Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Malwarebytes-Funde

Malwarebytes-Funde


Plagegeister aller Art und deren Bekämpfung: Malwarebytes-Funde

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 20.09.2012, 17:27   #22
Horst1980
 
Malwarebytes-Funde - Standard

Malwarebytes-Funde


GMER-Log:
Code:
ATTFilter
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-09-20 17:49:55
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-f Maxtor_7L250S0 rev.BACE1G10
Running: l0cjuesy.exe; Driver: C:\DOKUME~1\TANTEK~1\LOKALE~1\Temp\uwldypow.sys


---- Kernel code sections - GMER 1.0.15 ----

.text           C:\WINDOWS\system32\DRIVERS\ati2mtag.sys                                  section is writeable [0xB99A4000, 0x1C5D38, 0xE8000020]
.text           C:\WINDOWS\system32\DRIVERS\atksgt.sys                                    section is writeable [0xAEDCD300, 0x22020, 0xE8000020]
.text           C:\WINDOWS\system32\DRIVERS\lirsgt.sys                                    section is writeable [0xBA4A0300, 0x1B7E, 0xE8000020]

---- Devices - GMER 1.0.15 ----

Device                                                                                    mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device                                                                                    AE6ECD20
Device                                                                                    AE704631

AttachedDevice                                                                            fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System                     
Reg             HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\System@OODI03.00.00.01PRO  D75DDEBEF0371A271F5ECFB3D5F5F0D0D4E0A3DCCFE91BB77F1388F8D88D717B36BFF3352AEB2784523E3B7D52667F526583EADB1605D6EB0D3DFCE626DA7CCE0B78DA3CA6765C76305C2596816472F89D7960E3094519A2CE9E5AFA6EEA1EB9F5C67154870F2DB9A61324DD629384AD5853EDD5A5D5031AAAA1FCB7CB91FC6E8A902E4025D2658D965EDF792878C66462C613D51C458A13FCD6D8E28C07139C525C180708C225B455DF964F3B7B9B90FDAD604D52067653136E7686B064ADFB48D5CA73EE41DC77ABDC188C366BBB2B6106FDE960FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D14078EDD5E5BE2F6E667A2D97226D213B5556345ED617E41E537A7F780A440DC5E14CBC718209940E4E3C7D439FA656D4B375D6EBB0066B0CA761F025A541A47228480ED5D890DCA49AEF991CF784475297B38B9C6EE3EAEEEB4E1D9B8A5F76B6951E892DE16086676ABEE0A3391CC1603FEB194702FA10317C395AFAC07ADE9F84D34C900403CA554C67C56B5EC27F5816CE9BA1A36D20ECC2B4487CCDAB772D8FC72FC25F67B2F0C22DDE5AF279ED18EA2E3C02D6DB53ED927D9B8AEF6314DD6979BE7B81EBC3F0C92B37AFACE24F95AB48A8D1532D31AD0A728EDF1A45E54848A8A1CA88A9925852301A97

---- EOF - GMER 1.0.15 ----
OSAM-Log:
Code:
ATTFilter
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 17:59:02 on 20.09.2012

OS: Windows XP Professional Service Pack 3 (Build 2600)
Default Browser: Mozilla Corporation Firefox 15.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"MpIdleTask.job" - "Microsoft Corporation" - C:\Programme\Microsoft Security Client\MpCmdRun.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
"infocardcpl.cpl" - "Microsoft Corporation" - C:\WINDOWS\system32\infocardcpl.cpl
"PRApplet.cpl" - "Intel(R) Corporation" - C:\WINDOWS\system32\PRApplet.cpl
"stac97.cpl" - "Sigmatel, Inc." - C:\WINDOWS\system32\stac97.cpl
"Startup.cpl" - ? - C:\WINDOWS\system32\Startup.cpl  (File found, but it contains no detailed information)

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"actser" (actser) - "Siemens AG" - C:\WINDOWS\System32\drivers\actser.sys
"Aspi32" (Aspi32) - ? - C:\WINDOWS\System32\drivers\aspi32.sys  (File not found)
"atksgt" (atksgt) - ? - C:\WINDOWS\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"catchme" (catchme) - ? - C:\DOKUME~1\TANTEK~1\LOKALE~1\Temp\catchme.sys  (File not found)
"Changer" (Changer) - ? - C:\WINDOWS\system32\drivers\Changer.sys  (File not found)
"CO_Mon" (CO_Mon) - ? - C:\WINDOWS\system32\Drivers\CO_Mon.sys  (File found, but it contains no detailed information)
"Dual-Mode Digital Camera" (MR97310_VGA_DUAL_CAMERA) - "Mars Semiconductor Corp." - C:\WINDOWS\System32\DRIVERS\mr97310v.sys
"ELTIMA Virtual Serial Ports Driver" (vserial) - "ELTIMA Software" - C:\WINDOWS\System32\DRIVERS\vserial.sys
"grmnusb" (grmnusb) - "GARMIN Corp." - C:\WINDOWS\System32\drivers\grmnusb.sys
"Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\WINDOWS\System32\DRIVERS\hamachi.sys
"Headset Master 5.1 USB Sound Interface" (cmudau32) - "C-Media Inc" - C:\WINDOWS\System32\drivers\cmudaxu.sys
"lbrtfdc" (lbrtfdc) - ? - C:\WINDOWS\system32\drivers\lbrtfdc.sys  (File not found)
"lirsgt" (lirsgt) - ? - C:\WINDOWS\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MicroGuard Copy Protection" (MicroGuard) - ? - C:\WINDOWS\system32\drivers\mgnt.sys  (File found, but it contains no detailed information)
"MpKsl3bc7a413" (MpKsl3bc7a413) - "Microsoft Corporation" - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{4AB63EC9-362B-4414-B51E-3E85181780EB}\MpKsl3bc7a413.sys
"PCIDump" (PCIDump) - ? - C:\WINDOWS\system32\drivers\PCIDump.sys  (File not found)
"PDCOMP" (PDCOMP) - ? - C:\WINDOWS\system32\drivers\PDCOMP.sys  (File not found)
"PDFRAME" (PDFRAME) - ? - C:\WINDOWS\system32\drivers\PDFRAME.sys  (File not found)
"PDRELI" (PDRELI) - ? - C:\WINDOWS\system32\drivers\PDRELI.sys  (File not found)
"PDRFRAME" (PDRFRAME) - ? - C:\WINDOWS\system32\drivers\PDRFRAME.sys  (File not found)
"PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\WINDOWS\System32\drivers\Afc.sys
"Prolific Serial port driver" (Ser2pl) - "Prolific Technology Inc." - C:\WINDOWS\System32\DRIVERS\ser2pl.sys
"PxHelp20" (PxHelp20) - "Sonic Solutions" - C:\WINDOWS\System32\Drivers\PxHelp20.sys
"siusbmod" (siusbmod) - ? - C:\WINDOWS\System32\DRIVERS\siusbmod.sys  (File not found)
"Splitcam, WDM Camera Stream Splitter" (SPLITCAM) - ? - C:\WINDOWS\System32\DRIVERS\splitcam.sys  (File not found)
"uwldypow" (uwldypow) - ? - C:\DOKUME~1\TANTEK~1\LOKALE~1\Temp\uwldypow.sys  (Hidden registry entry, rootkit activity | File not found)
"Virtual Serial Bus Enumerator" (vsbus) - "ELTIMA Software" - C:\WINDOWS\System32\DRIVERS\vsb.sys
"WDICA" (WDICA) - ? - C:\WINDOWS\system32\drivers\WDICA.sys  (File not found)
"Webcam Deluxe" (ovt530) - "OmniVision Technologies, Inc." - C:\WINDOWS\System32\Drivers\ov530vid.sys

[Explorer]
-----( HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components )-----
{89B4C1CD-B018-4511-B0A1-5476DBF70820} "StubPath" - "Microsoft Corporation" - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
-----( HKLM\Software\Classes\Protocols\Filter )-----
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{1E66F26B-79EE-11D2-8710-00C04F79ED0D} "Cor MIME Filter, CorFltr, CorFltr 1" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Programme\7-Zip\7-zip.dll
{42071714-76d4-11d1-8b24-00a0c9068ff3} "CPL-Erweiterung für Anzeigeverschiebung" - ? -   (File not found | COM-object registry key not found)
{09A47860-11B0-4DA5-AFA5-26D86198A780} "EPP" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~4\shellext.dll
{1D2680C9-0E2A-469d-B787-065558BC7D43} "Fusion Cache" - "Microsoft Corporation" - C:\WINDOWS\system32\mscoree.dll
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? -   (File not found | COM-object registry key not found)
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} "Kontextmenü für die Verschlüsselung" - ? -   (File not found | COM-object registry key not found)
{BC476F4C-D9D7-4100-8D4E-E043F6DEC409} "Microsoft Browser Architecture" - ? -   (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Programme\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\GEMEIN~1\MICROS~1\OFFICE12\msoshext.dll
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "Shell Extensions for RealOne Player" - ? -   (File not found | COM-object registry key not found)
{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} "Shell Icon Handler for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{764BF0E1-F219-11ce-972D-00AA00A14F56} "Shellerweiterungen für die Dateikomprimierung" - ? -   (File not found | COM-object registry key not found)
{e82a2d71-5b2f-43a0-97b8-81be15854de8} "ShellLink for Application References" - "Microsoft Corporation" - C:\WINDOWS\system32\dfshim.dll
{EE75AC21-B24F-11d3-BA80-00C0CA16AA37} "Siemens Device" - ? -   (File not found | COM-object registry key not found)
{EE75AC22-B24F-11d3-BA80-00C0CA16AA37} "Siemens Device ContextMenuHandler" - ? -   (File not found | COM-object registry key not found)
{EE75AC23-B24F-11d3-BA80-00C0CA16AA37} "Siemens Device PropertySheetHandlers" - ? -   (File not found | COM-object registry key not found)
{5E2121EE-0300-11D4-8D3B-444553540000} "SimpleShlExt Class" - "Advanced Micro Devices, Inc." - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Web Folders" - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\MSONSEXT.DLL
DefragglerShellExtension "{4380C993-0C43-4E02-9A7A-0D40B6EA7590}" - ? -   (File not found | COM-object registry key not found)

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
ITBar7Height "ITBar7Height" - ? -   (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -   (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{EF791A6B-FC12-4C68-99EF-FB9E207A39E6} "McFreeScan Class" - "McAfee, Inc." - C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll / 
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} "MUWebControl Class" - "Microsoft Corporation" - C:\WINDOWS\system32\muweb.dll / hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1346857358843
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\WINDOWS\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} "{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}" - ? -   (File not found | COM-object registry key not found) / 
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{48E73304-E1D6-4330-914C-F5F514E3486C} "An OneNote senden" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\Programme\Spybot\SDHelper.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\Programme\Spybot\SDHelper.dll

[Logon]
-----( %AllUsersProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini
-----( %UserProfile%\Startmenü\Programme\Autostart )-----
"desktop.ini" - ? - C:\Dokumente und Einstellungen\TanteKaete\Startmenü\Programme\Autostart\desktop.ini
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"EMET Notifier" - "Microsoft Corporation" - C:\Programme\EMET\EMET_notifier.exe
"MSC" - "Microsoft Corporation" - "C:\Programme\Microsoft Security Client\msseces.exe" -hide -runkey

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Lexmark Network Port" - "Lexmark International, Inc." - C:\WINDOWS\system32\LEXLMPM.DLL
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\WINDOWS\system32\msonpmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Adobe LM Service" (Adobe LM Service) - ? - "C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe"  (File not found)
"ASP.NET State Service" (aspnet_state) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
"ATI Smart" (ATI Smart) - ? - C:\WINDOWS\system32\ati2sgag.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
"Intel NCS NetService" (NetSvc) - "Intel(R) Corporation" - C:\Programme\Intel\PROSetWired\NCS\Sync\NetSvc.exe
"LexBce Server" (LexBceS) - "Lexmark International, Inc." - C:\WINDOWS\system32\LEXBCES.EXE
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Antimalware Service" (MsMpSvc) - "Microsoft Corporation" - C:\Programme\Microsoft Security Client\MsMpEng.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE
"NMIndexingService" (NMIndexingService) - "Nero AG" - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
"Windows CardSpace" (idsvc) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
"Windows Presentation Foundation Font Cache 3.0.0.0" (FontCache3.0.0.0) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
"Windows Presentation Foundation Font Cache 4.0.0.0" (WPFFontCache_v0400) - "Microsoft Corporation" - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

[Winlogon]
-----( HKCU\Control Panel\IOProcs )-----
"MVB" - ? - mvfs32.dll  (File not found)
-----( HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify )-----
"WgaLogon" - "Microsoft Corporation" - C:\WINDOWS\system32\WgaLogon.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
aswMBR-Log:
Code:
ATTFilter
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-20 18:01:08
-----------------------------
18:01:08.734    OS Version: Windows 5.1.2600 Service Pack 3
18:01:08.734    Number of processors: 2 586 0x403
18:01:08.734    ComputerName: TANTE_KAETE  UserName: TanteKaete
18:01:09.062    Initialize success
18:02:45.919    AVAST engine defs: 12092000
18:03:38.153    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-f
18:03:38.153    Disk 0 Vendor: Maxtor_7L250S0 BACE1G10 Size: 238418MB BusType: 3
18:03:38.153    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T1L0-17
18:03:38.153    Disk 1 Vendor: SAMSUNG_HD501LJ CR100-10 Size: 476940MB BusType: 3
18:03:38.169    Disk 0 MBR read successfully
18:03:38.169    Disk 0 MBR scan
18:03:38.247    Disk 0 unknown MBR code
18:03:38.263    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       62 MB offset 63
18:03:38.309    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        29996 MB offset 128583
18:03:38.309    Disk 0 Partition - 00     0F Extended LBA            205275 MB offset 61561080
18:03:38.341    Disk 0 Partition 3 00     DB  CP/M / CTOS Dell 8.0     3074 MB offset 481966065
18:03:38.388    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       205275 MB offset 61561143
18:03:38.403    Disk 0 scanning sectors +488263545
18:03:38.638    Disk 0 scanning C:\WINDOWS\system32\drivers
18:04:26.388    Service scanning
18:04:32.153    Service MpKsl3bc7a413 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft\Microsoft Antimalware\Definition Updates\{4AB63EC9-362B-4414-B51E-3E85181780EB}\MpKsl3bc7a413.sys **LOCKED** 32
18:04:39.825    Modules scanning
18:05:14.372    Disk 0 trace - called modules:
18:05:14.419    ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS 
18:05:14.419    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8adc5ab8]
18:05:14.419    3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-f[0x8ae37d98]
18:05:14.731    AVAST engine scan C:\WINDOWS
18:05:32.856    AVAST engine scan C:\WINDOWS\system32
18:14:33.419    AVAST engine scan C:\WINDOWS\system32\drivers
18:15:33.559    AVAST engine scan C:\Dokumente und Einstellungen\TanteKaete
18:19:53.231    AVAST engine scan C:\Dokumente und Einstellungen\All Users
18:22:40.872    Scan finished successfully
18:22:52.325    Disk 0 MBR has been saved successfully to "C:\Dokumente und Einstellungen\TanteKaete\Desktop\MBR.dat"
18:22:52.325    The log file has been saved successfully to "C:\Dokumente und Einstellungen\TanteKaete\Desktop\aswMBR.txt"

 

Themen zu Malwarebytes-Funde
administrator, adobe, adobe flash player, bho, defender, download, error, excel, explorer, fehler, fehlermeldung, firefox, flash player, format, logfile, mozilla, neustart, office 2007, problem, problembehandlung, pum.hijack.homepagecontrol, registry, richtlinie, rogue.antivirus2008, rundll, safer networking, schutz, security, software, udp, windows internet, windows-firewall


« Nach Befall von Exploit.Drop.GS und Trojan.PWS - Pc trotz angeblicher erfolgreicher Bereinigung immer noch langsam | incredibar - mystart - kriege das nicht runter vom PC »


Ähnliche Themen: Malwarebytes-Funde


  1. Windows 7: AVAST 3 Funde, Malwarebytes 8 Funde
    Log-Analyse und Auswertung - 16.12.2014 (13)
  2. Malwarebytes Funde! Und nun?
    Log-Analyse und Auswertung - 10.04.2014 (15)
  3. Unzählige PUP Funde bei Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 25.01.2014 (11)
  4. Win XP: Malwarebytes- und Avira-Funde
    Log-Analyse und Auswertung - 03.01.2014 (9)
  5. malwarebytes zeigt 12 funde an!
    Plagegeister aller Art und deren Bekämpfung - 01.01.2014 (9)
  6. 14 Funde bei Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 13.12.2013 (11)
  7. Funde bei Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 05.10.2013 (22)
  8. Funde malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 02.10.2013 (5)
  9. Funde mit Malwarebytes und Eset
    Log-Analyse und Auswertung - 25.09.2013 (3)
  10. Malwarebytes 34 Funde Normal ?
    Plagegeister aller Art und deren Bekämpfung - 20.09.2013 (15)
  11. Windows 7: Avira hat 172 Viren gefunden, davor mehrer Funde einzel Funde bei Malwarebytes bzw. Avira
    Log-Analyse und Auswertung - 15.09.2013 (13)
  12. Malwarebytes Log - Viele Funde
    Log-Analyse und Auswertung - 08.09.2013 (7)
  13. 53 Funde durch malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 31.08.2013 (9)
  14. Malwarebytes meldet 8 PUP Funde
    Plagegeister aller Art und deren Bekämpfung - 27.01.2013 (27)
  15. Malwarebytes Log: 16 Funde
    Log-Analyse und Auswertung - 20.09.2011 (1)
  16. Merkwürdige Funde in Malwarebytes ...
    Plagegeister aller Art und deren Bekämpfung - 11.05.2011 (40)
  17. Funde mit Malwarebytes
    Log-Analyse und Auswertung - 03.06.2010 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Malwarebytes-Funde - GMER-Log: Code: Alles auswählen Aufklappen ATTFilter GMER 1.0.15.15641 - hxxp://www.gmer.net Rootkit scan 2012-09-20 17:49:55 Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-f Maxtor_7L250S0 rev.BACE1G10 Running: l0cjuesy.exe; Driver: C:\DOKUME~1\TANTEK~1\LOKALE~1\Temp\uwldypow.sys ---- Kernel - Malwarebytes-Funde...
Archiv
Du betrachtest: Malwarebytes-Funde auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131