| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GEMA TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
21.12.2011, 22:36
| #1 |
 |  GEMA Trojaner Wenn`s das nächste Mal auftaucht mach ich nen screenshot  |
|
22.12.2011, 08:03
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | GEMA Trojaner Schau mal nach den Protections-Log von Malwarebytes. Wie immer im Reiter Logdateien.
__________________
__________________ |
|
22.12.2011, 20:32
| #3 |
| | GEMA Trojaner Hier der Protections-Log von gestern und von heute. Ist immer die selbe Seite und gestern war das Problem noch deutlich größer als heute:
__________________Code:
ATTFilter 08:29:55 juli MESSAGE Protection started successfully
08:30:07 juli MESSAGE IP Protection started successfully
10:14:05 juli MESSAGE Protection started successfully
10:14:12 juli MESSAGE IP Protection started successfully
13:49:40 juli MESSAGE Protection started successfully
13:49:52 juli MESSAGE IP Protection started successfully
14:01:52 (null) IP-BLOCK 213.163.64.119 (Type: outgoing)
20:03:51 juli MESSAGE Protection started successfully
20:04:02 juli MESSAGE IP Protection started successfully
21:02:14 (null) IP-BLOCK 213.163.64.119 (Type: outgoing)
21:03:59 juli MESSAGE Protection started successfully
21:04:11 juli MESSAGE IP Protection started successfully
21:04:12 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:12 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:13 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:14 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:15 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:16 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:18 juli IP-BLOCK 213.163.64.119 (Type: incoming)
21:04:18 juli IP-BLOCK 213.163.64.119 (Type: incoming)
21:04:19 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:19 juli IP-BLOCK 213.163.64.119 (Type: incoming)
21:04:21 juli IP-BLOCK 213.163.64.119 (Type: incoming)
21:04:23 juli IP-BLOCK 213.163.64.119 (Type: incoming)
21:04:24 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:29 juli IP-BLOCK 213.163.64.119 (Type: incoming)
21:04:33 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:36 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:40 juli IP-BLOCK 213.163.64.119 (Type: incoming)
21:04:42 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:54 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:04:57 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:05:03 juli IP-BLOCK 213.163.64.119 (Type: incoming)
21:05:03 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:05:16 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:05:19 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:05:25 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:05:37 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:05:40 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:05:46 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:05:48 juli IP-BLOCK 213.163.64.119 (Type: incoming)
21:05:58 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:06:01 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:06:07 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:06:19 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:06:22 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:06:28 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:06:41 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:06:44 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:06:50 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:07:02 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:07:05 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:07:11 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:07:23 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:07:26 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:07:32 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:07:44 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:07:47 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:07:53 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:08:05 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:08:08 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:08:14 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:08:27 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:08:30 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:08:36 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:08:49 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:08:52 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:08:59 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:09:11 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:09:14 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:09:20 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:09:32 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:09:35 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:09:41 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:09:53 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:09:56 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:10:02 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:10:14 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:10:17 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:10:23 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:10:35 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:10:38 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:10:44 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:10:56 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:10:59 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:11:05 juli IP-BLOCK 213.163.64.119 (Type: outgoing)
21:18:08 juli MESSAGE IP Protection stopped
21:18:08 juli MESSAGE Scheduled update executed successfully
21:18:16 juli MESSAGE Database updated successfully
21:18:25 juli MESSAGE IP Protection started successfully
22:04:08 juli MESSAGE Protection started successfully
22:04:19 juli MESSAGE IP Protection started successfully
22:56:49 (null) IP-BLOCK 213.163.64.119 (Type: outgoing)
Code:
ATTFilter 08:46:48 juli MESSAGE Protection started successfully
08:47:13 juli MESSAGE IP Protection started successfully
10:34:22 (null) IP-BLOCK 213.163.64.119 (Type: outgoing)
20:24:07 juli MESSAGE Protection started successfully
20:24:25 juli MESSAGE IP Protection started successfully
|
|
22.12.2011, 20:49
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | GEMA Trojaner Hab mal ne whois Abfrage gemacht. Geht unter Linux problemlos. Die geblockte IP-Nummer ist von i3D.net - Game servers - Voice servers - Dedicated Servers - Webhosting - Colocation - i3D.net und genießt bei WOT (Web of Trust) einen grünen also guten Wert. Mach dir da mal keine Sorgen. Malwarebytes hat auch seine Fehlalarme. Es kommt nur drauf an wie man bestimmte Meldungen interpretiert, denn nicht jede Warnung ist per se was Gefährliches. Code:
ATTFilter arne@pebkac:~$ whois 213.163.64.119
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '213.163.64.0 - 213.163.64.127'
inetnum: 213.163.64.0 - 213.163.64.127
netname: INTERACTIVE3D
descr: Interactive 3D
country: NL
admin-c: Ir809-RIPE
tech-c: Ir809-RIPE
status: ASSIGNED PA
mnt-by: MNT-I3D
source: RIPE # Filtered
role: Interactive 3D Role
address: i3D.net - Interactive 3D
address: Meent 93B
address: 3011JG Rotterdam
address: The Netherlands
fax-no: +31842241251
phone: +31108900070
org: ORG-IA772-RIPE
mnt-by: MNT-i3D
mnt-by: AS49544-MNT
abuse-mailbox: abuse@i3d.net
admin-c: SK4163-RIPE
admin-c: SI982-RIPE
tech-c: SK4163-RIPE
tech-c: SI982-RIPE
tech-c: RS8787-RIPE
nic-hdl: Ir809-RIPE
source: RIPE # Filtered
% Information related to '213.163.64.0/19AS49544'
route: 213.163.64.0/19
descr: Interactive 3D B.V. (AS49544)
remarks: --------------------------------------------------------
remarks: Abuse : abuse@i3d.net
remarks: NOC: noc@i3d.net
remarks: --------------------------------------------------------
origin: AS49544
mnt-by: MNT-I3D
source: RIPE # Filtered
arne@pebkac:~$
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
23.12.2011, 11:25
| #5 |
| | GEMA Trojaner Danke. Das ist ja beruhigend. Dann wünsche ich mal schöne Feiertage  |
|
| Themen zu GEMA Trojaner |
| 0x00000001, 5suxrt589cxuftg.exe, administrator, adobe, bho, canon, disabletaskmgr, einstellungen, explorer, format, gema trojaner, home, homepage, hotkey.sys, install.exe, installation, launch, logfile, mdm.exe, neu, nvidia, object, otl-datei, plug-in, realtek, registry, scan, seiten, software, trojane, trojaner, trojaner eingefangen, usb, wallpaper, windows, windows xp, winlogon |
Hybrid-Darstellung
