| |
| |||||||
Log-Analyse und Auswertung: Und noch ein TR/kazy.mekml.1Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.05.2011, 10:05
| #16 |
| /// Malware-holic   |  Und noch ein TR/kazy.mekml.1 lade den tdss killer: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft? führe ihn aus, poste das log.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.05.2011, 10:22
| #17 |
 | Und noch ein TR/kazy.mekml.1 nach entpacken und start des tdsskillers passiert nichts, also keine gui oder so, man sieht im taskmanager auch keinen entsprechenden prozess.
__________________ |
|
15.05.2011, 11:00
| #18 |
| /// Malware-holic | Und noch ein TR/kazy.mekml.1 starte mal im abgesicherten modus ohne netzwerk bei pc start mit f8.
__________________klappts da?
__________________ |
|
15.05.2011, 12:59
| #19 |
| | Und noch ein TR/kazy.mekml.1 nee, abgesichert klappt's auch nicht. |
|
15.05.2011, 14:47
| #20 |
| /// Malware-holic | Und noch ein TR/kazy.mekml.1 ok, downloade mbrcheck: http://ad13.geekstogo.com/MBRCheck.exe doppelklicken. im selben verzeichniss wird ein log erstellt, dessen inhalt posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.05.2011, 16:28
| #21 |
| | Und noch ein TR/kazy.mekml.1 mbrcheck lief durch. hier das log. hier poppt jetzt gerade eine Warnung von meinem Avira auf: TR/Kryptik.ET.1 found and put into quarantine. Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows XP Professional
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001c
Kernel Drivers (total 142):
0x804D7000 \WINDOWS\system32\ntoskrnl.exe
0x80701000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF75A7000 ACPI.sys
0xF7989000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7596000 pci.sys
0xF75F7000 isapnp.sys
0xF789B000 compbatt.sys
0xF789F000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF74D8000 pcmcia.sys
0xF7607000 MountMgr.sys
0xF74B9000 ftdisk.sys
0xF798B000 dmload.sys
0xF7493000 dmio.sys
0xF78A3000 ACPIEC.sys
0xF7A50000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF770F000 PartMgr.sys
0xF7617000 VolSnap.sys
0xF747B000 atapi.sys
0xF7627000 disk.sys
0xF7637000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF745B000 fltmgr.sys
0xF7449000 sr.sys
0xF7432000 KSecDD.sys
0xF7B52000 Ntfs.sys
0xF7405000 NDIS.sys
0xF787D000 Mup.sys
0xB9406000 \SystemRoot\system32\DRIVERS\nv4_mini.sys
0xB93F2000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB93B4000 \SystemRoot\system32\DRIVERS\e1y5132.sys
0xF7757000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB9390000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF775F000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB9368000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xB8F61000 \SystemRoot\system32\DRIVERS\NETw5x32.sys
0xB8F4D000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xB8F3C000 \SystemRoot\system32\DRIVERS\rimmptsk.sys
0xBA76F000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF76C7000 \SystemRoot\system32\DRIVERS\serial.sys
0xBA76B000 \SystemRoot\system32\DRIVERS\serenum.sys
0xF76D7000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7767000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xB8F0B000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF79B1000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF776F000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF76E7000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA4FE000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA4EE000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB8EE8000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA4DE000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xB9BF2000 \SystemRoot\system32\DRIVERS\IFXTPM.SYS
0xB9BE2000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB8E17000 \SystemRoot\system32\DRIVERS\btkrnl.sys
0xF79B9000 \SystemRoot\system32\DRIVERS\wacomvhid.sys
0xB9BC2000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xB9CC2000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xF79BB000 \SystemRoot\system32\DRIVERS\WacomVKHid.sys
0xB9F58000 \SystemRoot\system32\DRIVERS\audstub.sys
0xB9BB2000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xBA767000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB8DB5000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xB9BA2000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xB9B92000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB9CBA000 \SystemRoot\system32\DRIVERS\TDI.SYS
0xB8DA4000 \SystemRoot\system32\DRIVERS\psched.sys
0xB9B82000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xB9CAA000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xB9C8A000 \SystemRoot\system32\DRIVERS\raspti.sys
0xB4079000 \SystemRoot\system32\DRIVERS\rdpdr.sys
0xB9AC6000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF798D000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB401B000 \SystemRoot\system32\DRIVERS\update.sys
0xBA7C0000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xB41C3000 \SystemRoot\system32\DRIVERS\btport.sys
0xB2E82000 \SystemRoot\system32\drivers\btaudio.sys
0xB2E5E000 \SystemRoot\system32\drivers\portcls.sys
0xB40C9000 \SystemRoot\system32\drivers\drmk.sys
0xB9CD6000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xB41BB000 \SystemRoot\system32\DRIVERS\wacommousefilter.sys
0xBA7F4000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xB72A0000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xB1BB7000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xAE990000 \SystemRoot\system32\drivers\RtkHDAud.sys
0xAE97E000 \SystemRoot\system32\drivers\SamsungEDS.sys
0xAE858000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0xB0293000 \SystemRoot\System32\Drivers\Modem.SYS
0xB0510000 \SystemRoot\system32\drivers\nvhda32.sys
0xAF3BD000 \SystemRoot\System32\drivers\psd.sys
0xF79D1000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xAFA96000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A05000 \SystemRoot\System32\Drivers\Beep.SYS
0xAF3AD000 \SystemRoot\System32\drivers\vga.sys
0xF7A01000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A03000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xAF3A5000 \SystemRoot\System32\Drivers\Msfs.SYS
0xAF39D000 \SystemRoot\System32\Drivers\Npfs.SYS
0xAF014000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAE553000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAE4FA000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xAE4D4000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xAE4AC000 \SystemRoot\system32\DRIVERS\netbt.sys
0xAFEBA000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xAE42B000 \SystemRoot\System32\vsdatant.sys
0xAE409000 \SystemRoot\System32\drivers\afd.sys
0xAFEAA000 \SystemRoot\system32\DRIVERS\netbios.sys
0xF77EF000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0xAE3DE000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAE36E000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xAF68E000 \SystemRoot\System32\Drivers\Fips.SYS
0xAE348000 \SystemRoot\system32\DRIVERS\avipbb.sys
0xAE325000 \SystemRoot\system32\DRIVERS\ATSwpDrv.sys
0xF79F3000 \??\C:\Programme\Avira\AntiVir Desktop\avgio.sys
0xAF65E000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xAE1D7000 \SystemRoot\System32\Drivers\StkCMini.sys
0xAD581000 \SystemRoot\System32\Drivers\StkCPipe.sys
0xAD552000 \SystemRoot\System32\Drivers\StkCSF.sys
0xAF64E000 \SystemRoot\System32\Drivers\btwusb.sys
0xAD534000 \SystemRoot\system32\DRIVERS\btwdndis.sys
0xB9C9A000 \SystemRoot\system32\DRIVERS\btwmodem.sys
0xAD51C000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xAFD9A000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xB9CEE000 \SystemRoot\System32\drivers\Dxapi.sys
0xB9CA2000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xB423F000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF012000 \SystemRoot\System32\nv4_disp.dll
0xBF608000 \SystemRoot\System32\ATMFD.DLL
0xAC207000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0xBA797000 \??\C:\WINDOWS\system32\MEMIO.SYS
0xB2E05000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xB9C4A000 \??\C:\Programme\CheckPoint\ZAForceField\ISWKL.sys
0xABFEA000 \SystemRoot\system32\drivers\wdmaud.sys
0xBA47E000 \SystemRoot\system32\drivers\sysaudio.sys
0xABF6F000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xABCB0000 \SystemRoot\System32\Drivers\SENTINEL.SYS
0xABB18000 \SystemRoot\system32\DRIVERS\srv.sys
0xAB1BE000 \SystemRoot\System32\Drivers\HTTP.sys
0x7C910000 \WINDOWS\system32\ntdll.dll
Processes (total 74):
0 System Idle Process
4 System
864 C:\WINDOWS\system32\smss.exe
980 csrss.exe
1020 C:\WINDOWS\system32\winlogon.exe
1064 C:\WINDOWS\system32\services.exe
1076 C:\WINDOWS\system32\lsass.exe
1276 C:\Programme\Softex\OmniPass\OmniServ.exe
1288 C:\WINDOWS\system32\svchost.exe
1356 svchost.exe
1416 C:\WINDOWS\system32\svchost.exe
1444 C:\Programme\WIDCOMM\Bluetooth Software\bin\btwdins.exe
1548 svchost.exe
1612 svchost.exe
1660 C:\WINDOWS\system32\ZoneLabs\vsmon.exe
1844 C:\Programme\Softex\OmniPass\OPXPApp.exe
184 C:\WINDOWS\explorer.exe
508 C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe
1464 C:\WINDOWS\system32\spoolsv.exe
1684 C:\Programme\Avira\AntiVir Desktop\sched.exe
712 svchost.exe
2392 C:\WINDOWS\system32\agrsmsvc.exe
2404 C:\Programme\Avira\AntiVir Desktop\avguard.exe
2420 C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
2432 C:\Programme\Bonjour\mDNSResponder.exe
2684 C:\WINDOWS\system32\IFXSPMGT.exe
2700 C:\Programme\Avira\AntiVir Desktop\avshadow.exe
2784 C:\WINDOWS\system32\IFXTCS.exe
2820 C:\Programme\Java\jre6\bin\jqs.exe
2900 C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
3024 C:\WINDOWS\system32\nvsvc32.exe
3200 C:\WINDOWS\system32\IfxPsdSv.exe
3236 C:\Programme\CyberLink\Shared Files\RichVideo.exe
660 C:\Programme\ESRI\License\arcgis9x\lmgrd.exe
3940 C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
2488 C:\Programme\ESRI\License\arcgis9x\ARCGIS.EXE
2728 C:\Programme\Samsung\Samsung Network Manager\SNMWLANService.exe
3408 C:\WINDOWS\system32\svchost.exe
3424 C:\WINDOWS\system32\StkCSrv.exe
3652 C:\WINDOWS\system32\Pen_Tablet.exe
3708 wdfmgr.exe
4092 C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
212 C:\WINDOWS\system32\Pen_Tablet.exe
2128 C:\WINDOWS\system32\wbem\wmiapsrv.exe
2312 C:\WINDOWS\system32\wscntfy.exe
2756 alg.exe
3828 C:\WINDOWS\RTHDCPL.exe
4064 C:\Programme\Samsung\Samsung EDS\EDSAgent.exe
4052 C:\WINDOWS\system32\rundll32.exe
2120 C:\Programme\Synaptics\SynTP\SynTPEnh.exe
2248 C:\WINDOWS\system32\rundll32.exe
2332 C:\Programme\Softex\OmniPass\scureapp.exe
2584 C:\Programme\CyberLink\PowerDVD\PDVDServ.exe
3016 C:\Programme\Samsung\Samsung Battery Manager\BatteryManager.exe
3232 C:\Programme\Avira\AntiVir Desktop\avgnt.exe
3304 C:\Programme\Samsung\Easy Display Manager\dmhkcore.exe
3312 C:\Programme\Samsung\MagicKBD\MagicKBD.exe
3552 C:\Programme\iTunes\iTunesHelper.exe
3580 C:\Programme\Samsung\MagicKBD\PerformanceManager.exe
3488 C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
3808 C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
3920 C:\WINDOWS\system32\ctfmon.exe
556 C:\Programme\Infineon\Security Platform Software\PSDrt.exe
756 C:\Programme\Infineon\Security Platform Software\SpTNA.exe
1908 C:\Programme\Skype\Phone\Skype.exe
1144 C:\Programme\Messenger\msmsgs.exe
2304 C:\Programme\OpenOffice.org 3\program\soffice.exe
2740 C:\Programme\OpenOffice.org 3\program\soffice.bin
1668 C:\Programme\iPod\bin\iPodService.exe
3456 C:\Programme\CheckPoint\ZAForceField\ForceField.exe
908 C:\Programme\Mozilla Firefox\firefox.exe
4128 C:\Programme\Mozilla Thunderbird\thunderbird.exe
3000 C:\Programme\Internet Explorer\iexplore.exe
5192 D:\Software\mbrcheck\MBRCheck.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000002`80493400 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000016`801f4a00 (NTFS)
PhysicalDrive0 Model Number: FUJITSUMHZ2250BHG2, Rev: 00000009
Size Device Name MBR Status
--------------------------------------------
232 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: ADFE55CD0C6ED2E00B22375835E4C2736CE9AD11
Done!
|
|
15.05.2011, 16:33
| #22 |
| /// Malware-holic | Und noch ein TR/kazy.mekml.1 wie lautet die komplette meldung?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.05.2011, 16:35
| #23 |
| | Und noch ein TR/kazy.mekml.1 dies ist der Avira report: Code:
ATTFilter
Avira AntiVir Personal
Report file date: Sonntag, 15. Mai 2011 17:21
Scanning for 2720291 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : SAMSUNG-P560
Version information:
BUILD.DAT : 10.0.0.648 31823 Bytes 01.04.2011 18:36:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 02.05.2011 18:14:54
AVSCAN.DLL : 10.0.3.0 46440 Bytes 27.04.2010 07:34:18
LUKE.DLL : 10.0.3.2 104296 Bytes 09.12.2010 18:17:48
LUKERES.DLL : 10.0.0.1 12648 Bytes 10.02.2010 22:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 11:33:00
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 15:54:11
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09.02.2011 19:04:01
VBASE003.VDF : 7.11.5.225 1980416 Bytes 07.04.2011 06:49:12
VBASE004.VDF : 7.11.5.226 2048 Bytes 07.04.2011 06:49:13
VBASE005.VDF : 7.11.5.227 2048 Bytes 07.04.2011 06:49:13
VBASE006.VDF : 7.11.5.228 2048 Bytes 07.04.2011 06:49:13
VBASE007.VDF : 7.11.5.229 2048 Bytes 07.04.2011 06:49:13
VBASE008.VDF : 7.11.5.230 2048 Bytes 07.04.2011 06:49:13
VBASE009.VDF : 7.11.5.231 2048 Bytes 07.04.2011 06:49:13
VBASE010.VDF : 7.11.5.232 2048 Bytes 07.04.2011 06:49:13
VBASE011.VDF : 7.11.5.233 2048 Bytes 07.04.2011 06:49:13
VBASE012.VDF : 7.11.5.234 2048 Bytes 07.04.2011 06:49:14
VBASE013.VDF : 7.11.6.28 158208 Bytes 11.04.2011 21:29:17
VBASE014.VDF : 7.11.6.74 116224 Bytes 13.04.2011 21:29:18
VBASE015.VDF : 7.11.6.113 137728 Bytes 14.04.2011 18:56:19
VBASE016.VDF : 7.11.6.150 146944 Bytes 18.04.2011 21:07:56
VBASE017.VDF : 7.11.6.192 138240 Bytes 20.04.2011 18:14:54
VBASE018.VDF : 7.11.6.237 156160 Bytes 22.04.2011 18:14:54
VBASE019.VDF : 7.11.7.45 427520 Bytes 27.04.2011 18:14:54
VBASE020.VDF : 7.11.7.64 192000 Bytes 28.04.2011 18:14:54
VBASE021.VDF : 7.11.7.97 182272 Bytes 02.05.2011 18:14:54
VBASE022.VDF : 7.11.7.127 467968 Bytes 04.05.2011 18:36:11
VBASE023.VDF : 7.11.7.183 185856 Bytes 09.05.2011 11:52:53
VBASE024.VDF : 7.11.7.218 133120 Bytes 11.05.2011 19:04:20
VBASE025.VDF : 7.11.7.234 139776 Bytes 11.05.2011 19:04:20
VBASE026.VDF : 7.11.7.235 2048 Bytes 11.05.2011 19:04:20
VBASE027.VDF : 7.11.7.236 2048 Bytes 11.05.2011 19:04:20
VBASE028.VDF : 7.11.7.237 2048 Bytes 11.05.2011 19:04:20
VBASE029.VDF : 7.11.7.238 2048 Bytes 11.05.2011 19:04:20
VBASE030.VDF : 7.11.7.239 2048 Bytes 11.05.2011 19:04:20
VBASE031.VDF : 7.11.7.240 2048 Bytes 11.05.2011 19:04:21
Engineversion : 8.2.4.228
AEVDF.DLL : 8.1.2.1 106868 Bytes 10.08.2010 17:57:25
AESCRIPT.DLL : 8.1.3.61 1253754 Bytes 05.05.2011 18:36:46
AESCN.DLL : 8.1.7.2 127349 Bytes 22.11.2010 20:10:21
AESBX.DLL : 8.1.3.2 254324 Bytes 22.11.2010 20:10:28
AERDL.DLL : 8.1.9.9 639347 Bytes 02.04.2011 18:39:12
AEPACK.DLL : 8.2.6.0 549237 Bytes 10.04.2011 06:49:23
AEOFFICE.DLL : 8.1.1.22 205178 Bytes 05.05.2011 18:36:39
AEHEUR.DLL : 8.1.2.113 3494263 Bytes 05.05.2011 18:36:39
AEHELP.DLL : 8.1.16.1 246134 Bytes 04.02.2011 21:44:58
AEGEN.DLL : 8.1.5.4 397684 Bytes 04.04.2011 18:54:02
AEEMU.DLL : 8.1.3.0 393589 Bytes 22.11.2010 20:09:52
AECORE.DLL : 8.1.20.2 196982 Bytes 10.04.2011 06:49:18
AEBB.DLL : 8.1.1.0 53618 Bytes 27.04.2010 07:34:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14.01.2010 11:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14.01.2010 11:03:35
AVREP.DLL : 10.0.0.9 174120 Bytes 02.05.2011 18:14:54
AVREG.DLL : 10.0.3.2 53096 Bytes 11.11.2010 22:26:46
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 02.05.2011 18:14:54
AVARKT.DLL : 10.0.22.6 231784 Bytes 09.12.2010 18:17:44
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26.01.2010 08:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28.01.2010 11:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16.03.2010 14:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19.02.2010 13:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 12:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 11.11.2010 22:26:46
Configuration settings for the scan:
Jobname.............................: avguard_async_scan
Configuration file..................: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira\AntiVir Desktop\TEMP\AVGUARD_4e07c403\guard_slideup.avp
Logging.............................: low
Primary action......................: repair
Secondary action....................: quarantine
Scan master boot sector.............: on
Scan boot sector....................: off
Process scan........................: on
Scan registry.......................: off
Search for rootkits.................: off
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: high
Deviating risk categories...........: +GAME,+JOKE,
Start of the scan: Sonntag, 15. Mai 2011 17:21
The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'SpTna.exe' - '1' Module(s) have been scanned
Scan process 'PSDrt.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'PerformanceManager.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'MagicKBD.exe' - '1' Module(s) have been scanned
Scan process 'dmhkcore.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'BatteryManager.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'scureapp.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '1' Module(s) have been scanned
Scan process 'EDSAgent.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'Pen_Tablet.exe' - '1' Module(s) have been scanned
Scan process 'Pen_TabletUser.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'Pen_Tablet.exe' - '1' Module(s) have been scanned
Scan process 'StkCSrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SNMWLANService.exe' - '1' Module(s) have been scanned
Scan process 'ARCGIS.EXE' - '1' Module(s) have been scanned
Scan process 'spnsrvnt.exe' - '1' Module(s) have been scanned
Scan process 'lmgrd.exe' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'IfxPsdSv.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'IFXTCS.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'ifxspmgt.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'agrsmsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'OPXPApp.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'btwdins.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Omniserv.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
Starting the file scan:
Begin scan in 'C:\System Volume Information\_restore{680189F7-E9DA-43CF-A3E0-40E62BA45579}\RP365\A0068895.exe'
C:\System Volume Information\_restore{680189F7-E9DA-43CF-A3E0-40E62BA45579}\RP365\A0068895.exe
[DETECTION] Is the TR/Kryptik.ET.1 Trojan
[NOTE] The file was moved to the quarantine directory under the name '4f2e4eda.qua'.
End of the scan: Sonntag, 15. Mai 2011 17:21
Used time: 00:09 Minute(s)
The scan has been done completely.
0 Scanned directories
68 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
67 Files not concerned
0 Archives were scanned
0 Warnings
1 Notes
The scan results will be transferred to the Guard.
|
|
15.05.2011, 17:21
| #24 |
| /// Malware-holic | Und noch ein TR/kazy.mekml.1 rechtsklick arbeitsplatz eigenschaften systemwiederherstellung, auf allen laufwerken deaktivieren, meldung bestätigen. 5 minuten warten, wieder einschalten. wie läuft das system jetzt?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.05.2011, 20:09
| #25 |
| | Und noch ein TR/kazy.mekml.1 hier der erneute Avira scan. Warum mein Avira auf englisch ist? Ich lebe im Ausland. Wenn ich mich recht erinnere, dann konnte ich damals nur eine englische und keine deutsche Version runterladen. Kann es sein dass die einen IP Check machen? Code:
ATTFilter Avira AntiVir Personal
Report file date: Sonntag, 15. Mai 2011 18:49
Scanning for 2730903 virus strains and unwanted programs.
The program is running as an unrestricted full version.
Online services are available:
Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : xxx
Computer name : SAMSUNG-P560
Version information:
BUILD.DAT : 10.0.0.648 31823 Bytes 01.04.2011 18:36:00
AVSCAN.EXE : 10.0.4.2 442024 Bytes 02.05.2011 18:14:54
AVSCAN.DLL : 10.0.3.0 46440 Bytes 27.04.2010 07:34:18
LUKE.DLL : 10.0.3.2 104296 Bytes 09.12.2010 18:17:48
LUKERES.DLL : 10.0.0.1 12648 Bytes 10.02.2010 22:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 11:33:00
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 15:54:11
VBASE002.VDF : 7.11.3.0 1950720 Bytes 09.02.2011 19:04:01
VBASE003.VDF : 7.11.5.225 1980416 Bytes 07.04.2011 06:49:12
VBASE004.VDF : 7.11.5.226 2048 Bytes 07.04.2011 06:49:13
VBASE005.VDF : 7.11.5.227 2048 Bytes 07.04.2011 06:49:13
VBASE006.VDF : 7.11.5.228 2048 Bytes 07.04.2011 06:49:13
VBASE007.VDF : 7.11.5.229 2048 Bytes 07.04.2011 06:49:13
VBASE008.VDF : 7.11.5.230 2048 Bytes 07.04.2011 06:49:13
VBASE009.VDF : 7.11.5.231 2048 Bytes 07.04.2011 06:49:13
VBASE010.VDF : 7.11.5.232 2048 Bytes 07.04.2011 06:49:13
VBASE011.VDF : 7.11.5.233 2048 Bytes 07.04.2011 06:49:13
VBASE012.VDF : 7.11.5.234 2048 Bytes 07.04.2011 06:49:14
VBASE013.VDF : 7.11.6.28 158208 Bytes 11.04.2011 21:29:17
VBASE014.VDF : 7.11.6.74 116224 Bytes 13.04.2011 21:29:18
VBASE015.VDF : 7.11.6.113 137728 Bytes 14.04.2011 18:56:19
VBASE016.VDF : 7.11.6.150 146944 Bytes 18.04.2011 21:07:56
VBASE017.VDF : 7.11.6.192 138240 Bytes 20.04.2011 18:14:54
VBASE018.VDF : 7.11.6.237 156160 Bytes 22.04.2011 18:14:54
VBASE019.VDF : 7.11.7.45 427520 Bytes 27.04.2011 18:14:54
VBASE020.VDF : 7.11.7.64 192000 Bytes 28.04.2011 18:14:54
VBASE021.VDF : 7.11.7.97 182272 Bytes 02.05.2011 18:14:54
VBASE022.VDF : 7.11.7.127 467968 Bytes 04.05.2011 18:36:11
VBASE023.VDF : 7.11.7.183 185856 Bytes 09.05.2011 11:52:53
VBASE024.VDF : 7.11.7.218 133120 Bytes 11.05.2011 19:04:20
VBASE025.VDF : 7.11.7.234 139776 Bytes 11.05.2011 19:04:20
VBASE026.VDF : 7.11.8.16 147456 Bytes 13.05.2011 16:48:08
VBASE027.VDF : 7.11.8.17 2048 Bytes 13.05.2011 16:48:08
VBASE028.VDF : 7.11.8.18 2048 Bytes 13.05.2011 16:48:08
VBASE029.VDF : 7.11.8.19 2048 Bytes 13.05.2011 16:48:08
VBASE030.VDF : 7.11.8.20 2048 Bytes 13.05.2011 16:48:08
VBASE031.VDF : 7.11.8.21 2048 Bytes 13.05.2011 16:48:08
Engineversion : 8.2.4.228
AEVDF.DLL : 8.1.2.1 106868 Bytes 10.08.2010 17:57:25
AESCRIPT.DLL : 8.1.3.61 1253754 Bytes 05.05.2011 18:36:46
AESCN.DLL : 8.1.7.2 127349 Bytes 22.11.2010 20:10:21
AESBX.DLL : 8.1.3.2 254324 Bytes 22.11.2010 20:10:28
AERDL.DLL : 8.1.9.9 639347 Bytes 02.04.2011 18:39:12
AEPACK.DLL : 8.2.6.0 549237 Bytes 10.04.2011 06:49:23
AEOFFICE.DLL : 8.1.1.22 205178 Bytes 05.05.2011 18:36:39
AEHEUR.DLL : 8.1.2.113 3494263 Bytes 05.05.2011 18:36:39
AEHELP.DLL : 8.1.16.1 246134 Bytes 04.02.2011 21:44:58
AEGEN.DLL : 8.1.5.4 397684 Bytes 04.04.2011 18:54:02
AEEMU.DLL : 8.1.3.0 393589 Bytes 22.11.2010 20:09:52
AECORE.DLL : 8.1.20.2 196982 Bytes 10.04.2011 06:49:18
AEBB.DLL : 8.1.1.0 53618 Bytes 27.04.2010 07:34:18
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14.01.2010 11:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 14.01.2010 11:03:35
AVREP.DLL : 10.0.0.9 174120 Bytes 02.05.2011 18:14:54
AVREG.DLL : 10.0.3.2 53096 Bytes 11.11.2010 22:26:46
AVSCPLR.DLL : 10.0.4.2 84840 Bytes 02.05.2011 18:14:54
AVARKT.DLL : 10.0.22.6 231784 Bytes 09.12.2010 18:17:44
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26.01.2010 08:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28.01.2010 11:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16.03.2010 14:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 19.02.2010 13:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 12:10:20
RCTEXT.DLL : 10.0.58.0 97128 Bytes 11.11.2010 22:26:46
Configuration settings for the scan:
Jobname.............................: Local Drives
Configuration file..................: C:\Programme\Avira\AntiVir Desktop\alldrives.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, E:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: high
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR,
Start of the scan: Sonntag, 15. Mai 2011 18:49
Starting search for hidden objects.
The scan of running processes will be started
Scan process 'rsmsink.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'msdtc.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'vssvc.exe' - '1' Module(s) have been scanned
Scan process 'PDFXCview.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'plugin-container.exe' - '1' Module(s) have been scanned
Scan process 'thunderbird.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'soffice.bin' - '1' Module(s) have been scanned
Scan process 'soffice.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'SpTna.exe' - '1' Module(s) have been scanned
Scan process 'PSDrt.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'PerformanceManager.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'MagicKBD.exe' - '1' Module(s) have been scanned
Scan process 'dmhkcore.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'BatteryManager.exe' - '1' Module(s) have been scanned
Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
Scan process 'scureapp.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'RUNDLL32.EXE' - '1' Module(s) have been scanned
Scan process 'EDSAgent.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'wmiapsrv.exe' - '1' Module(s) have been scanned
Scan process 'Pen_Tablet.exe' - '1' Module(s) have been scanned
Scan process 'Pen_TabletUser.exe' - '1' Module(s) have been scanned
Scan process 'wdfmgr.exe' - '1' Module(s) have been scanned
Scan process 'Pen_Tablet.exe' - '1' Module(s) have been scanned
Scan process 'StkCSrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SNMWLANService.exe' - '1' Module(s) have been scanned
Scan process 'ARCGIS.EXE' - '1' Module(s) have been scanned
Scan process 'spnsrvnt.exe' - '1' Module(s) have been scanned
Scan process 'lmgrd.exe' - '1' Module(s) have been scanned
Scan process 'RichVideo.exe' - '1' Module(s) have been scanned
Scan process 'IfxPsdSv.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'jqs.exe' - '1' Module(s) have been scanned
Scan process 'IFXTCS.exe' - '1' Module(s) have been scanned
Scan process 'avshadow.exe' - '1' Module(s) have been scanned
Scan process 'ifxspmgt.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'agrsmsvc.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'Explorer.EXE' - '1' Module(s) have been scanned
Scan process 'OPXPApp.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'btwdins.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Omniserv.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!
Starting to scan executable files (registry).
The registry was scanned ( '1848' files ).
Starting the file scan:
Begin scan in 'C:\'
C:\System Volume Information\_restore{680189F7-E9DA-43CF-A3E0-40E62BA45579}\RP365\A0068896.exe
[DETECTION] Is the TR/Trash.Gen Trojan
Begin scan in 'D:\'
Begin scan in 'E:\'
Search path E:\ could not be opened!
System error [21]: Das Gerät ist nicht bereit.
Beginning disinfection:
C:\System Volume Information\_restore{680189F7-E9DA-43CF-A3E0-40E62BA45579}\RP365\A0068896.exe
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to the quarantine directory under the name '4a5580a1.qua'.
End of the scan: Sonntag, 15. Mai 2011 21:05
Used time: 1:33:06 Hour(s)
The scan has been done completely.
13847 Scanned directories
1011519 Files were scanned
1 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
1011518 Files not concerned
9064 Archives were scanned
0 Warnings
1 Notes
43689 Objects were scanned with rootkit scan
0 Hidden objects were found
|
|
15.05.2011, 20:38
| #26 |
| /// Malware-holic | Und noch ein TR/kazy.mekml.1 hast du die systemwiederherstellung de und reaktiviert?
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
15.05.2011, 20:42
| #27 |
| | Und noch ein TR/kazy.mekml.1 ja, ich habe sie deaktiviert. Rechner runtergefahren und nach 5 Minuten neugestartet. Nach Neustart sieht alles "normal" aus, keine Meldungen. Einzige Ausnahme immer noch, dass das Profil nicht gefunden wird. Muss ich jetzt wieder in den Arbeitsplatz und die Systemwiederhestellung aktivieren? |
|
16.05.2011, 10:33
| #28 |
| /// Malware-holic | Und noch ein TR/kazy.mekml.1 aja, sorry. deinstaliere mal avira, gehe auf deren homepage und hohl dir avira neu, instaliere es dann, und die meldung sollte nicht mehr auftauchen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.05.2011, 20:25
| #29 |
| | Und noch ein TR/kazy.mekml.1 allright. also die systemwiederherstellung habe ich reaktiviert und auch Avira neu installiert. Die "Profil" Meldung taucht tatsächlich nicht mehr auf. |
|
17.05.2011, 10:58
| #30 |
| /// Malware-holic | Und noch ein TR/kazy.mekml.1 ok, wenn nichts mehr ist, können wir das system noch absichern.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Und noch ein TR/kazy.mekml.1 |
| antivir, antivir meldet, bildschirm, dateien, desktop, einfach, einstellungen, fehler, festplatte, festplatten, file, firefox, found, gen, kazy.mekml.1, keine programme, malware, neu, neustart., not, ordner, platte, pop-up, problem, programme, schwarzer bildschirm, speicher, speichern, system, system neu, windows |
Linear-Darstellung
