Windows 10: Adware schreibt Geisterbuchstaben in OpenOffice und Firefox-Eingabefeld, verdächtige SndVolume.exe aufgetaucht

Cevap Cici · 11.08.2022, 14:58

Zitat:

Zitat von cosinus

[...] Das FBI wird dir morgen die Tür eintreten.

Nach wie vor kommt von dir keine sachliche oder weiterführende Information. Aus deinen Aussagen konnte ich bisher lediglich ableiten, dass der Malware-Befall nicht so schlimm war, wie ich ursprünglich befürchtet hatte.

Computer 1:

Code:

ATTFilter

Program            : RogueKiller Anti-Malware
Version            : 15.5.3.0
x64                : Yes
Program Date       : Jun 13 2022
Location           : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium            : Yes
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19043) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : *****
User is Admin      : Yes
Date               : 2022/08/08 10:19:27
Type               : Scan
Aborted            : No
Scan Mode          : Standard
Duration           : 1078
Found items        : 1
Total scanned      : 70440
Signatures Version : 20220808_080425
Truesight Driver   : Yes
Updates Count      : 0
Arguments          : -minimize

************************* Warnings *************************

************************* Updates *************************

************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big      : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts


************************* Filesystem *************************
[Tr.Gen (Bösartig)] (folder) Migration -- C:\Windows\Migration -> Gefunden

************************* Web Browsers *************************

************************* Antirootkit *************************

Computer 2:

Code:

ATTFilter

Program            : RogueKiller Anti-Malware
Version            : 15.5.3.0
x64                : Yes
Program Date       : Jun 13 2022
Location           : C:\Program Files\RogueKiller\RogueKiller64.exe
Premium            : Yes
Company            : Adlice Software
Website            : https://www.adlice.com/
Contact            : https://adlice.com/contact/
Website            : https://adlice.com/download/roguekiller/
Operating System   : Windows 10 (10.0.19044) 64-bit
64-bit OS          : Yes
Startup            : 0
WindowsPE          : No
User               : *****
User is Admin      : Yes
Date               : 2022/08/08 23:43:02
Type               : Scan
Aborted            : No
Scan Mode          : Standard
Duration           : 2810
Found items        : 1
Total scanned      : 99126
Signatures Version : 20220808_080425
Truesight Driver   : Yes
Updates Count      : 2
Arguments          : -minimize

************************* Warnings *************************
(18:25277) C:\ProgramData\MA Lighting Technologies\grandma\gma2_V_3.9.60\library, LONG_FOLDER_SCAN
  [+] path    : C:\ProgramData\MA Lighting Technologies\grandma\gma2_V_3.9.60\library
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 18
  [+] int2    : 25277

(21:26) C:\ProgramData\MA Lighting Technologies\grandma\gma2_V_3.9.60, LONG_FOLDER_SCAN
  [+] path    : C:\ProgramData\MA Lighting Technologies\grandma\gma2_V_3.9.60
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 21
  [+] int2    : 26

(24:0) C:\ProgramData\MA Lighting Technologies\grandma, LONG_FOLDER_SCAN
  [+] path    : C:\ProgramData\MA Lighting Technologies\grandma
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 24
  [+] int2    : 0

(24:0) C:\ProgramData\MA Lighting Technologies, LONG_FOLDER_SCAN
  [+] path    : C:\ProgramData\MA Lighting Technologies
  [+] message : LONG_FOLDER_SCAN
  [+] int1    : 24
  [+] int2    : 0


************************* Updates *************************
iTunes (64-bit), version 12.11.0.26
  [+] Available Version        : 12.12.4.1
  [+] Size                     : 963 MB
  [+] Wow6432                  : No
  [+] Portable                 : No
  [+] update_location          : C:\Program Files\iTunes\

kdenlive (32-bit), version 22.04.1
  [+] Available Version        : 22.04.3
  [+] Size                     : 93,1 MB
  [+] Wow6432                  : Yes
  [+] Portable                 : No


************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big      : No
hosts_file_path : C:\Windows\System32\drivers\etc\hosts


************************* Filesystem *************************
[Tr.Gen (Bösartig)] (folder) Migration -- C:\Windows\Migration -> Gefunden

************************* Web Browsers *************************

************************* Antirootkit *************************

Windows 10: Adware schreibt Geisterbuchstaben in OpenOffice und Firefox-Eingabefeld, verdächtige SndVolume.exe aufgetaucht

Mülltonne: Windows 10: Adware schreibt Geisterbuchstaben in OpenOffice und Firefox-Eingabefeld, verdächtige SndVolume.exe aufgetaucht

Windows 10: Adware schreibt Geisterbuchstaben in OpenOffice und Firefox-Eingabefeld, verdächtige SndVolume.exe aufgetaucht

Ähnliche Themen: Windows 10: Adware schreibt Geisterbuchstaben in OpenOffice und Firefox-Eingabefeld, verdächtige SndVolume.exe aufgetaucht