Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Malewarealarm

Malewarealarm


Plagegeister aller Art und deren Bekämpfung: Malewarealarm

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.03.2009, 17:31   #1
Th3 Cr4xX
 
Malewarealarm - Ausrufezeichen

Malewarealarm



Hallo, diese Virenmeldung kommt täglich ca. 3-7 mal. Vermutlich davon entstandene Schäden erkenne ich dadurch, dass die Verbindung von meiner Wireless-Karte ständig abbricht und wieder kommt.

Ich habe keine Ahnung wie ich das Ding wegbekomme. Hoffe jemand kann helfen!

Danke schonmal!

Alt 17.03.2009, 17:33   #2
4RobSen8
 
Malewarealarm - Standard

Malewarealarm


Hallo...und

http://www.trojaner-board.de/69886-a...-beachten.html
Arbeite bitte die Punkte ab 2 ab.
__________________

__________________
Alt 17.03.2009, 18:19   #3
Th3 Cr4xX
 
Malewarealarm - Standard

Malewarealarm


allready done! bringt alles nix
__________________
Alt 17.03.2009, 18:23   #4
4RobSen8
 
Malewarealarm - Standard

Malewarealarm


Vllt. solltest die Anweisung nochmal lesen und die Ergebnisse hier rein stellen!?!
Wie soll man dir sonst helfen?
__________________
_____________________________________________
„Optimismus ist nur ein Mangel an Information.“
Heiner Müller

Sicherheit?->Allgemeine Informationen

Der Plural von Virus heisst "Vira"!
virus(viri, n.) Substantiv O-Deklination Nom.pl/Akk.pl.

Alt 17.03.2009, 20:43   #5
Th3 Cr4xX
 
Malewarealarm - Standard

Malewarealarm


Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:42:08, on 17.03.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\CDBurnerXP\NMSAccessU.exe
C:\Programme\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\713xRMTMon.exe
C:\Programme\Microsoft IntelliType Pro\itype.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\NETGEAR\WAG511 Configuration Utility\wlancfg3.exe
C:\Programme\honestech\honestech TVR\scheduleTV.exe
C:\WINDOWS\713xRMT.exe
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe
O4 - HKLM\..\Run: [itype] "C:\Programme\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NETGEAR WAG511 Smart Wizard.lnk = ?
O4 - Global Startup: Scheduler for OEM.lnk = C:\Programme\honestech\honestech TVR\scheduleTV.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c999732346e10a) (gupdate1c999732346e10a) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programme\CDBurnerXP\NMSAccessU.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: WMI-Leistungsadapter (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe (file missing)

--
End of file - 6097 bytes


Alt 17.03.2009, 20:49   #6
Th3 Cr4xX
 
Malewarealarm - Standard

Malewarealarm


[CODE]Malwarebytes' Anti-Malware 1.34
Datenbank Version: 1859
Windows 5.1.2600 Service Pack 3

17.03.2009 18:48:55
mbam-log-2009-03-17 (18-48-45).txt

Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 189153
Laufzeit: 53 minute(s), 34 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 12
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 4540

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\avlwarning.warningbho (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\avlwarning.warningbho.1 (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a21c8d81-a9c7-46c6-a488-2a32fa0daeb6} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\antiviruslab2009 (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\BIFROST1.2 (Backdoor.Bifrose) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\WINDOWS\system32\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP229\A0228066.exe (Backdoor.Rustock) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP229\A0229155.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223062.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223098.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223116.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223134.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223152.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223170.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223188.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223049.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223050.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223051.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223053.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223055.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223056.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223057.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223058.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223059.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223060.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223061.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223063.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223064.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223067.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223069.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223070.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223071.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223072.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223073.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223074.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223075.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223076.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223077.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223086.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223087.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223088.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223089.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223090.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223091.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223092.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223093.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223095.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223096.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223097.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223099.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223100.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223101.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223102.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223103.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223104.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223105.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223106.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223107.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223108.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223109.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223110.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223111.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223112.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223113.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223114.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223115.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223117.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223118.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223119.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223120.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223121.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223122.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223123.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223124.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223125.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223126.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223127.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223128.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223129.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223130.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223131.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223132.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223133.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223135.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223136.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223137.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223138.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223139.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223140.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223141.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223142.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223143.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223144.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223145.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223146.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223147.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223148.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223149.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223150.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223151.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223153.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223154.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223155.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223156.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223157.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223158.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223159.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223160.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223161.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223162.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223163.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223164.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223165.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223166.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223167.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223168.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223169.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223171.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223172.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223173.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223174.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223175.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223176.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223178.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223179.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223180.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223181.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223182.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223183.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223184.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223185.sys (Rootkit.Agent) -> Quarantined and deleted successfully.


Das dürfte jetzt ungefähr ein Fünzigstel sein vom ganzen. kein scherz. aber das ganze geht genaus weiter einfach nur die zahlen hinten ändern

Alt 18.03.2009, 00:48   #7
4RobSen8
 
Malewarealarm - Standard

Malewarealarm


Wie kommst du an soviel Mist???
Ich würde ja sofort Neuaufsetzten!!!
Oder ne neue Festplatte kaufen^^

Falls du noch willst:
Lasse vorher mal GMER laufen...

GMER - Rootkit Detection
  • Lade Tralala von File-Upload.net - Tralala.exe
  • Klick auf Download (rechts in der Mitte) und speichere es auf den Desktop
  • Doppelklick auf Tralala.exe
  • Der Reiter Rootkit oben ist schon angewählt
  • Drücke Scan, Der Vorgang kann je nach System 3 - 10min dauern
  • nach Beendigung des Scan, drücke "Copy"
  • nun kannst Du das Ergebnis hier einfügen. Sollte das Log zu lang sein, dann lade es bei einem Filehoster wie z.B. Materialordner.de hoch und poste den Link.
  • Sollte GMER sagen "Gmer hasen´t found any System Modifikation", so hat GMER keine Einträge gefunden.
__________________
_____________________________________________
„Optimismus ist nur ein Mangel an Information.“
Heiner Müller

Sicherheit?->Allgemeine Informationen

Der Plural von Virus heisst "Vira"!
virus(viri, n.) Substantiv O-Deklination Nom.pl/Akk.pl.
Geändert von 4RobSen8 (18.03.2009 um 01:46 Uhr)

Alt 18.03.2009, 12:47   #8
Th3 Cr4xX
 
Malewarealarm - Standard

Malewarealarm


das scheint nur ein virus gewesen zu sein, der sich dann tausendfach verbreitet hat.

Alt 18.03.2009, 15:09   #9
Crusader
/// Helfer-Team
 
Malewarealarm - Standard

Malewarealarm


Wow, aber Respekt, da bleibt mir die Spuke weg.....

So was hab ich auch noch nie gesehen!

@ 4RobSen8: Du hast die Ehre.
__________________
KEINE Hilfe per PN, für was wäre sonst das Forum da?

Trojaner Board unterstützen! | Mei Bier is ned deppad, du bist deppad! | [Invisible Fighters] Clan

Alt 18.03.2009, 15:29   #10
4RobSen8
 
Malewarealarm - Standard

Malewarealarm


Zitat:
Zitat von Th3 Cr4xX Beitrag anzeigen
das scheint nur ein virus gewesen zu sein, der sich dann tausendfach verbreitet hat.
Die Betonung liegt auf nur

Fazit: NEUAUFSETZTEN

Und hier: Anleitung: Avira Antivir - Agressive Einstellungen
__________________
_____________________________________________
„Optimismus ist nur ein Mangel an Information.“
Heiner Müller

Sicherheit?->Allgemeine Informationen

Der Plural von Virus heisst "Vira"!
virus(viri, n.) Substantiv O-Deklination Nom.pl/Akk.pl.

Antwort

Themen zu Malewarealarm
ahnung, erkenne, hoffe, malewarealarm, meldung, schonmal, schäden, täglich, verbindung, vermutlich, virenmeldung


« Kein Festplattenzugriff durch Recycler Problem | Defragmentierung und Aktualisierung des Virenprogrammes nicht möglich »


Zum Thema Malewarealarm - Hallo, diese Virenmeldung kommt täglich ca. 3-7 mal. Vermutlich davon entstandene Schäden erkenne ich dadurch, dass die Verbindung von meiner Wireless-Karte ständig abbricht und wieder kommt. Ich habe keine Ahnung - Malewarealarm...
Archiv
Du betrachtest: Malewarealarm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55