| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Rootkit.GenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
11.03.2007, 13:08
| #4 |
| |  TR/Rootkit.Gen Hallo .... @[Gc]Sunny ... habe es mal so gemacht was du geschrieben hast ... verstehe zwar nur Bahnhof  aber ok ... habe das Ergebnis mal gepostet ....ich Hoffe das es nicht zu schlimm ist ... Danke schonmal im Vorraus !!! Mfg ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sun Mar 11 10:20:27 2007 => Version 9.1.7 (C:\DOKUME~1\Markus\LOKALE~1\Temp\mexe.com) Sun Mar 11 10:46:36 2007 => Version 9.1.7 (C:\DOKUME~1\Markus\LOKALE~1\Temp\mexe.com) Sun Mar 11 10:50:04 2007 => Version 9.1.7 (C:\DOKUME~1\Markus\LOKALE~1\Temp\mexe.com) Sun Mar 11 10:55:41 2007 => Version 9.1.7 (C:\DOKUME~1\Markus\LOKALE~1\Temp\mexe.com) Sun Mar 11 10:56:37 2007 => Version 9.1.7 (C:\DOKUME~1\Markus\LOKALE~1\Temp\mexe.com) Sun Mar 11 10:20:37 2007 => Virus Database Date: 3/9/2007 Sun Mar 11 10:46:41 2007 => Virus Database Date: 3/9/2007 Sun Mar 11 10:47:27 2007 => Virus Database Date: 3/11/2007 Sun Mar 11 10:50:07 2007 => Virus Database Date: 3/11/2007 Sun Mar 11 10:55:44 2007 => Virus Database Date: 3/11/2007 Sun Mar 11 12:58:17 2007 => Virus Database Date: 3/11/2007 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Infektionsmeldungen ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sun Mar 11 10:57:12 2007 => System found infected with gain.gator Spyware/Adware ({21ffb6c0-0da1-11d5-a9d5-00500413153c})! Action taken: No Action Taken. Sun Mar 11 10:57:23 2007 => System found infected with h@tkeysh@@k Spyware/Adware (h@tkeysh@@k.dll)! Action taken: No Action Taken. Sun Mar 11 10:57:23 2007 => System found infected with w32.myzor.fk@yf Trojan (pmuninst.exe)! Action taken: No Action Taken. Sun Mar 11 10:57:50 2007 => System found infected with gain.gator Spyware/Adware (hkey_local_machine\software\gator.com)! Action taken: No Action Taken. Sun Mar 11 10:57:51 2007 => System found infected with savenow Adware (C:\WINDOWS\system32\ssubtmr.dll)! Action taken: No Action Taken. Sun Mar 11 10:57:14 2007 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken. Sun Mar 11 10:57:14 2007 => Object "gain.gator Spyware/Adware" found in File System! Action Taken: No Action Taken. Sun Mar 11 10:57:14 2007 => Object "grokster Spyware/Adware" found in File System! Action Taken: No Action Taken. Sun Mar 11 10:57:15 2007 => Object "unknown trojan Spyware/Adware" found in File System! Action Taken: No Action Taken. Sun Mar 11 10:57:54 2007 => Object "Possible Fujacks-type Worm" found in File System! Action Taken: No Action Taken. ~~~~~~~~~~~ Dateien ~~~~~~~~~~~ ~~~~ Infected files ~~~~~~~~~~~ Sun Mar 11 11:06:47 2007 => File C:\Dokumente und Einstellungen\Markus\Lokale Einstellungen\Temporary Internet Files\Content.IE5\OZ6NA52L\ysb_downloads_manager[1].htm infected by "Exploit.HTML.CodeBaseExec" Virus! Action Taken: No Action Taken. ~~~~~~~~~~~ ~~~~ Offending files ~~~~~~~~~~~ Sun Mar 11 10:57:23 2007 => Offending file found: C:\WINDOWS\system32\h@tkeysh@@k.dll Sun Mar 11 10:57:23 2007 => Offending file found: C:\WINDOWS\system32\pmuninst.exe Sun Mar 11 10:57:51 2007 => Offending file found: C:\WINDOWS\system32\ssubtmr.dll ~~~~~~~~~~~ ~~~~ Tagged files ~~~~~~~~~~~ ~~~~~~~~~~~ Ordner ~~~~~~~~~~~ ~~~~~~~~~~~ Registry ~~~~~~~~~~~ Sun Mar 11 10:57:14 2007 => Offending Key found: HKLM\Software\gator.com !!! Sun Mar 11 10:57:14 2007 => Offending Key found: HKLM\Software\gatortest !!! Sun Mar 11 10:57:14 2007 => Offending Key found: HKCU\\magnet !!! Sun Mar 11 10:57:23 2007 => Offending file found: C:\WINDOWS\system32\h@tkeysh@@k.dll Sun Mar 11 10:57:50 2007 => Offending Registry Entry found: hkey_local_machine\software\gator.com Sun Mar 11 10:57:54 2007 => Offending Key found: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{39405b23-99de-11db-993d-080046c234fd} !!! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Statistiken: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sun Mar 11 12:58:17 2007 => Total Errors: 602 Sun Mar 11 12:58:17 2007 => Time Elapsed: 02:01:20 Sun Mar 11 12:58:17 2007 => Total Objects Scanned: 73714 Sun Mar 11 10:20:37 2007 => Virus Database Date: 3/9/2007 Sun Mar 11 10:46:41 2007 => Virus Database Date: 3/9/2007 Sun Mar 11 10:47:27 2007 => Virus Database Date: 3/11/2007 Sun Mar 11 10:50:07 2007 => Virus Database Date: 3/11/2007 Sun Mar 11 10:55:44 2007 => Virus Database Date: 3/11/2007 Sun Mar 11 12:58:17 2007 => Virus Database Date: 3/11/2007 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan-Optionen ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Sun Mar 11 10:56:37 2007 => Memory Check: Enabled Sun Mar 11 10:56:37 2007 => Registry Check: Enabled Sun Mar 11 10:56:37 2007 => StartUp Folder Check: Disabled Sun Mar 11 10:56:37 2007 => System Area Check: Disabled Sun Mar 11 10:56:37 2007 => Services Check: Enabled Sun Mar 11 10:56:37 2007 => Drive Check: Disabled Sun Mar 11 10:56:37 2007 => All Drive Check :Enabled Sun Mar 11 10:56:37 2007 => All Drive Check :Enabled -------------------------------------------------- C:\Dokumente und Einstellungen\Markus\Eigene Dateien\MWAV.LOG -------------------------------------------------- |
| Themen zu TR/Rootkit.Gen |
| ahnung, angezeigt, anleitung, antivir, auf einmal, c:\windows, datei, drivers, frage, fragen, gelöscht, helfen, information, killbox, problem, programm, prüfen, restore, schonmal, system, system volume information, system32, tr/rootkit.gen, unerwünschtes programm, virus, volume, windows, windows\system32\drivers, _restore |
Baum-Darstellung