Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TR/Patched.Gen [trojan] plagt mich seit gestern

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.12.2009, 20:07   #1
nenchen
 
TR/Patched.Gen [trojan] plagt mich seit gestern - Standard

TR/Patched.Gen [trojan] plagt mich seit gestern



also, ich bin wirklich keine expertin bei sowas. hab seit gestern diesen trojaner und werd ihn net los. habe mich also schon im forum etwas informiert. Malware und antivir lief schon durch.

Malware:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.41
Datenbank Version: 2945
Windows 6.0.6001 Service Pack 1

08/12/2009 19:39:04
mbam-log-2009-12-08 (19-39-04).txt

Scan-Methode: Vollständiger Scan (C:\|D:\|)
Durchsuchte Objekte: 268269
Laufzeit: 1 hour(s), 45 minute(s), 59 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         

Antivir

Code:
ATTFilter
Avira AntiVir Personal
Report file date: 08 December 2009  19:46

Scanning for 1422043 virus strains and unwanted programs.

Licensee        : Avira AntiVir Personal - FREE Antivirus
Serial number   : 0000149996-ADJIE-0000001
Platform        : Windows Vista
Windows version : (Service Pack 1)  [6.0.6001]
Boot mode       : Normally booted
Username        : SYSTEM
Computer name   : ASUSLEIN

Version information:
BUILD.DAT       : 9.0.0.418     21723 Bytes  02/12/2009 16:28:00
AVSCAN.EXE      : 9.0.3.10     466689 Bytes  25/11/2009 15:34:26
AVSCAN.DLL      : 9.0.3.0       40705 Bytes  27/02/2009 06:58:24
LUKE.DLL        : 9.0.3.2      209665 Bytes  20/02/2009 07:35:49
LUKERES.DLL     : 9.0.2.0       12033 Bytes  27/02/2009 06:58:52
VBASE000.VDF    : 7.10.0.0   19875328 Bytes  06/11/2009 15:34:24
VBASE001.VDF    : 7.10.1.0    1372672 Bytes  19/11/2009 15:34:25
VBASE002.VDF    : 7.10.1.1       2048 Bytes  19/11/2009 15:34:25
VBASE003.VDF    : 7.10.1.2       2048 Bytes  19/11/2009 15:34:25
VBASE004.VDF    : 7.10.1.3       2048 Bytes  19/11/2009 15:34:25
VBASE005.VDF    : 7.10.1.4       2048 Bytes  19/11/2009 15:34:25
VBASE006.VDF    : 7.10.1.5       2048 Bytes  19/11/2009 15:34:25
VBASE007.VDF    : 7.10.1.6       2048 Bytes  19/11/2009 15:34:25
VBASE008.VDF    : 7.10.1.7       2048 Bytes  19/11/2009 15:34:25
VBASE009.VDF    : 7.10.1.8       2048 Bytes  19/11/2009 15:34:26
VBASE010.VDF    : 7.10.1.9       2048 Bytes  19/11/2009 15:34:26
VBASE011.VDF    : 7.10.1.10      2048 Bytes  19/11/2009 15:34:26
VBASE012.VDF    : 7.10.1.11      2048 Bytes  19/11/2009 15:34:26
VBASE013.VDF    : 7.10.1.79    209920 Bytes  25/11/2009 15:34:26
VBASE014.VDF    : 7.10.1.128    197632 Bytes  30/11/2009 17:50:33
VBASE015.VDF    : 7.10.1.178    195584 Bytes  07/12/2009 19:06:31
VBASE016.VDF    : 7.10.1.179      2048 Bytes  07/12/2009 19:06:31
VBASE017.VDF    : 7.10.1.180      2048 Bytes  07/12/2009 19:06:31
VBASE018.VDF    : 7.10.1.181      2048 Bytes  07/12/2009 19:06:31
VBASE019.VDF    : 7.10.1.182      2048 Bytes  07/12/2009 19:06:31
VBASE020.VDF    : 7.10.1.183      2048 Bytes  07/12/2009 19:06:32
VBASE021.VDF    : 7.10.1.184      2048 Bytes  07/12/2009 19:06:32
VBASE022.VDF    : 7.10.1.185      2048 Bytes  07/12/2009 19:06:32
VBASE023.VDF    : 7.10.1.186      2048 Bytes  07/12/2009 19:06:32
VBASE024.VDF    : 7.10.1.187      2048 Bytes  07/12/2009 19:06:32
VBASE025.VDF    : 7.10.1.188      2048 Bytes  07/12/2009 19:06:32
VBASE026.VDF    : 7.10.1.189      2048 Bytes  07/12/2009 19:06:32
VBASE027.VDF    : 7.10.1.190      2048 Bytes  07/12/2009 19:06:32
VBASE028.VDF    : 7.10.1.191      2048 Bytes  07/12/2009 19:06:32
VBASE029.VDF    : 7.10.1.192      2048 Bytes  07/12/2009 19:06:32
VBASE030.VDF    : 7.10.1.193      2048 Bytes  07/12/2009 19:06:32
VBASE031.VDF    : 7.10.1.194     19456 Bytes  07/12/2009 19:06:32
Engineversion   : 8.2.1.102
AEVDF.DLL       : 8.1.1.2      106867 Bytes  16/09/2009 15:49:32
AESCRIPT.DLL    : 8.1.2.45     586108 Bytes  25/11/2009 15:34:26
AESCN.DLL       : 8.1.2.5      127346 Bytes  05/09/2009 11:28:46
AESBX.DLL       : 8.1.1.1      246132 Bytes  25/11/2009 15:34:26
AERDL.DLL       : 8.1.3.4      479605 Bytes  01/12/2009 17:50:36
AEPACK.DLL      : 8.2.0.3      422261 Bytes  06/11/2009 09:51:23
AEOFFICE.DLL    : 8.1.0.38     196987 Bytes  17/06/2009 19:18:28
AEHEUR.DLL      : 8.1.0.186   2183544 Bytes  07/12/2009 19:06:35
AEHELP.DLL      : 8.1.8.0      237942 Bytes  07/12/2009 19:06:33
AEGEN.DLL       : 8.1.1.80     364917 Bytes  07/12/2009 19:06:33
AEEMU.DLL       : 8.1.1.0      393587 Bytes  03/10/2009 00:28:20
AECORE.DLL      : 8.1.8.5      180598 Bytes  02/12/2009 17:50:34
AEBB.DLL        : 8.1.0.3       53618 Bytes  09/10/2008 10:32:40
AVWINLL.DLL     : 9.0.0.3       18177 Bytes  12/12/2008 04:47:59
AVPREF.DLL      : 9.0.3.0       44289 Bytes  08/09/2009 14:24:52
AVREP.DLL       : 8.0.0.3      155905 Bytes  20/01/2009 10:34:28
AVREG.DLL       : 9.0.0.0       36609 Bytes  05/12/2008 06:32:09
AVARKT.DLL      : 9.0.0.3      292609 Bytes  28/04/2009 21:25:17
AVEVTLOG.DLL    : 9.0.0.7      167169 Bytes  30/01/2009 06:37:08
SQLITE3.DLL     : 3.6.1.0      326401 Bytes  28/01/2009 11:03:49
SMTPLIB.DLL     : 9.2.0.25      28417 Bytes  02/02/2009 04:21:33
NETNT.DLL       : 9.0.0.0       11521 Bytes  05/12/2008 06:32:10
RCIMAGE.DLL     : 9.0.0.25    2438913 Bytes  09/06/2009 18:51:22
RCTEXT.DLL      : 9.0.73.0      86785 Bytes  25/11/2009 15:34:15

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:, 
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: 08 December 2009  19:46

Starting search for hidden objects.
'137066' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'SearchProtocolHost.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'RacAgent.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'notepad.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe.exe' - '1' Module(s) have been scanned
Scan process 'MpCmdRun.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'mobsync.exe' - '1' Module(s) have been scanned
Scan process 'WmiPrvSE.exe' - '1' Module(s) have been scanned
Scan process 'CCC.exe' - '1' Module(s) have been scanned
Scan process 'WUDFHost.exe' - '1' Module(s) have been scanned
Scan process 'Ymsgr_tray.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'MOM.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'KBFiltr.exe' - '1' Module(s) have been scanned
Scan process 'winampa.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned
Scan process 'ASScrPro.exe' - '1' Module(s) have been scanned
Scan process 'ASUSTPE.exe' - '1' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '1' Module(s) have been scanned
Scan process 'ATKOSD.exe' - '1' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'spmgr.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'PIFSvc.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'BatteryLife.exe' - '1' Module(s) have been scanned
Scan process 'DMedia.exe' - '1' Module(s) have been scanned
Scan process 'sm56hlpr.exe' - '1' Module(s) have been scanned
Scan process 'RtHDVCpl.exe' - '1' Module(s) have been scanned
Scan process 'wcourier.exe' - '1' Module(s) have been scanned
Scan process 'MSASCui.exe' - '1' Module(s) have been scanned
Scan process 'cvpnd.exe' - '1' Module(s) have been scanned
Scan process 'AluSchedulerSvc.exe' - '1' Module(s) have been scanned
Scan process 'ATKOSD2.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'HControl.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'dwm.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'taskeng.exe' - '1' Module(s) have been scanned
Scan process 'ASLDRSrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SLsvc.exe' - '1' Module(s) have been scanned
Scan process 'audiodg.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'lsm.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'wininit.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
72 processes with 72 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!
Master boot sector HD1
    [INFO]      No virus was found!
    [INFO]      Please restart the search with Administrator rights

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '43' files ).


Starting the file scan:

Begin scan in 'C:\' <VistaOS>
C:\hiberfil.sys
    [WARNING]   The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\pagefile.sys
    [WARNING]   The file could not be opened!
    [NOTE]      This file is a Windows system file.
    [NOTE]      This file cannot be opened for scanning.
C:\$Recycle.Bin\S-1-5-21-2421265933-3928522904-714593275-1000\$RTKA07N\Desperate.Housewives.S06E09.HDTV.XviD GOLD-P0W4.avi
    [DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
C:\Users\Nena\AppData\Local\Temp\c.exe
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
C:\Users\Nena\AppData\Local\Temp\jar_cache333871254503531568.tmp
  [0] Archive type: ZIP
    --> myf/y/PayloadX.class
      [DETECTION] Contains recognition pattern of the JAVA/OpenStream.AD Java virus
C:\Windows\System32\drivers\atapi.sys
    [DETECTION] Is the TR/Patched.Gen Trojan
C:\Windows\System32\drivers\sptd.sys
    [WARNING]   The file could not be opened!
Begin scan in 'D:\' <DATA>

Beginning disinfection:
C:\$Recycle.Bin\S-1-5-21-2421265933-3928522904-714593275-1000\$RTKA07N\Desperate.Housewives.S06E09.HDTV.XviD GOLD-P0W4.avi
    [DETECTION] Contains recognition pattern of the EXP/ASF.GetCodec.Gen exploit
    [NOTE]      The file was moved to '4b91b0ad.qua'!
C:\Users\Nena\AppData\Local\Temp\c.exe
    [DETECTION] Is the TR/Crypt.ZPACK.Gen Trojan
    [NOTE]      The file was moved to '4b83b09e.qua'!
C:\Users\Nena\AppData\Local\Temp\jar_cache333871254503531568.tmp
    [NOTE]      The file was moved to '4b90b0d1.qua'!
C:\Windows\System32\drivers\atapi.sys
    [DETECTION] Is the TR/Patched.Gen Trojan
    [NOTE]      The file was moved to '4b7fb0e4.qua'!


End of the scan: 08 December 2009  21:00
Used time:  1:12:30 Hour(s)

The scan has been done completely.

  23832 Scanned directories
 406721 Files were scanned
      4 Viruses and/or unwanted programs were found
      0 Files were classified as suspicious
      0 files were deleted
      0 Viruses and unwanted programs were repaired
      4 Files were moved to quarantine
      0 Files were renamed
      3 Files cannot be scanned
 406714 Files not concerned
   2740 Archives were scanned
      3 Warnings
      6 Notes
 137066 Objects were scanned with rootkit scan
      0 Hidden objects were found
         
systemwiederherstellung is schon ausgestellt. CCleaner lief auch schon durch.
was nun?

LG

Geändert von nenchen (08.12.2009 um 20:42 Uhr)

Alt 09.12.2009, 12:43   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Patched.Gen [trojan] plagt mich seit gestern - Standard

TR/Patched.Gen [trojan] plagt mich seit gestern



Hallo und

Bitte diese Liste beachten und abarbeiten. (MalwareBytes weglassen)

Wichtig für Benutzer mit Windows Vista und Windows 7: Bitte alle Tools per Rechtsklick => Als Admin ausführen!


Die Logfiles kannst Du zB alle in eine Datei zippen und auf File-Upload.net hochladen und hier verlinken, denn 1. sind manche Logfiles fürs Board nämlich zu groß und 2. kann ich mit einem Klick mir gleich alle auf einmal runterladen.
__________________

__________________

Antwort

Themen zu TR/Patched.Gen [trojan] plagt mich seit gestern
.dll, 0 bytes, administrator, anti-malware, antivir, appdata, audiodg.exe, avg, avgnt.exe, ccc.exe, csrss.exe, dateien, desktop, dwm.exe, explorer.exe, file, firefox.exe, forum, free, jar_cache, jusched.exe, local\temp, lsass.exe, malware, mom.exe, moved, notepad.exe, nt.dll, recycle.bin, registrierungsschlüssel, services.exe, spoolsv.exe, svchost.exe, system32, temp, tr/patched.gen, trojan, trojaner, virus, warning, windows system, wuauclt.exe



Ähnliche Themen: TR/Patched.Gen [trojan] plagt mich seit gestern


  1. Win 7 Sp1 64Bit. Ein Trojaner plagt mich.
    Log-Analyse und Auswertung - 09.08.2015 (9)
  2. Qvo6 plagt mich in meinen Browsern! Was tun?
    Plagegeister aller Art und deren Bekämpfung - 09.11.2013 (25)
  3. GVU Trojaner mit Foto seit gestern
    Plagegeister aller Art und deren Bekämpfung - 28.04.2013 (14)
  4. Windwosverschlüsselungstrojaner -seit gestern Abend
    Log-Analyse und Auswertung - 28.06.2012 (5)
  5. seit gestern Fehlermeldung bei Windowsstart
    Plagegeister aller Art und deren Bekämpfung - 15.01.2012 (5)
  6. TR/Patched.Gen2Hallo erstmal :) und zwar gehts um folgendes, als ich gestern mein Computer startete
    Antiviren-, Firewall- und andere Schutzprogramme - 05.12.2010 (10)
  7. Problem mit dem ICQ Virus plagt mich auch
    Plagegeister aller Art und deren Bekämpfung - 15.04.2010 (4)
  8. PC lahmt seit gestern :(
    Log-Analyse und Auswertung - 16.04.2009 (24)
  9. TR/Rootkit.Gen plagt mich
    Plagegeister aller Art und deren Bekämpfung - 10.02.2009 (10)
  10. Trojanische Pferd TR/Crypt.XPACK.Gen plagt mich auch!
    Plagegeister aller Art und deren Bekämpfung - 09.12.2008 (1)
  11. Pc seit gestern langsam. Virus?
    Mülltonne - 12.11.2008 (0)
  12. Favoriten sind seit gestern weg....
    Plagegeister aller Art und deren Bekämpfung - 05.05.2008 (15)
  13. Hilfe! Ominöser Trojaner plagt mich
    Log-Analyse und Auswertung - 01.04.2008 (6)
  14. Seit gestern erhebliche Probleme
    Log-Analyse und Auswertung - 27.12.2007 (1)
  15. InternetProbleme seit gestern..
    Plagegeister aller Art und deren Bekämpfung - 14.08.2006 (3)
  16. Bitte um Hilfe small.GA.7 plagt mich
    Log-Analyse und Auswertung - 09.01.2006 (8)
  17. Trojaner TR/Dldr.Dyfuca.DB plagt mich
    Plagegeister aller Art und deren Bekämpfung - 24.04.2005 (6)

Zum Thema TR/Patched.Gen [trojan] plagt mich seit gestern - also, ich bin wirklich keine expertin bei sowas. hab seit gestern diesen trojaner und werd ihn net los. habe mich also schon im forum etwas informiert. Malware und antivir lief - TR/Patched.Gen [trojan] plagt mich seit gestern...
Archiv
Du betrachtest: TR/Patched.Gen [trojan] plagt mich seit gestern auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.