Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Malewarealarm (https://www.trojaner-board.de/71125-malewarealarm.html)

Th3 Cr4xX 17.03.2009 17:31
Malewarealarm
 
http://img3.imagebanana.com/img/yfvy...enannt.bmp.png
Hallo, diese Virenmeldung kommt täglich ca. 3-7 mal. Vermutlich davon entstandene Schäden erkenne ich dadurch, dass die Verbindung von meiner Wireless-Karte ständig abbricht und wieder kommt.

Ich habe keine Ahnung wie ich das Ding wegbekomme. Hoffe jemand kann helfen!

Danke schonmal!

4RobSen8 17.03.2009 17:33
Hallo...und :hallo:

http://www.trojaner-board.de/69886-a...-beachten.html
Arbeite bitte die Punkte ab 2 ab.

Th3 Cr4xX 17.03.2009 18:19
allready done! bringt alles nix

4RobSen8 17.03.2009 18:23
Vllt. solltest die Anweisung nochmal lesen und die Ergebnisse hier rein stellen!?!
Wie soll man dir sonst helfen?

Th3 Cr4xX 17.03.2009 20:43
Code:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:42:08, on 17.03.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Bonjour\mDNSResponder.exe
C:\Programme\CDBurnerXP\NMSAccessU.exe
C:\Programme\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\713xRMTMon.exe
C:\Programme\Microsoft IntelliType Pro\itype.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\NETGEAR\WAG511 Configuration Utility\wlancfg3.exe
C:\Programme\honestech\honestech TVR\scheduleTV.exe
C:\WINDOWS\713xRMT.exe
C:\Programme\ICQ6Toolbar\ICQ Service.exe
C:\Programme\ICQ6.5\ICQ.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TV Card Remote Control Device Monitor] C:\WINDOWS\713xRMTMon.exe
O4 - HKLM\..\Run: [itype] "C:\Programme\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ICQ] "C:\Programme\ICQ6.5\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: NETGEAR WAG511 Smart Wizard.lnk = ?
O4 - Global Startup: Scheduler for OEM.lnk = C:\Programme\honestech\honestech TVR\scheduleTV.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programme\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c999732346e10a) (gupdate1c999732346e10a) - Google Inc. - C:\Programme\Google\Update\GoogleUpdate.exe
O23 - Service: ICQ Service - Unknown owner - C:\Programme\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Programme\CDBurnerXP\NMSAccessU.exe
O23 - Service: TuneUp Drive Defrag-Dienst (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: WMI-Leistungsadapter (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe (file missing)

--
End of file - 6097 bytes

Th3 Cr4xX 17.03.2009 20:49
[CODE]Malwarebytes' Anti-Malware 1.34
Datenbank Version: 1859
Windows 5.1.2600 Service Pack 3

17.03.2009 18:48:55
mbam-log-2009-03-17 (18-48-45).txt

Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 189153
Laufzeit: 53 minute(s), 34 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 12
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 4540

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\avlwarning.warningbho (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\avlwarning.warningbho.1 (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a21c8d81-a9c7-46c6-a488-2a32fa0daeb6} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{144a6b24-0ebc-4d89-bf09-a06a718e57b5} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cfee97a3-4911-444d-8be8-e243a23d3de2} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5b4c3b43-49b6-42a7-a602-f7acdca0d409} (Adware.OneStepSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\antiviruslab2009 (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\BIFROST1.2 (Backdoor.Bifrose) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{c5bf49a2-94f3-42bd-f434-3604812c8955} (Trojan.Downloader) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\WINDOWS\system32\Bifrost (Backdoor.Bifrose) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP229\A0228066.exe (Backdoor.Rustock) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP229\A0229155.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223062.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223098.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223116.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223134.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223152.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223170.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223188.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223049.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223050.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223051.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223053.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223055.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223056.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223057.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223058.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223059.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223060.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223061.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223063.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223064.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223067.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223069.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223070.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223071.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223072.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223073.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223074.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223075.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223076.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223077.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223086.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223087.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223088.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223089.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223090.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223091.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223092.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223093.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223095.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223096.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223097.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223099.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223100.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223101.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223102.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223103.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223104.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223105.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223106.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223107.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223108.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223109.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223110.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223111.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223112.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223113.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223114.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223115.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223117.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223118.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223119.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223120.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223121.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223122.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223123.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223124.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223125.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223126.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223127.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223128.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223129.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223130.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223131.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223132.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223133.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223135.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223136.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223137.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223138.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223139.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223140.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223141.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223142.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223143.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223144.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223145.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223146.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223147.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223148.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223149.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223150.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223151.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223153.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223154.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223155.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223156.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223157.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223158.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223159.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223160.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223161.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223162.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223163.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223164.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223165.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223166.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223167.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223168.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223169.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223171.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223172.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223173.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223174.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223175.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223176.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223178.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223179.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223180.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223181.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223182.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223183.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223184.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{326D7768-4F98-4844-A040-56A19BFA00F8}\RP228\A0223185.sys (Rootkit.Agent) -> Quarantined and deleted successfully.


Das dürfte jetzt ungefähr ein Fünzigstel sein vom ganzen. kein scherz. aber das ganze geht genaus weiter einfach nur die zahlen hinten ändern

4RobSen8 18.03.2009 00:48
Wie kommst du an soviel Mist???:eek:
Ich würde ja sofort Neuaufsetzten!!!
Oder ne neue Festplatte kaufen^^

Falls du noch willst:
Lasse vorher mal Gmer laufen...

GMER - Rootkit Detection
  • Lade Tralala von File-Upload.net - Tralala.exe
  • Klick auf Download (rechts in der Mitte) und speichere es auf den Desktop
  • Doppelklick auf Tralala.exe
    http://saved.im/mzaxndu2m2ni_vs/gmerzj1oo1.jpg
  • Der Reiter Rootkit oben ist schon angewählt
  • Drücke Scan, Der Vorgang kann je nach System 3 - 10min dauern
  • nach Beendigung des Scan, drücke "Copy"
  • nun kannst Du das Ergebnis hier einfügen. Sollte das Log zu lang sein, dann lade es bei einem Filehoster wie z.B. Materialordner.de hoch und poste den Link.
  • Sollte Gmer sagen "Gmer hasen´t found any System Modifikation", so hat Gmer keine Einträge gefunden.

Th3 Cr4xX 18.03.2009 12:47
das scheint nur ein virus gewesen zu sein, der sich dann tausendfach verbreitet hat.

Crusader 18.03.2009 15:09
Wow, aber Respekt, da bleibt mir die Spuke weg..... :eek::eek:

So was hab ich auch noch nie gesehen! :kloppen:

@ 4RobSen8: Du hast die Ehre. :Boogie:

4RobSen8 18.03.2009 15:29
Zitat:
Zitat von Th3 Cr4xX (Beitrag 422225)
das scheint nur ein virus gewesen zu sein, der sich dann tausendfach verbreitet hat.
Die Betonung liegt auf nur

Fazit: NEUAUFSETZTEN

Und hier: Anleitung: Avira Antivir - Agressive Einstellungen


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:33 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19