Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
evtl. Package.Generic.200

evtl. Package.Generic.200


Plagegeister aller Art und deren Bekämpfung: evtl. Package.Generic.200

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 17.07.2009, 15:07   #1
frank1985
 
evtl. Package.Generic.200 - Standard

evtl. Package.Generic.200


Hallo Profis ^^

Seit gestern habe ich ein Problem, ich denke das sich etwas in meinem System eingeschlichen hat.

Irgendwie hat das alles ziemliche paraleelen zu diesem Beitrag finde ich
http://www.trojaner-board.de/75393-viren-blockieren-programme-und-veraendern-browser.html

Symptome:
-Mit Google kann nichts mehr gesucht werden, nachdem ich etwas in das Suchfeld eingegeben habe und Suchen drücke, wird nur eine leere Seite angezeigt anstatt der Suchergebnisse. Exakt das selbe trifft auf Yahoo zu.

-Bei Systemstart zeigt Norton eine Meldung mit dem Hinweis auf "Package.Generic.200"

-Hohe Systemauslastung

-Das Ding scheint auch Norton lahmzulegen, denn ich kann mein System nicht mehr auf Viren überprüfen lassen.

Vielleicht kann mir ja jemand von euch dabei helfen den Mist loszubekommen


Zitat:
Hijack-Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:35:27, on 17.07.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
D:\Office\Office12\GrooveMonitor.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\AutoSizer\AutoSizer.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\T-Online\DSL-Manager\DslMgr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\explorer.exe
C:\Users\****\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gmx.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://de.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://de.rd.yahoo.com/customize/ycomp/defaults/su/*http://de.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 78.154.132.241:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O2 - BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} - (no file)
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Office\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [PDFPrint] "C:\Program Files\pdf24\PDFBackend.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AutoSizer] "C:\Program Files\AutoSizer\AutoSizer.exe"
O4 - HKCU\..\Run: [Taskbar Shuffle] C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
O4 - HKCU\..\Run: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIEGE.EXE /FU "C:\Windows\TEMP\E_S55D.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DSL-Manager Application] C:\Program Files\T-Online\DSL-Manager\DslMgr.exe
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/servlet/ProductMessages?module=2007&error=0&language=de&product=SymNRT&version=2008.0.1.14&build=Symantec&a=00000082.00000049.000000b9&b=00000082.00000049.000 000bb&c=00000082.00000049.000000d4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETZWERKDIENST')
O4 - .DEFAULT User Startup: DSL-Manager.lnk = C:\Program Files\T-Online\DSL-Manager\DslMgr.exe (User 'Default user')
O4 - .DEFAULT User Startup: T-Online DSL-Manager.lnk = C:\Program Files\T-Online\DSL-Manager\TODslMgr.exe (User 'Default user')
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: iOpus iMacros - {0483894E-2422-45E0-8384-021AFF1AF3CD} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Office\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\ICQ6.5\ICQ.exe
O9 - Extra button: (no name) - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - (no file) (HKCU)
O13 - Gopher Prefix:
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Office\Office12\GR99D3~1.DLL
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Automatisches LiveUpdate - Scheduler - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: DSL-Manager (TDslMgrService) - T-Systems Enterprise Services GmbH - C:\Program Files\T-Online\DSL-Manager\DslMgrSvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: @%SystemRoot%\System32\TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\Windows\System32\TUProgSt.exe
O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

--
End of file - 12322 bytes

Alt 17.07.2009, 15:10   #2
frank1985
 
evtl. Package.Generic.200 - Standard

evtl. Package.Generic.200


Hier noch das GMER Logfile

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-07-17 15:59:36
Windows 6.0.6001 Service Pack 1


Zitat:
---- System - GMER 1.0.15 ----

INT 0x52 ? 8488DBF8
INT 0x62 ? 8488DBF8
INT 0x82 ? 86296DB8
INT 0x92 ? 86296DB8
INT 0xB2 ? 86296DB8
INT 0xB3 ? 86296DB8
INT 0xB3 ? 86296DB8
INT 0xB3 ? 86296DB8

Code 86F01390 ZwEnumerateKey
Code 86F01358 ZwFlushInstructionCache
Code 86F013C5 IofCallDriver
Code 86F013FE IofCompleteRequest

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!IofCompleteRequest 8223EFE2 5 Bytes JMP 86F01403
.text ntkrnlpa.exe!IofCallDriver 822C0F6F 5 Bytes JMP 86F013CA
PAGE ntkrnlpa.exe!ZwFlushInstructionCache 823B730B 5 Bytes JMP 86F0135C
PAGE ntkrnlpa.exe!ZwEnumerateKey 8240CBA2 5 Bytes JMP 86F01394
? System32\Drivers\spps.sys Das System kann den angegebenen Pfad nicht finden. !
.text USBPORT.SYS!DllUnload 8CD3846F 5 Bytes JMP 86296398

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [882906A4] \SystemRoot\System32\Drivers\spps.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [88290046] \SystemRoot\System32\Drivers\spps.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [882907CE] \SystemRoot\System32\Drivers\spps.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [882900C4] \SystemRoot\System32\Drivers\spps.sys
IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [88290142] \SystemRoot\System32\Drivers\spps.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8829BD7A] \SystemRoot\System32\Drivers\spps.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdiplusShutdown] [744D7BA4] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCloneImage] [745198C5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDrawImageRectI] [744DD3C8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipSetInterpolationMode] [744CF527] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdiplusStartup] [744D7599] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateFromHDC] [744CE43D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateBitmapFromStreamICM] [7450B33D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipCreateBitmapFromStream] [744DD68A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipGetImageHeight] [744D012E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipGetImageWidth] [744D0095] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDisposeImage] [744C71F3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipLoadImageFromFileICM] [7455D802] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipLoadImageFromFile] [744F75E1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipDeleteGraphics] [744CDAE1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipFree] [744C668F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipAlloc] [744C66BA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\explorer.exe[3776] @ C:\Windows\explorer.exe [gdiplus.dll!GdipSetCompositingMode] [744D1E45] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 852251F8
Device \FileSystem\fastfat \FatCdrom A6848500
Device \Driver\netbt \Device\NetBT_Tcpip_{1EB459C3-FF6B-41FB-A16D-DE349E58DB26} 86F9D500

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

Device \Driver\volmgr \Device\VolMgrControl 8488F1F8
Device \Driver\usbuhci \Device\USBPDO-0 861461F8
Device \Driver\usbuhci \Device\USBPDO-1 861461F8
Device \Driver\usbuhci \Device\USBPDO-2 861461F8
Device \Driver\usbuhci \Device\USBPDO-3 861461F8
Device \Driver\usbehci \Device\USBPDO-4 8614A1F8

AttachedDevice \Driver\tdx \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\volmgr \Device\HarddiskVolume1 8488F1F8
Device \Driver\volmgr \Device\HarddiskVolume2 8488F1F8
Device \Driver\volmgr \Device\HarddiskVolume3 8488F1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{395EDF99-601F-4467-A8AC-D245403C6527} 86F9D500
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 852241F8
Device \Driver\atapi \Device\Ide\IdePort0 852241F8
Device \Driver\atapi \Device\Ide\IdePort1 852241F8
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-2 852241F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-1 852241F8
Device \Driver\PCI_PNP7715 \Device\00000066 spps.sys
Device \Driver\netbt \Device\NetBt_Wins_Export 86F9D500
Device \Driver\sptd \Device\3282047735 spps.sys
Device \Driver\Smb \Device\NetbiosSmb 86F991F8
Device \Driver\iScsiPrt \Device\RaidPort0 862A11F8

AttachedDevice \Driver\tdx \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\USBSTOR \Device\00000096 85E8B1F8

AttachedDevice \Driver\tdx \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)

Device \Driver\USBSTOR \Device\00000097 85E8B1F8
Device \Driver\usbuhci \Device\USBFDO-0 861461F8
Device \Driver\usbuhci \Device\USBFDO-1 861461F8
Device \Driver\usbuhci \Device\USBFDO-2 861461F8
Device \Driver\usbuhci \Device\USBFDO-3 861461F8
Device \Driver\usbehci \Device\USBFDO-4 8614A1F8
Device \Driver\volmgr \Device\HarddiskVolume10 8488F1F8
Device \Driver\ansxvbiz \Device\Scsi\ansxvbiz1Port3Path0Target0Lun0 861AB1F8
Device \Driver\ansxvbiz \Device\Scsi\ansxvbiz1 861AB1F8
Device \FileSystem\fastfat \Fat A6848500

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
---- Processes - GMER 1.0.15 ----

Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [444] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [828] 0x01700000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [908] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\System32\svchost.exe [1088] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [1148] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [1288] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [1344] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [1484] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [1748] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [2876] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [3024] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\System32\svchost.exe [3156] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\system32\svchost.exe [3968] 0x10000000
Library \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll (*** hidden *** ) @ C:\Windows\System32\svchost.exe [5920] 0x10000000

---- Services - GMER 1.0.15 ----

Service C:\Windows\system32\drivers\UACmxiqinayrwweptvwr.sys (*** hidden *** ) [SYSTEM] UACd.sys <-- ROOTKIT !!!
__________________
Alt 17.07.2009, 15:11   #3
frank1985
 
evtl. Package.Generic.200 - Standard

evtl. Package.Generic.200


und Part 2

Zitat:
---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0016cfebb4b0
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0016cfebb4b0@00181306ed33 0xE6 0x21 0x7B 0xA4 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 1914210926
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 -1836057199
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x44 0x83 0x65 0xE1 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x70 0x36 0x5F 0x18 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x21 0xC0 0x54 0x21 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x13 0xF0 0x33 0x7F ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys@start 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys@type 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACmxiqinayrwweptvwr.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys@group file system
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACmxiqinayrwweptvwr.sys
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACwxbqiurrqtyenrlin.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACdcmvbetmjpcpngsuo.dat
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACystdeoiocqstteuqu.db
Reg HKLM\SYSTEM\CurrentControlSet\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACfedimptpgtpevowbw.dll
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@start 1
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@type 1
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACmxiqinayrwweptvwr.sys
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys@group file system
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACmxiqinayrwweptvwr.sys
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACwxbqiurrqtyenrlin.dll
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACdcmvbetmjpcpngsuo.dat
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACystdeoiocqstteuqu.db
Reg HKLM\SYSTEM\ControlSet002\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACfedimptpgtpevowbw.dll
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@start 1
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@type 1
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACmxiqinayrwweptvwr.sys
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys@group file system
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACmxiqinayrwweptvwr.sys
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACwxbqiurrqtyenrlin.dll
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACdcmvbetmjpcpngsuo.dat
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACystdeoiocqstteuqu.db
Reg HKLM\SYSTEM\ControlSet003\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACfedimptpgtpevowbw.dll
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\0016cfebb4b0
Reg HKLM\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\0016cfebb4b0@00181306ed33 0xE6 0x21 0x7B 0xA4 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x44 0x83 0x65 0xE1 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x70 0x36 0x5F 0x18 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x21 0xC0 0x54 0x21 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x13 0xF0 0x33 0x7F ...
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@start 1
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@type 1
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@imagepath \systemroot\system32\drivers\UACmxiqinayrwweptvwr.sys
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys@group file system
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACd \\?\globalroot\systemroot\system32\drivers\UACmxiqinayrwweptvwr.sys
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@UACc \\?\globalroot\systemroot\system32\UACwxbqiurrqtyenrlin.dll
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacbbr \\?\globalroot\systemroot\system32\UACiwnmysftbxvujdjbl.dll
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacsr \\?\globalroot\systemroot\system32\UACdcmvbetmjpcpngsuo.dat
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacmal \\?\globalroot\systemroot\system32\UACystdeoiocqstteuqu.db
Reg HKLM\SYSTEM\ControlSet004\Services\UACd.sys\modules@uacrem \\?\globalroot\systemroot\system32\UACfedimptpgtpevowbw.dll

---- Files - GMER 1.0.15 ----

File C:\Users\****\AppData\Local\Temp\UAC5ed6.tmp 680448 bytes executable
File C:\Windows\System32\drivers\UACmxiqinayrwweptvwr.sys 54272 bytes executable <-- ROOTKIT !!!
File C:\Windows\System32\UACdcmvbetmjpcpngsuo.dat 310 bytes
File C:\Windows\System32\uacinit.dll 6628 bytes
File C:\Windows\System32\UACiwnmysftbxvujdjbl.dll 70656 bytes executable
File C:\Windows\System32\UACwxbqiurrqtyenrlin.dll 26624 bytes executable
File C:\Windows\System32\UACystdeoiocqstteuqu.db 1110399 bytes
File C:\Windows\Temp\UAC3987.tmp 1110399 bytes
File C:\Windows\Temp\UAC3996.tmp 0 bytes
File C:\Windows\Temp\UAC780c.tmp 70656 bytes executable
File C:\Windows\Temp\UAC7cdc.tmp 310 bytes
File C:\Windows\Temp\UAC86cb.tmp 1110399 bytes
File C:\Windows\Temp\UACc958.tmp 70656 bytes executable
File C:\Windows\Temp\UACda97.tmp 310 bytes
File C:\Windows\Temp\UACf3a1.tmp 70656 bytes executable
File C:\Windows\Temp\UACf759.tmp 310 bytes

---- EOF - GMER 1.0.15 ----
__________________
Antwort

Themen zu evtl. Package.Generic.200
adobe, agere systems, antivir, antivir guard, askbar, avg, avgnt, avgnt.exe, avira, bho, c:\windows\temp, defender, desktop, error, explorer, google, hijackthis, iexplore.exe, internet, internet explorer, internet security, intrusion prevention, launch, magix, malwarebytes' anti-malware, object, pop-up-blocker, problem, rundll, security, software, symantec, system, temp, tuneup.defrag, tuprogst.exe, vista, windows, windows\temp


« Dropper.Gen | C:\Windows\system32\svchost.exe. »


Ähnliche Themen: evtl. Package.Generic.200


  1. Trojan.GenericKD.2269178 (B) + Trojan.Generic.13051484 (B) + Trojan.Generic.12905642 (B)
    Log-Analyse und Auswertung - 10.04.2015 (12)
  2. Unistall-Vo-package (Malware/Virus?) bei Win7 64 bit /Malware-Adware gelöscht -Danke!
    Lob, Kritik und Wünsche - 06.07.2014 (1)
  3. Unistall-Vo-package (Malware/Virus?) bei Win7 64 bit
    Plagegeister aller Art und deren Bekämpfung - 06.07.2014 (33)
  4. Evtl Schädling auf PC
    Plagegeister aller Art und deren Bekämpfung - 18.06.2014 (18)
  5. ZoneAlarm hat zwei Viren gefunden: HEUR:Exploit.Script.Generic und HEUR:Exploit.Java.Generic
    Log-Analyse und Auswertung - 21.02.2014 (15)
  6. simdemo.exe mit Trojaner Generic 22.BSSM & Generic 26.KCB
    Log-Analyse und Auswertung - 28.12.2011 (7)
  7. Generic Host Process for Win32 Services hat ein Problem festgestellt = W32/Generic.worm!p2p
    Log-Analyse und Auswertung - 06.09.2011 (25)
  8. Evtl Trojaner ?
    Log-Analyse und Auswertung - 29.04.2011 (1)
  9. Generic, Dropper.Generic, Downloader.Generic gefunden
    Plagegeister aller Art und deren Bekämpfung - 09.08.2010 (21)
  10. Evtl. Infektion?
    Plagegeister aller Art und deren Bekämpfung - 18.02.2010 (3)
  11. Trojan.Agent (evtl. Trojan.Generic)
    Plagegeister aller Art und deren Bekämpfung - 09.12.2009 (1)
  12. Package.Generic.200 hilfe bitte
    Plagegeister aller Art und deren Bekämpfung - 24.05.2009 (35)
  13. evtl. Trojaner
    Log-Analyse und Auswertung - 01.09.2008 (6)
  14. HiJackLogFile, Generic 3 und Back Door, Generic 6 laut AVG gefunden
    Log-Analyse und Auswertung - 21.06.2007 (4)
  15. windows driver package msn ????
    Alles rund um Windows - 04.12.2006 (8)
  16. windows driver package msn
    Mülltonne - 29.11.2006 (1)
  17. evtl. Virus?
    Log-Analyse und Auswertung - 02.05.2005 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema evtl. Package.Generic.200 - Hallo Profis ^^ Seit gestern habe ich ein Problem, ich denke das sich etwas in meinem System eingeschlichen hat. Irgendwie hat das alles ziemliche paraleelen zu diesem Beitrag finde ich - evtl. Package.Generic.200...
Archiv
Du betrachtest: evtl. Package.Generic.200 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58