Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen

XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen


Plagegeister aller Art und deren Bekämpfung: XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 03.02.2010, 13:23   #11
JJey
 
XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen - Standard

XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen


servus,

hier das LOG:

Code:
ATTFilter
13:19:42:281 1620	TDSS rootkit removing tool 2.2.2 Jan 13 2010 08:42:25
13:19:42:281 1620	================================================================================
13:19:42:281 1620	SystemInfo:

13:19:42:281 1620	OS Version: 5.1.2600 ServicePack: 3.0
13:19:42:281 1620	Product type: Workstation
13:19:42:281 1620	ComputerName: ***
13:19:42:281 1620	UserName: ******a
13:19:42:281 1620	Windows directory: C:\WINDOWS
13:19:42:281 1620	Processor architecture: Intel x86
13:19:42:281 1620	Number of processors: 2
13:19:42:281 1620	Page size: 0x1000
13:19:42:281 1620	Boot type: Normal boot
13:19:42:281 1620	================================================================================
13:19:42:296 1620	UnloadDriverW: NtUnloadDriver error 2
13:19:42:296 1620	ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
13:19:42:312 1620	MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000
13:19:42:328 1620	UtilityInit: KLMD drop and load success
13:19:42:328 1620	KLMD_OpenDevice: Trying to open KLMD Device(KLMD201000)
13:19:42:328 1620	UtilityInit: KLMD open success
13:19:42:328 1620	UtilityInit: Initialize success
13:19:42:328 1620	
13:19:42:328 1620	Scanning	Services ...
13:19:42:328 1620	CreateRegParser: Registry parser init started
13:19:42:328 1620	DisableWow64Redirection: GetProcAddress(Wow64DisableWow64FsRedirection) error 127
13:19:42:328 1620	CreateRegParser: DisableWow64Redirection error
13:19:42:328 1620	wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system
13:19:42:328 1620	MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\system) returned status C0000043
13:19:42:328 1620	wfopen_ex: MyNtCreateFileW error 32 (C0000043)
13:19:42:328 1620	wfopen_ex: Trying to KLMD file open
13:19:42:328 1620	KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\system
13:19:42:328 1620	wfopen_ex: File opened ok (Flags 2)
13:19:42:328 1620	CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\system) init success: 3849D0
13:19:42:328 1620	wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software
13:19:42:328 1620	MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\config\software) returned status C0000043
13:19:42:328 1620	wfopen_ex: MyNtCreateFileW error 32 (C0000043)
13:19:42:328 1620	wfopen_ex: Trying to KLMD file open
13:19:42:328 1620	KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\config\software
13:19:42:328 1620	wfopen_ex: File opened ok (Flags 2)
13:19:42:328 1620	CreateRegParser: HIVE_ADAPTER(C:\WINDOWS\system32\config\software) init success: 384A78
13:19:42:328 1620	EnableWow64Redirection: GetProcAddress(Wow64RevertWow64FsRedirection) error 127
13:19:42:328 1620	CreateRegParser: EnableWow64Redirection error
13:19:42:328 1620	CreateRegParser: RegParser init completed
13:19:42:609 1620	GetAdvancedServicesInfo: Raw services enum returned 375 services
13:19:42:609 1620	fclose_ex: Trying to close file C:\WINDOWS\system32\config\system
13:19:42:609 1620	fclose_ex: Trying to close file C:\WINDOWS\system32\config\software
13:19:42:609 1620	
13:19:42:609 1620	Scanning	Kernel memory ...
13:19:42:609 1620	KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk
13:19:42:609 1620	DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 89C13030
13:19:42:609 1620	DetectCureTDL3: KLMD_GetDeviceObjectList returned 6 DevObjects
13:19:42:609 1620	
13:19:42:609 1620	DetectCureTDL3: DEVICE_OBJECT: 88FF0C68
13:19:42:609 1620	KLMD_GetLowerDeviceObject: Trying to get lower device object for 88FF0C68
13:19:42:609 1620	KLMD_ReadMem: Trying to ReadMemory 0x88FF0C68[0x38]
13:19:42:609 1620	DetectCureTDL3: DRIVER_OBJECT: 89C13030
13:19:42:609 1620	KLMD_ReadMem: Trying to ReadMemory 0x89C13030[0xA8]
13:19:42:609 1620	KLMD_ReadMem: Trying to ReadMemory 0xE1603D78[0x18]
13:19:42:609 1620	DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
13:19:42:609 1620	DetectCureTDL3: IrpHandler (0) addr: F765DBB0
13:19:42:609 1620	DetectCureTDL3: IrpHandler (1) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (2) addr: F765DBB0
13:19:42:609 1620	DetectCureTDL3: IrpHandler (3) addr: F7657D1F
13:19:42:609 1620	DetectCureTDL3: IrpHandler (4) addr: F7657D1F
13:19:42:609 1620	DetectCureTDL3: IrpHandler (5) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (6) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (7) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (8) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (9) addr: F76582E2
13:19:42:609 1620	DetectCureTDL3: IrpHandler (10) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (11) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (12) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (13) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (14) addr: F76583BB
13:19:42:609 1620	DetectCureTDL3: IrpHandler (15) addr: F765BF28
13:19:42:609 1620	DetectCureTDL3: IrpHandler (16) addr: F76582E2
13:19:42:609 1620	DetectCureTDL3: IrpHandler (17) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (18) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (19) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (20) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (21) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (22) addr: F7659C82
13:19:42:609 1620	DetectCureTDL3: IrpHandler (23) addr: F765E99E
13:19:42:609 1620	DetectCureTDL3: IrpHandler (24) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (25) addr: 804F9739
13:19:42:609 1620	DetectCureTDL3: IrpHandler (26) addr: 804F9739
13:19:42:609 1620	TDL3_FileDetect: Processing driver: Disk
13:19:42:609 1620	TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys
13:19:42:609 1620	KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys
13:19:42:656 1620	TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
13:19:42:656 1620	
13:19:42:656 1620	DetectCureTDL3: DEVICE_OBJECT: 88FE8AB8
13:19:42:656 1620	KLMD_GetLowerDeviceObject: Trying to get lower device object for 88FE8AB8
13:19:42:656 1620	DetectCureTDL3: DEVICE_OBJECT: 88FF6030
13:19:42:656 1620	KLMD_GetLowerDeviceObject: Trying to get lower device object for 88FF6030
13:19:42:656 1620	KLMD_ReadMem: Trying to ReadMemory 0x88FF6030[0x38]
13:19:42:656 1620	DetectCureTDL3: DRIVER_OBJECT: 894BC790
13:19:42:656 1620	KLMD_ReadMem: Trying to ReadMemory 0x894BC790[0xA8]
13:19:42:656 1620	KLMD_ReadMem: Trying to ReadMemory 0xE50BD738[0x1E]
13:19:42:656 1620	DetectCureTDL3: DRIVER_OBJECT name: \Driver\USBSTOR, Driver Name: USBSTOR
13:19:42:656 1620	DetectCureTDL3: IrpHandler (0) addr: 88FEA1F8
13:19:42:656 1620	DetectCureTDL3: IrpHandler (1) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (2) addr: 88FEA1F8
13:19:42:656 1620	DetectCureTDL3: IrpHandler (3) addr: 88FEA1F8
13:19:42:656 1620	DetectCureTDL3: IrpHandler (4) addr: 88FEA1F8
13:19:42:656 1620	DetectCureTDL3: IrpHandler (5) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (6) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (7) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (8) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (9) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (10) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (11) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (12) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (13) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (14) addr: 88FEA1F8
13:19:42:656 1620	DetectCureTDL3: IrpHandler (15) addr: 88FEA1F8
13:19:42:656 1620	DetectCureTDL3: IrpHandler (16) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (17) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (18) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (19) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (20) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (21) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (22) addr: 88FEA1F8
13:19:42:656 1620	DetectCureTDL3: IrpHandler (23) addr: 88FEA1F8
13:19:42:656 1620	DetectCureTDL3: IrpHandler (24) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (25) addr: 804F9739
13:19:42:656 1620	DetectCureTDL3: IrpHandler (26) addr: 804F9739
13:19:42:656 1620	KLMD_ReadMem: Trying to ReadMemory 0xF77A8F26[0x400]
13:19:42:656 1620	TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0
13:19:42:656 1620	TDL3_FileDetect: Processing driver: USBSTOR
13:19:42:656 1620	TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:19:42:656 1620	KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:19:42:671 1620	TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: Clean
13:19:42:671 1620	
13:19:42:671 1620	DetectCureTDL3: DEVICE_OBJECT: 89AE9030
13:19:42:671 1620	KLMD_GetLowerDeviceObject: Trying to get lower device object for 89AE9030
13:19:42:671 1620	KLMD_ReadMem: Trying to ReadMemory 0x89AE9030[0x38]
13:19:42:671 1620	DetectCureTDL3: DRIVER_OBJECT: 89C13030
13:19:42:671 1620	KLMD_ReadMem: Trying to ReadMemory 0x89C13030[0xA8]
13:19:42:671 1620	KLMD_ReadMem: Trying to ReadMemory 0xE1603D78[0x18]
13:19:42:671 1620	DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
13:19:42:671 1620	DetectCureTDL3: IrpHandler (0) addr: F765DBB0
13:19:42:671 1620	DetectCureTDL3: IrpHandler (1) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (2) addr: F765DBB0
13:19:42:671 1620	DetectCureTDL3: IrpHandler (3) addr: F7657D1F
13:19:42:671 1620	DetectCureTDL3: IrpHandler (4) addr: F7657D1F
13:19:42:671 1620	DetectCureTDL3: IrpHandler (5) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (6) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (7) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (8) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (9) addr: F76582E2
13:19:42:671 1620	DetectCureTDL3: IrpHandler (10) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (11) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (12) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (13) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (14) addr: F76583BB
13:19:42:671 1620	DetectCureTDL3: IrpHandler (15) addr: F765BF28
13:19:42:671 1620	DetectCureTDL3: IrpHandler (16) addr: F76582E2
13:19:42:671 1620	DetectCureTDL3: IrpHandler (17) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (18) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (19) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (20) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (21) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (22) addr: F7659C82
13:19:42:671 1620	DetectCureTDL3: IrpHandler (23) addr: F765E99E
13:19:42:671 1620	DetectCureTDL3: IrpHandler (24) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (25) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (26) addr: 804F9739
13:19:42:671 1620	TDL3_FileDetect: Processing driver: Disk
13:19:42:671 1620	TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys
13:19:42:671 1620	KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys
13:19:42:671 1620	TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
13:19:42:671 1620	
13:19:42:671 1620	DetectCureTDL3: DEVICE_OBJECT: 89AE7A28
13:19:42:671 1620	KLMD_GetLowerDeviceObject: Trying to get lower device object for 89AE7A28
13:19:42:671 1620	KLMD_ReadMem: Trying to ReadMemory 0x89AE7A28[0x38]
13:19:42:671 1620	DetectCureTDL3: DRIVER_OBJECT: 89C13030
13:19:42:671 1620	KLMD_ReadMem: Trying to ReadMemory 0x89C13030[0xA8]
13:19:42:671 1620	KLMD_ReadMem: Trying to ReadMemory 0xE1603D78[0x18]
13:19:42:671 1620	DetectCureTDL3: DRIVER_OBJECT name: \Driver\Disk, Driver Name: Disk
13:19:42:671 1620	DetectCureTDL3: IrpHandler (0) addr: F765DBB0
13:19:42:671 1620	DetectCureTDL3: IrpHandler (1) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (2) addr: F765DBB0
13:19:42:671 1620	DetectCureTDL3: IrpHandler (3) addr: F7657D1F
13:19:42:671 1620	DetectCureTDL3: IrpHandler (4) addr: F7657D1F
13:19:42:671 1620	DetectCureTDL3: IrpHandler (5) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (6) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (7) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (8) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (9) addr: F76582E2
13:19:42:671 1620	DetectCureTDL3: IrpHandler (10) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (11) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (12) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (13) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (14) addr: F76583BB
13:19:42:671 1620	DetectCureTDL3: IrpHandler (15) addr: F765BF28
13:19:42:671 1620	DetectCureTDL3: IrpHandler (16) addr: F76582E2
13:19:42:671 1620	DetectCureTDL3: IrpHandler (17) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (18) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (19) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (20) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (21) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (22) addr: F7659C82
13:19:42:671 1620	DetectCureTDL3: IrpHandler (23) addr: F765E99E
13:19:42:671 1620	DetectCureTDL3: IrpHandler (24) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (25) addr: 804F9739
13:19:42:671 1620	DetectCureTDL3: IrpHandler (26) addr: 804F9739
13:19:42:671 1620	TDL3_FileDetect: Processing driver: Disk
13:19:42:671 1620	TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\disk.sys
13:19:42:671 1620	KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\disk.sys
13:19:42:687 1620	TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
13:19:42:687 1620	
13:19:42:687 1620	DetectCureTDL3: DEVICE_OBJECT: 89B20AB8
13:19:42:687 1620	KLMD_GetLowerDeviceObject: Trying to get lower device object for 89B20AB8
13:19:42:687 1620	DetectCureTDL3: DEVICE_OBJECT: 89AE5D98
13:19:42:687 1620	KLMD_GetLowerDeviceObject: Trying to get lower device object for 89AE5D98
13:19:42:687 1620	KLMD_ReadMem: Trying to ReadMemory 0x89AE5D98[0x38]
13:19:42:687 1620	DetectCureTDL3: DRIVER_OBJECT: 89B25850
13:19:42:687 1620	KLMD_ReadMem: Trying to ReadMemory 0x89B25850[0xA8]
13:19:42:687 1620	KLMD_ReadMem: Trying to ReadMemory 0xE1016B90[0x1A]
13:19:42:687 1620	DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi
13:19:42:687 1620	DetectCureTDL3: IrpHandler (0) addr: F7833B40
13:19:42:687 1620	DetectCureTDL3: IrpHandler (1) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (2) addr: F7833B40
13:19:42:687 1620	DetectCureTDL3: IrpHandler (3) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (4) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (5) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (6) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (7) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (8) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (9) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (10) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (11) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (12) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (13) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (14) addr: F7833B40
13:19:42:687 1620	DetectCureTDL3: IrpHandler (15) addr: F7833B40
13:19:42:687 1620	DetectCureTDL3: IrpHandler (16) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (17) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (18) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (19) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (20) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (21) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (22) addr: F7833B40
13:19:42:687 1620	DetectCureTDL3: IrpHandler (23) addr: F7833B40
13:19:42:687 1620	DetectCureTDL3: IrpHandler (24) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (25) addr: 804F9739
13:19:42:687 1620	DetectCureTDL3: IrpHandler (26) addr: 804F9739
13:19:42:687 1620	KLMD_ReadMem: Trying to ReadMemory 0xF7831864[0x400]
13:19:42:687 1620	TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0
13:19:42:687 1620	TDL3_FileDetect: Processing driver: atapi
13:19:42:687 1620	TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys
13:19:42:687 1620	KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\atapi.sys
13:19:42:703 1620	TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\atapi.sys - Verdict: Clean
13:19:42:703 1620	
13:19:42:703 1620	DetectCureTDL3: DEVICE_OBJECT: 89AECAB8
13:19:42:703 1620	KLMD_GetLowerDeviceObject: Trying to get lower device object for 89AECAB8
13:19:42:703 1620	DetectCureTDL3: DEVICE_OBJECT: 89AEDB00
13:19:42:703 1620	KLMD_GetLowerDeviceObject: Trying to get lower device object for 89AEDB00
13:19:42:703 1620	KLMD_ReadMem: Trying to ReadMemory 0x89AEDB00[0x38]
13:19:42:703 1620	DetectCureTDL3: DRIVER_OBJECT: 89B25850
13:19:42:703 1620	KLMD_ReadMem: Trying to ReadMemory 0x89B25850[0xA8]
13:19:42:703 1620	KLMD_ReadMem: Trying to ReadMemory 0xE1016B90[0x1A]
13:19:42:703 1620	DetectCureTDL3: DRIVER_OBJECT name: \Driver\atapi, Driver Name: atapi
13:19:42:703 1620	DetectCureTDL3: IrpHandler (0) addr: F7833B40
13:19:42:703 1620	DetectCureTDL3: IrpHandler (1) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (2) addr: F7833B40
13:19:42:703 1620	DetectCureTDL3: IrpHandler (3) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (4) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (5) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (6) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (7) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (8) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (9) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (10) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (11) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (12) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (13) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (14) addr: F7833B40
13:19:42:703 1620	DetectCureTDL3: IrpHandler (15) addr: F7833B40
13:19:42:703 1620	DetectCureTDL3: IrpHandler (16) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (17) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (18) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (19) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (20) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (21) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (22) addr: F7833B40
13:19:42:703 1620	DetectCureTDL3: IrpHandler (23) addr: F7833B40
13:19:42:703 1620	DetectCureTDL3: IrpHandler (24) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (25) addr: 804F9739
13:19:42:703 1620	DetectCureTDL3: IrpHandler (26) addr: 804F9739
13:19:42:703 1620	KLMD_ReadMem: Trying to ReadMemory 0xF7831864[0x400]
13:19:42:703 1620	TDL3_StartIoHookDetect: CheckParameters: 0, 00000000, 0
13:19:42:703 1620	TDL3_FileDetect: Processing driver: atapi
13:19:42:703 1620	TDL3_FileDetect: Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys
13:19:42:703 1620	KLMD_CreateFileW: Trying to open file C:\WINDOWS\system32\DRIVERS\atapi.sys
13:19:42:703 1620	TDL3_FileDetect: C:\WINDOWS\system32\DRIVERS\atapi.sys - Verdict: Clean
13:19:42:703 1620	
13:19:42:703 1620	Completed
13:19:42:703 1620	
13:19:42:703 1620	Results:
13:19:42:703 1620	Memory objects infected / cured / cured on reboot:	0 / 0 / 0
13:19:42:703 1620	Registry objects infected / cured / cured on reboot:	0 / 0 / 0
13:19:42:703 1620	File objects infected / cured / cured on reboot:	0 / 0 / 0
13:19:42:703 1620	
13:19:42:703 1620	MyNtCreateFileW: NtCreateFile(\??\C:\WINDOWS\system32\drivers\klmd.sys) returned status 00000000
13:19:42:703 1620	UtilityDeinit: KLMD(ARK) unloaded successfully

 

Themen zu XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen
ad-aware, ad-watch, antivir, antivir guard, avira, bho, browser, checkpoint, control center, desktop, exe, exe datei, google, hijackthis, hkus\s-1-5-18, home, internet explorer, internet security, malware, nicht öffnen, problem, security, senden, server, software, trojaner, trojaner-bnk.win.32.keylogger.gen, windows, windows xp, xp internet security, xp internet security 2010


« Schwarzer bildschirm | svchost.exe verursacht kontinuierlich 50% CPU-Auslastung »


Ähnliche Themen: XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen


  1. Win 7 Internet Security 2010 wie Entfernen ?
    Plagegeister aller Art und deren Bekämpfung - 23.06.2011 (1)
  2. Ist PC nach Trojaner Internet Security 2010 wieder sauber?
    Plagegeister aller Art und deren Bekämpfung - 07.03.2011 (11)
  3. Security Inspector 2010 entfernen
    Anleitungen, FAQs & Links - 08.11.2010 (2)
  4. Tagungsband zur Fachkonferenz D.A.CH Security 2010
    Nachrichten - 20.09.2010 (0)
  5. Antivirus 2010 Security Centre entfernen
    Anleitungen, FAQs & Links - 29.07.2010 (2)
  6. security essentials 2010 entfernen
    Plagegeister aller Art und deren Bekämpfung - 31.05.2010 (2)
  7. Desktop security 2010 nicht zu entfernen?
    Plagegeister aller Art und deren Bekämpfung - 13.05.2010 (11)
  8. Desktop Security 2010 entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.05.2010 (1)
  9. Desktop Security 2010 entfernen
    Anleitungen, FAQs & Links - 29.03.2010 (2)
  10. XP Internet Security 2010 / Antivirus Vista 2010 / Win 7 Antispyware 2010 entfernen
    Anleitungen, FAQs & Links - 22.02.2010 (2)
  11. Security Essentials 2010 entfernen
    Anleitungen, FAQs & Links - 18.02.2010 (2)
  12. KiS 2010 meldet PDM.Keylogger
    Plagegeister aller Art und deren Bekämpfung - 11.02.2010 (3)
  13. internet security 2010 registry etwas gelöscht nun schwarzer bildschirm
    Antiviren-, Firewall- und andere Schutzprogramme - 09.02.2010 (1)
  14. Norton Internet Security 2010 startet nicht mehr !
    Antiviren-, Firewall- und andere Schutzprogramme - 27.01.2010 (3)
  15. Nach Befall mit Internet Security 2010: Treiber für LAN, WLAN, Bluetooth defekt
    Plagegeister aller Art und deren Bekämpfung - 25.01.2010 (1)
  16. Programm "Internet Security 2010" eingefangen; HJT Logfile
    Log-Analyse und Auswertung - 10.01.2010 (14)
  17. Internet Security 2010 entfernen
    Anleitungen, FAQs & Links - 26.12.2009 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen - servus, hier das LOG: Code: Alles auswählen Aufklappen ATTFilter 13:19:42:281 1620 TDSS rootkit removing tool 2.2.2 Jan 13 2010 08:42:25 13:19:42:281 1620 ================================================================================ 13:19:42:281 1620 SystemInfo: 13:19:42:281 1620 OS Version: - XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen...
Archiv
Du betrachtest: XP Internet security 2010 & Trojaner-BNK.WIN.32.Keylogger.gen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131