| |
| |||||||
Diskussionsforum: Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund!Windows 7 Hier sind ausschließlich fachspezifische Diskussionen erwünscht. Bitte keine Log-Files, Hilferufe oder ähnliches posten. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Bereinigungen von nicht ausgebildeten Usern sind hier untersagt. Wenn du dir einen Virus doer Trojaner eingefangen hast, eröffne ein Thema in den Bereinigungsforen oben. |
19.01.2022, 20:24
| #12 |
| |  Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! Hi, ja aber mehr als alles durchsuchen und mir echt mühe geben kann ich wohl nicht. Wie gesagt habe andere Steckdosen nun im Betrieb.... Der Scan mit RougeKiller ergab : Code:
ATTFilter ************************* Warnings *************************
************************* Updates *************************
7-Zip 19.00 (x64) (64-bit), version 19.00
[+] Available Version : 21.07
[+] Size : 4,96 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\7-Zip\
CPUID CPU-Z 1.91 (64-bit), version 1.91
[+] Available Version : 1.99
[+] Size : 4,52 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\CPUID\CPU-Z\
CrystalDiskMark 7.0.0h (64-bit), version 7.0.0h
[+] Available Version : 8.0.4
[+] Size : 10,3 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\CrystalDiskMark7\
GIMP 2.10.20 (64-bit), version 2.10.20
[+] Available Version : 2.10.30
[+] Size : 1,01 GB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\GIMP 2\
TeamSpeak 3 Client (64-bit), version 3.5.2
[+] Available Version : 3.5.6
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\TeamSpeak 3 Client
VLC media player (64-bit), version 3.0.11
[+] Available Version : 3.0.16
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Program Files\VideoLAN\VLC
Oracle VM VirtualBox 6.0.20 (64-bit), version 6.0.20
[+] Available Version : 6.1.32
[+] Size : 1,03 GB
[+] Wow6432 : No
[+] Portable : No
K-Lite Mega Codec Pack 15.4.7 (32-bit), version 15.4.7
[+] Available Version : 16.7.0
[+] Size : 111 MB
[+] Wow6432 : Yes
[+] Portable : No
[+] update_location : C:\Program Files (x86)\K-Lite Codec Pack\
Discord (64-bit), version 0.0.309
[+] Available Version : 1.0.9003
[+] Size : 64,6 MB
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Users\Micha\AppData\Local\Discord
Microsoft OneDrive (64-bit), version 19.232.1124.0010
[+] Available Version : 21.230.1107.0004
[+] Size : 137 MB
[+] Wow6432 : No
[+] Portable : No
Spotify (64-bit), version 1.1.66.578.gc54d0f69
[+] Available Version : 1.1.72.439.gc253025e
[+] Wow6432 : No
[+] Portable : No
[+] update_location : C:\Users\Micha\AppData\Roaming\Spotify
************************* Processes *************************
************************* Modules *************************
************************* Services *************************
************************* Scheduled Tasks *************************
************************* Registry *************************
>>>>>> O87 - Firewall
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{620E33CE-856D-4586-929E-01DD29FB19B8} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\GarrysMod\hl2.exe|Name=Garry's Mod| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4A8A4450-84F2-4C1B-81AD-97D54C3E16DA} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\GarrysMod\hl2.exe|Name=Garry's Mod| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D413AA39-EBF4-432A-AF43-FFF790BDC857} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Nephise Begins\NephiseBegins.exe|Name=Nephise Begins| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2B00AD7E-E05D-4279-85F2-5052E80C993F} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Nephise Begins\NephiseBegins.exe|Name=Nephise Begins| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FFEC9F6E-C769-47B2-804E-D59961C7CA0D} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Goat of Duty\GoatOfDuty.exe|Name=GOAT OF DUTY| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{95C8641F-9EB7-46DB-8ADA-1CF32472988D} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Goat of Duty\GoatOfDuty.exe|Name=GOAT OF DUTY| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FD3F6C22-EEAA-4605-82CC-99F13CFD22EA} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Phasmophobia\Phasmophobia.exe|Name=Phasmophobia| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0D900EBE-1970-44C8-9D92-5234D27E06FB} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\Phasmophobia\Phasmophobia.exe|Name=Phasmophobia| -> Gefunden
├── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{79A35F1F-E464-4B4C-A735-D8DAE6ABBDDD} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\7 Days To Die\7dLauncher.exe|Name=7 Days to Die| -> Gefunden
└── [Suspicious.Path (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0592D5B9-AF88-4397-B58C-85302CFD8834} -- v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|App=F:\tmp\Games_nebenOrdner\Steam_neben\steamapps\common\7 Days To Die\7dLauncher.exe|Name=7 Days to Die| -> Gefunden
>>>>>> XX - System Policies
└── [PUM.Policies (Potenziell bösartig)] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System|ConsentPromptBehaviorAdmin -- 0 -> Gefunden
************************* WMI *************************
************************* Hosts File *************************
is_too_big : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts
************************* Filesystem *************************
************************* Web Browsers *************************
************************* Antirootkit *************************
|
| Themen zu Telekom Sicherheitsalarm: 3 Schädlinge: Bamital; Matsnu & Nymaim - beim Scan kein Fund! |
| 100%, adware, antivirus, browser, converter, email, failed, firefox, flash player, google, internet, internet explorer, mozilla, object, openvpn, port, realtek, registry, scan, security, shark, tcp, trojana; malware; telekom; dos; syn-flood, udp, usb, virtualbox, windows, wlan |
Baum-Darstellung