatch) 344064/311296 bytes

---- EOF - GMER 1.0.15 ----
Beschreibung zu TR/Ransom.EJ.3: hxxp://www.avira.com/de/support-threats-summary/tid/7288/threat/TR.Ransom.EJ.3

Vielen Dank im Vorraus!

 

Themen zu Computer mit TR/Ransom.EJ.3 infiziert
50 euro, acrobat update, adobe, antivir, avira, bka trojaner, bonjour, computer, conduit, converter, defender, desktop, deutschlandflagge, error, euro, explorer, flash player, fontcache, home, infiziert, pdf, plug-in, registry, required, scan, security, security update, software, svchost.exe, system, temp, tr/ransom.ej.3, usb, windows, zahlung, öffnet


« vermeintlicher BKA-Trojaner - wirklich weg? | TR/MediyesH.A.9 TR/Rootkit.Gen8 TR/ATRAPS.gen »


Ähnliche Themen: Computer mit TR/Ransom.EJ.3 infiziert


  1. Windows XP Professional: Computer bootet nicht mehr nach Mehrfachinfektion mit Ransom-Trojanern
    Plagegeister aller Art und deren Bekämpfung - 07.09.2013 (11)
  2. TR/Ransom.Blocker EXP/Java.HLP.FW TR/Drop.Dapato.cdtt PC infiziert
    Log-Analyse und Auswertung - 29.06.2013 (34)
  3. Ransom-Trojaner eingefangen. Nichts geht mehr. Computer gesperrt.
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (23)
  4. XP System infiziert! TR/Ransom.Blocker.bgtk/.bgjy-EXP/Pidief.eho-EXP/CVE-2013-1493.A.87
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (13)
  5. Computer möglicherweise infiziert
    Log-Analyse und Auswertung - 06.02.2013 (1)
  6. Computer mit Bundestrojaner infiziert
    Log-Analyse und Auswertung - 21.11.2012 (6)
  7. Ransom.Gen bzw Computer blockert 100 EUR
    Log-Analyse und Auswertung - 29.10.2012 (6)
  8. Ihr Computer wurde gesperrt ... Trojaner Trojan.Ransom.Gen
    Plagegeister aller Art und deren Bekämpfung - 23.10.2012 (7)
  9. Rechner infiziert mit TR Ransom und TR Yakes hat das Auswirkungen auf andere PCs im Heimnetzwerk?
    Log-Analyse und Auswertung - 13.10.2012 (2)
  10. Infiziert mit Trojan.Ransom
    Plagegeister aller Art und deren Bekämpfung - 28.09.2012 (33)
  11. Computer infiziert?
    Log-Analyse und Auswertung - 04.09.2012 (31)
  12. Infiziert mit Spyware.Zbot.DG und Trojan.Ransom.Gen
    Log-Analyse und Auswertung - 09.08.2012 (2)
  13. Computer Infiziert?
    Log-Analyse und Auswertung - 04.03.2011 (35)
  14. computer ev. infiziert
    Plagegeister aller Art und deren Bekämpfung - 08.02.2011 (3)
  15. Computer friert ein! Infiziert??
    Log-Analyse und Auswertung - 04.01.2009 (12)
  16. Computer infiziert!
    Plagegeister aller Art und deren Bekämpfung - 05.09.2008 (9)
  17. Computer infiziert?
    Mülltonne - 15.08.2007 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Computer mit TR/Ransom.EJ.3 infiziert - Hallo, der Computer meines Vaters wurde von TR/Ransom.EJ.3 befallen. Er zeigte die dafür üblichen Symptome: Der Bildschirminhalt wird abgedunkelt und ein Fenster öffnet sich, dass zu einer Zahlung von 50 - Computer mit TR/Ransom.EJ.3 infiziert...
Archiv
Du betrachtest: Computer mit TR/Ransom.EJ.3 infiziert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27