Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: BOO/Sinowal.A in allen Bootsectoren!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.04.2009, 21:57   #16
Janosch12345
 
BOO/Sinowal.A in allen Bootsectoren! - Standard

BOO/Sinowal.A in allen Bootsectoren!



Hallo Undoreal!

hier der log von Avira mit den Agressiven settings:

Code:
ATTFilter
Avira AntiVir Personal
Report file date: Mittwoch, 15. April 2009  21:03

Scanning for 1354334 virus strains and unwanted programs.

Licensee        : Avira AntiVir Personal - FREE Antivirus
Serial number   : 0000149996-ADJIE-0000001
Platform        : Windows XP
Windows version : (Service Pack 3)  [5.1.2600]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : ***

Version information:
BUILD.DAT       : 9.0.0.387     17962 Bytes  24.03.2009 11:04:00
AVSCAN.EXE      : 9.0.3.3      464641 Bytes  24.02.2009 10:13:28
AVSCAN.DLL      : 9.0.3.0       40705 Bytes  27.02.2009 08:58:26
LUKE.DLL        : 9.0.3.2      209665 Bytes  20.02.2009 09:35:50
LUKERES.DLL     : 9.0.2.0       12033 Bytes  27.02.2009 08:58:54
ANTIVIR0.VDF    : 7.1.0.0    15603712 Bytes  27.10.2008 10:30:38
ANTIVIR1.VDF    : 7.1.2.12    3336192 Bytes  11.02.2009 18:33:28
ANTIVIR2.VDF    : 7.1.3.0     1330176 Bytes  01.04.2009 18:08:46
ANTIVIR3.VDF    : 7.1.3.57     266240 Bytes  15.04.2009 18:56:02
Engineversion   : 8.2.0.143
AEVDF.DLL       : 8.1.1.0      106868 Bytes  27.01.2009 15:36:42
AESCRIPT.DLL    : 8.1.1.75     373113 Bytes  14.04.2009 18:54:06
AESCN.DLL       : 8.1.1.10     127348 Bytes  04.04.2009 17:58:38
AERDL.DLL       : 8.1.1.3      438645 Bytes  29.10.2008 16:24:42
AEPACK.DLL      : 8.1.3.12     397687 Bytes  04.04.2009 17:58:38
AEOFFICE.DLL    : 8.1.0.36     196987 Bytes  26.02.2009 18:01:58
AEHEUR.DLL      : 8.1.0.116   1708407 Bytes  14.04.2009 18:53:58
AEHELP.DLL      : 8.1.2.2      119158 Bytes  26.02.2009 18:01:58
AEGEN.DLL       : 8.1.1.34     340340 Bytes  14.04.2009 18:53:46
AEEMU.DLL       : 8.1.0.9      393588 Bytes  09.10.2008 12:32:40
AECORE.DLL      : 8.1.6.9      176500 Bytes  14.04.2009 18:53:44
AEBB.DLL        : 8.1.0.3       53618 Bytes  09.10.2008 12:32:40
AVWINLL.DLL     : 9.0.0.3       18177 Bytes  12.12.2008 06:48:00
AVPREF.DLL      : 9.0.0.1       43777 Bytes  05.12.2008 08:32:16
AVREP.DLL       : 8.0.0.3      155905 Bytes  20.01.2009 12:34:30
AVREG.DLL       : 9.0.0.0       36609 Bytes  05.12.2008 08:32:10
AVARKT.DLL      : 9.0.0.1      292609 Bytes  09.02.2009 05:52:26
AVEVTLOG.DLL    : 9.0.0.7      167169 Bytes  30.01.2009 08:37:10
SQLITE3.DLL     : 3.6.1.0      326401 Bytes  28.01.2009 13:03:50
SMTPLIB.DLL     : 9.2.0.25      28417 Bytes  02.02.2009 06:21:34
NETNT.DLL       : 9.0.0.0       11521 Bytes  05.12.2008 08:32:12
RCIMAGE.DLL     : 9.0.0.21    2438401 Bytes  09.02.2009 09:45:46
RCTEXT.DLL      : 9.0.35.0      87297 Bytes  11.03.2009 13:55:14

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\programme\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, I:, 
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: Mittwoch, 15. April 2009  21:03

Starting search for hidden objects.
'53276' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'skypePM.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'ViewMgr.exe' - '1' Module(s) have been scanned
Scan process 'Safari.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ALG.EXE' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'WMIAPSRV.EXE' - '1' Module(s) have been scanned
Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
Scan process 'LVComSX.exe' - '1' Module(s) have been scanned
Scan process 'TosBtHSP.exe' - '1' Module(s) have been scanned
Scan process 'TosA2dp.exe' - '1' Module(s) have been scanned
Scan process 'TabUserW.exe' - '1' Module(s) have been scanned
Scan process 'TosBtMng.exe' - '1' Module(s) have been scanned
Scan process 'ChkMail.exe' - '1' Module(s) have been scanned
Scan process 'btdna.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'QuickCam10.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'RMC.EXE' - '1' Module(s) have been scanned
Scan process 'Monitor.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'ViewpointService.exe' - '1' Module(s) have been scanned
Scan process 'E_FATIAIE.EXE' - '1' Module(s) have been scanned
Scan process 'ATKOSD.EXE' - '1' Module(s) have been scanned
Scan process 'Tablet.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'EOUWiz.exe' - '1' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '1' Module(s) have been scanned
Scan process 'iFrmewrk.exe' - '1' Module(s) have been scanned
Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
Scan process 'BatteryLife.exe' - '1' Module(s) have been scanned
Scan process 'ATIPTAXX.EXE' - '1' Module(s) have been scanned
Scan process 'Alcmtr.exe' - '1' Module(s) have been scanned
Scan process 'OProtSvc.exe' - '1' Module(s) have been scanned
Scan process 'ALCWZRD.EXE' - '1' Module(s) have been scanned
Scan process 'SoundMan.exe' - '1' Module(s) have been scanned
Scan process 'JQS.EXE' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'WCOURIER.EXE' - '1' Module(s) have been scanned
Scan process 'HControl.exe' - '1' Module(s) have been scanned
Scan process 'RemoteControlService.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process '1XConfig.exe' - '1' Module(s) have been scanned
Scan process 'AVGUARD.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SCHED.EXE' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'ZCfgSvc.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'S24EvMon.exe' - '1' Module(s) have been scanned
Scan process 'EvtEng.exe' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
Scan process 'ATI2EVXX.EXE' - '1' Module(s) have been scanned
Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
71 processes with 71 modules were scanned

Starting master boot sector scan:

Start scanning boot sectors:

Starting to scan executable files (registry).
The registry was scanned ( '76' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
    [WARNING]   The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\hiberfil.sys
    [WARNING]   The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\WINDOWS\system32\drivers\sptd3405.sys
    [WARNING]   The file could not be opened!
C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING]   The file could not be opened!
Begin scan in 'D:\'
Begin scan in 'I:\' <***EXTERNE>


End of the scan: Mittwoch, 15. April 2009  22:39
Used time:  1:35:51 Hour(s)

The scan has been done completely.

  10622 Scanned directories
 555500 Files were scanned
      0 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 files were deleted
      0 Viruses and unwanted programs were repaired
      0 Files were moved to quarantine
      0 Files were renamed
      4 Files cannot be scanned
 555496 Files not concerned
   7269 Archives were scanned
      4 Warnings
      2 Notes
  53276 Objects were scanned with rootkit scan
      0 Hidden objects were found
         
Den Curit.txt log hab ich noch nicht auf rapidshare.. da steht ca. 1000 mal mein vollständiger name drin.. und ich bin schon seit stunden damit beschäftigt ihn überall raus zu nehmen..

bis dahin erstmal danke.

auffälligkeiten am rechner gibt es mittlerweile keine mehr. bevor du mir geholfen hast hatte ich ab und an mal einen bluescreen wenn ich den internetbrowser verwendet habe. ist aber seit dem nicht mehr aufgetreten.
ansonsten läuft er dem alter entsprechend ( 3 1/2) jahre gut.


gruss

Antwort

Themen zu BOO/Sinowal.A in allen Bootsectoren!
adobe, antivir, antivir guard, asus, beseitigung, bho, bonjour, boo/sinowal.a, control center, desktop, disabled.securitycenter, excel, explorer, google, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, pdf, plug-in, programme, registrierungsschlüssel, remote control, security, software, system, trojaner, usb, windows xp




Ähnliche Themen: BOO/Sinowal.A in allen Bootsectoren!


  1. Windows 7: Auf allen Webseiten erscheinen aus allen richtungen Werbebanner und neue Werbefenster werden automatisch göffnet.
    Log-Analyse und Auswertung - 26.04.2015 (7)
  2. Pop-Up Fenster in allen Browsern - Win 7
    Log-Analyse und Auswertung - 23.06.2014 (5)
  3. Werbung in allen Browsern
    Plagegeister aller Art und deren Bekämpfung - 27.11.2013 (12)
  4. BTDs in allen Spielen
    Alles rund um Windows - 04.07.2013 (19)
  5. searchnu.com auf allen suchmaschinen
    Log-Analyse und Auswertung - 24.03.2013 (3)
  6. Werbung in allen Browsern
    Log-Analyse und Auswertung - 06.12.2012 (22)
  7. BOO/Whistler.A auf allen Partitionen
    Plagegeister aller Art und deren Bekämpfung - 12.05.2012 (11)
  8. Wie entferne ich BDS/Sinowal.knfal oder generell Sinowal?
    Plagegeister aller Art und deren Bekämpfung - 31.12.2011 (17)
  9. RKIT/MBR.Sinowal.J ...Boo/Sinowal.C ...W32/Stanit
    Plagegeister aller Art und deren Bekämpfung - 25.02.2011 (15)
  10. BOO/Sinowal.F, auf allen Partitionen
    Plagegeister aller Art und deren Bekämpfung - 07.11.2010 (4)
  11. DNSSEC auf allen Rootservern
    Nachrichten - 06.05.2010 (0)
  12. Ein Dank allen Mitgliedern....
    Lob, Kritik und Wünsche - 06.10.2009 (9)
  13. Plus in allen Leerzeilen
    Plagegeister aller Art und deren Bekämpfung - 21.10.2008 (4)
  14. Treibersuche bei allen USB-Geräten
    Alles rund um Windows - 16.01.2008 (0)
  15. 100% cpu-auslastung bei allen Programmen
    Log-Analyse und Auswertung - 10.11.2007 (0)
  16. Probleme mit allen Browsern
    Log-Analyse und Auswertung - 01.10.2006 (9)

Zum Thema BOO/Sinowal.A in allen Bootsectoren! - Hallo Undoreal! hier der log von Avira mit den Agressiven settings: Code: Alles auswählen Aufklappen ATTFilter Avira AntiVir Personal Report file date: Mittwoch, 15. April 2009 21:03 Scanning for 1354334 - BOO/Sinowal.A in allen Bootsectoren!...
Archiv
Du betrachtest: BOO/Sinowal.A in allen Bootsectoren! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.