|
System nach Malware Angriff neu aufgesetzt, jetzt alles sicher ? Servus, habe die Boardsuche verwendet aber leider nicht vollständige Antwort erhalten. Ich hatte gestern einen Malware Angriff und es ging nichts mehr.Falsche URL Verlinkungen, ständige Neustarts... Nicht mal mehr die Anti Malware Software lies sich komplett ausführen. Hab dann mein system platt gemacht und Windows7 Professional 64bit drauf gespielt (Studenten Lizenz) weil ichs eh mal machen wollte. Jetzt die Frage: Könnte noch irgendwo was sitzen ? Festplatten hab ich komplett formatiert. Was muss ich bei angeschlossenen externen Medien beachten. Reicht da diese Geschichte mit dem Flash_Disinfector.exe aus ? Und was könnte ich in Zukunft beachten, dass sowas nicht mehr vorkommt. Bin mir nicht ganz sicher wie ich mir das Teil eingefangen hab. Habe google Chrome benutzt, jetzt erstmal firefox, spielt das eine Rolle ? Vielen Dank schonmal für die Hilfe, sehr professionelles Board hier ! Bei einem durchlauf des Systems wurde nichts gefunden Dann SD Karte eingeteckt und AntiVir hat sofort die Autorun Datei geblockt. Hab die Karte jetzt mal gecheckt. Ergebis: Malwarebytes' Anti-Malware 1.50 www.malwarebytes.org Datenbank Version: 5307 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 13.12.2010 21:18:50 mbam-log-2010-12-13 (21-18-50).txt Art des Suchlaufs: Vollständiger Suchlauf (F:\|) Durchsuchte Objekte: 145166 Laufzeit: 1 Minute(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 78 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: f:\RECYCLER\s-2-4-32-2202812242-4762527706-115066330-0345\tAtVvGxN.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-2-4-32-2202812242-4762527706-115066330-0345\hukBukDY.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-2-4-32-2202812242-4762527706-115066330-0345\YrKTTEeW.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-2-4-32-2202812242-4762527706-115066330-0345\cXeWPcwL.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\VZoeLupl.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\RkZyOVIw.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\sZYMyKGI.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\AEwoyjQQ.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\eeWaCZho.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\HoamHqLa.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\TdiJZAgs.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\yZEdUshR.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\qhQydrVJ.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\fEqhQNOJ.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\ILmseTvZ.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\IEGVNLHc.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\bArvUKYn.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\oLiVDNiw.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\qXmuKPXR.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\tvPGERvX.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\saEimYJb.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\RjiQSRSc.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\qdPEcHCW.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\rGQZdfMH.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\PDFrVYcf.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\vMnUOaSw.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\vJNSOYvm.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\HgcmTcBD.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\whlxljOH.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\qNwuIVFb.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\lxkQHVqQ.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\jcVdOveq.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\TyQArRFu.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\aEXDMmeR.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\eSuRcXlE.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\fYDSfLJR.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\QbkWgiQH.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\tjTKmIyg.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\sbJhLBJU.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\KnGqsbdb.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\VEyZOfFx.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\RQNMAcsv.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\eTknxiHH.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\sCPGPTHg.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\acVZeCBA.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\KwluLDXc.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\GXVhbaPT.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\sRZwYFjp.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\EhgjDsGc.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\jdobDJUQ.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\tMbegwPL.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\DYEYnCsO.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\CyCMvXye.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\tIFyGlDl.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\tAmjApLY.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\eUweSbbt.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\QRqEmgPs.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\JQuEwCUZ.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\eaccDjVw.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\jorqhijs.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\jfoZsyGG.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\auFUbTRD.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\OETkfkMf.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\myujfVQw.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\hAjSqWbv.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\eVFdLTZM.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\vQoELFPQ.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\WbgGaJEb.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\hrcBpZcK.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\SZnUpYfY.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\pQPgYEWa.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\YFDqBSxu.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\mIhVKWnw.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\heKWfGDo.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\RyMcqlkA.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\EoeMvkft.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\cbUdXxJG.exe (Trojan.Agent) -> Quarantined and deleted successfully. f:\RECYCLER\s-5-8-04-1158665017-8243341655-837773810-0777\MfNDFUHm.exe (Trojan.Agent) -> Quarantined and deleted successfully. Muss ich jetzt wieder Angst, dass Teile des Sytems wieder verseucht sind. Kann ich die Daten auf der Karte jetzt verwenden ? |
Hallo und :hallo: Zitat:
Zitat:
Der Flash Disinfector läuft AFAIK nur auf einem 32-Bit-Windows! Zitat:
1) Sei misstrauisch im Internet und v.a. bei unbekannten E-Mails, sei vorsichtig bei der Herausgabe persönlicher Daten!! 2) Halte Windows und alle verwendeten Programme immer aktuell 3) Führe regelmäßig Backups auf externe Medien durch 4) Arbeite mit eingeschränkten Rechten 5) Nutze sichere Programme wie zB Opera oder Firefox zum Surfen statt den IE, zum Mailen Thunderbird statt Outlook Express - E-Mails nur als reinen text anzeigen lassen Alles noch genauer erklärt steht hier => Kompromittierung unvermeidbar? |
Danke für die Infos. System scheint sauber. SD Karte bekomm ich nicht clean. Nicht mal formatiert. Schade. Geht mir eher um die Bilder die drauf sind als um die Karte... |
Geh an einen Rechner mit 32-Bit-Windows. Deaktivier dort die automatische Wiedergabe auf allen Laufwerken. Steck die SD-Karte da ran und führ den Flash-Disinfector aus. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 05:59 Uhr. |
Copyright ©2000-2025, Trojaner-Board