So, alle Funde sind gelöscht, alles funktioniert wieder in Normalgeschwindigkeit.
Die versteckten Ordner konnte ich über die Systemsteuerung wieder darstellen.
Hier das log: Code:
Malwarebytes Anti-Rootkit BETA 1.01.0.1021
www.malwarebytes.org
Database version: v2013.03.28.07
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
lasagne :: lasagne-HP [administrator]
28.03.2013 15:17:52
mbar-log-2013-03-28 (15-17-52).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30533
Time elapsed: 25 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 39
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\MBR_0_infected.mbam (Bootkit.TDL4.A.MBR) -> Delete on reboot.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_488383824_user.mbam (Forged physical sector) -> Delete on reboot.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_488395344_user.mbam (Forged physical sector) -> Delete on reboot.
C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\Sector_0_488397167_user.mbam (Forged physical sector) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5059\components\AcroFF0590.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5059\components\AcroFF0595.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5059\components\AcroFF0596.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5059\components\AcroFF0597.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5059\components\AcroFF0598.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5042\components\AcroFF0428.dll (Trojan.Passwords) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5056\components\AcroFF0560.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5056\components\AcroFF0565.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5056\components\AcroFF0566.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5056\components\AcroFF0567.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5056\components\AcroFF0568.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5058\components\AcroFF0580.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5058\components\AcroFF0585.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5058\components\AcroFF0586.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5058\components\AcroFF0587.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5058\components\AcroFF0588.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5060\components\AcroFF0600.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5060\components\AcroFF0605.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5060\components\AcroFF0606.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5060\components\AcroFF0607.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5060\components\AcroFF0608.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5061\components\AcroFF0610.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5061\components\AcroFF0615.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5061\components\AcroFF0616.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5061\components\AcroFF0617.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5061\components\AcroFF0618.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5062\componentsart!v,Pel\AcroFF0620.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5062\componentsart!v,Pel\AcroFF0625.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5062\componentsart!v,Pel\AcroFF0626.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5062\componentsart!v,Pel\AcroFF0627.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5062\componentsart!v,Pel\AcroFF0628.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5064\components\AcroFF0640.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5064\components\AcroFF0648.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Roaming\5064\components\AcroFF0649.dll (Trojan.Agent) -> Delete on reboot.
c:\Users\lasagne\AppData\Local\Temp\tmp1645d9c1\jk.exe (Trojan.Zbot.HEEP) -> Delete on reboot.
(end)
Vielen Dank für die Hilfe, ohne euch wäre ich ahnungslos und verzweifelt gewesen! :) | 