Zurück   Trojaner-Board > Malware entfernen > Anleitungen, FAQs & Links

Anleitungen, FAQs & Links: Dr. Guard entfernen

Windows 7 Hilfreiche Anleitungen um Trojaner zu entfernen. Viele FAQs & Links zum Thema Sicherheit, Malware und Viren. Die Schritt für Schritt Anleitungen zum Trojaner entfernen sind auch für nicht versierte Benutzer leicht durchführbar. Bei Problemen, einfach im Trojaner-Board nachfragen - unsere Experten helfen kostenlos. Weitere Anleitungen zu Hardware, Trojaner und Malware sind hier zu finden.

Antwort
Alt 01.03.2010, 12:47   #1
AdminBot
Administrator
 
Dr. Guard entfernen - Standard

Dr. Guard entfernen



Dr. Guard entfernen


Was ist Dr. Guard?
Dr. Guard ist eine weitere Rogue-Malware (verwandt mit Paladin Antivirus) in Form einer gefälschten Scan-Software, die mittels eines trojanischen Pferdes in den PC eindringt und dem Benutzer weissmacht, den PC nach Malware abzusuchen. Diese Software (Dr. Guard) ist ein Fake und selbst eine Schadsoftware und sollte nicht gekauft werden.

Verbreitet wird Dr. Guard nicht mehr ausschliesslich über 'dubiose Seiten' für Cracks, KeyGens und Warez, sondern auch seriöse Seiten werden zunehmend für die Verbreitung dieser mißbraucht (http://www.trojaner-board.de/90880-d...tallation.html).


Wenn Dr. Guard startet versucht es u.a. folgende Software zu stoppen:

• Malwarebytes' Anti-Malware
• F-Secure
• NOD32
• Norton Internet Security
• Avira AntiVir
• Agnitum Outpost Security Suite
• AVG8
• avast!
• AntiVir






Symptome von Dr. Guard:
  • ständige Fake Virenmeldungen von Dr. Guard
  • PC läuft langsamer als üblich
  • Kommt mit TDSS oder TDL3 rootkit

ANTIVIRUS IS RUN IN DEMO MODE. ACTIVATE YOUR ANTIVIRUS OTHERWISE ALL THE DATA WILL BE LOST OR DAMAGED!



DANGEROUS! ANTIVIRUS DETECTED SOME HARMFUL PROGRAMS ON YOUR PC! THEY MAY CORRUPT YOUR INFORMATION OR SEND IT TO HACKERS.
PLEASE, OPTIMIZE YOUR PC. IT RUN ONLY 10%.
NEED HELP? PLEASE, CONTACT DR. GUARD CUSTOMER SUPPORT SERVICE.



Windows Firewall has detected unauthorized activity, but unfortunately it cannot help
you to remove viruses, keyloggers and other spyware threats that steal your personal
information from your computer


System files of your computer are damaged. Please, restart your system ASAP.

There are some serious security threats detected on your computer. Please, remove them ASAP.
There are some serious security threats detected on your computer: viruses, trojans, keyloggers, exploits etc.
Your computer and all your personal data are in serious danger.
Protection: Click the balloon to install antivirus software.



Defenseless OS: Windows 2000/XP/Vista
Description: Spyware. Blocks access to computer. Attacks porn sites visitors.
Protection: Click the balloon to install antivirus software.
Dateien von Dr. Guard:
Code:
ATTFilter
c:\Documents and Settings\Bleeping\Desktop\Dr. Guard Support.lnk
c:\Documents and Settings\Bleeping\Desktop\Dr. Guard.lnk
c:\Documents and Settings\Bleeping\Start Menu\Programs\Dr. Guard
c:\Documents and Settings\Bleeping\Start Menu\Programs\Dr. Guard\About.lnk
c:\Documents and Settings\Bleeping\Start Menu\Programs\Dr. Guard\Activate.lnk
c:\Documents and Settings\Bleeping\Start Menu\Programs\Dr. Guard\Buy.lnk
c:\Documents and Settings\Bleeping\Start Menu\Programs\Dr. Guard\Dr. Guard Support.lnk
c:\Documents and Settings\Bleeping\Start Menu\Programs\Dr. Guard\Dr. Guard.lnk
c:\Documents and Settings\Bleeping\Start Menu\Programs\Dr. Guard\Scan.lnk
c:\Documents and Settings\Bleeping\Start Menu\Programs\Dr. Guard\Settings.lnk
c:\Documents and Settings\Bleeping\Start Menu\Programs\Dr. Guard\Update.lnk
c:\Documents and Settings\Bleeping\Application Data\Microsoft\Internet Explorer\Quick Launch\Dr. Guard.lnk
c:\Program Files\Dr. Guard
c:\Program Files\Dr. Guard\about.ico
c:\Program Files\Dr. Guard\activate.ico
c:\Program Files\Dr. Guard\buy.ico
c:\Program Files\Dr. Guard\drg.db
c:\Program Files\Dr. Guard\drgext.dll
c:\Program Files\Dr. Guard\drghook.dll
c:\Program Files\Dr. Guard\drguard.exe
c:\Program Files\Dr. Guard\help.ico
c:\Program Files\Dr. Guard\scan.ico
c:\Program Files\Dr. Guard\settings.ico
c:\Program Files\Dr. Guard\splash.mp3
c:\Program Files\Dr. Guard\uninstall.exe
c:\Program Files\Dr. Guard\update.ico
c:\Program Files\Dr. Guard\virus.mp3
%Temp%\asr64_ldm.exe
         

Registry-Einträge von Dr. Guard:
Code:
ATTFilter
HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\SimpleShlExt
HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\SimpleShlExt
HKEY_LOCAL_MACHINE\SOFTWARE\Dr. Guard
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Dr. Guard
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Dr. Guard"
HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5E2121EE-0300-11D4-8D3B-444553540000}"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = "1"
         

Dr. Guard im HijackThis-Log:
Code:
ATTFilter
O4 - HKCU\..\Run: [asr64_ldm.exe] %Temp%\asr64_ldm.exe
O4 - HKCU\..\Run: [Dr. Guard] "C:\Program Files\Dr. Guard\drguard.exe" -noscan
         
Miniaturansicht angehängter Grafiken
Dr. Guard entfernen-1.jpg   Dr. Guard entfernen-2.jpg   Dr. Guard entfernen-3.jpg   Dr. Guard entfernen-4.jpg   Dr. Guard entfernen-5.jpg   Dr. Guard entfernen-6.jpg   Dr. Guard entfernen-7.jpg  

Dr. Guard entfernen-8.jpg  

Alt 01.03.2010, 14:56   #2
Da GuRu
Administrator
/// technical service
 

Dr. Guard entfernen - Standard

Dr. Guard entfernen



Dr. Guard entfernen

  • Tool: rkill.com Download Link (umbenannt: iExplore.exe) von Grinler herunterladen und mit doppelklick ausführen.
    Sollte rkill.com nicht starten, versuche es mit der umbenannten Version iExplore.exe





    Das Tool stoppt alle Prozesse von Dr. Guard.

    Bei Bedarf mehrmals ausführen, bis alle ungewünschten Prozesse beendet wurden.
  • Starte einen vollständigen Scan mit Malwarebytes Anti-Malware
Achtung: Diese Fake Software wird versuchen, den Einsatz von Malwarebytes zu verhindern. Benenne das Setup vor dem speichern in etwas anderes um (z.B. Herbert.exe).

Falls es vorher nicht funktioniert hat, sollte das Setup jetzt starten.

Wenn das Programm nach der Installation nicht starten sollte, dann benenne die "mbam.exe" in "herbert.exe" um und versuche es erneut.

Sollte MBAM trotzdem nicht starten: Malwarebytes Anti-Malware startet nicht







Code:
ATTFilter
Memory Processes Infected: 2
Memory Modules Infected: 1
Registry Keys Infected: 2
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 2
Files Infected: 30

Memory Processes Infected:
C:\Documents and Settings\{username}\Local Settings\Temp\asr64_ldm.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\Program Files\Dr. Guard\drguard.exe (Malware.Packer.Gen) -> Unloaded process successfully.

Memory Modules Infected:
C:\Program Files\Dr. Guard\drghook.dll (Malware.Packer.Gen) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dr. guard (Rogue.DrGuard) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Dr. Guard (Rogue.DrGuard) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dr. guard (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\asr64_ldm.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\Dr. Guard (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Start Menu\Programs\Dr. Guard (Rogue.DrGuard) -> Quarantined and deleted successfully.

Files Infected:
C:\Documents and Settings\{username}\Local Settings\Temp\asr64_ldm.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\drguard.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\drghook.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Local Settings\Temp\dhdhtrdhdrtr5y (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\about.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\activate.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\buy.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\drg.db (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\drgext.dll (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\help.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\scan.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\settings.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\splash.mp3 (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\uninstall.exe (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\update.ico (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Program Files\Dr. Guard\virus.mp3 (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Start Menu\Programs\Dr. Guard\About.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Start Menu\Programs\Dr. Guard\Activate.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Start Menu\Programs\Dr. Guard\Buy.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Start Menu\Programs\Dr. Guard\Dr. Guard Support.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Start Menu\Programs\Dr. Guard\Dr. Guard.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Start Menu\Programs\Dr. Guard\Scan.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Start Menu\Programs\Dr. Guard\Settings.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Start Menu\Programs\Dr. Guard\Update.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Desktop\nudetube.com.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Desktop\pornotube.com.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Desktop\youporn.com.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Desktop\Dr. Guard Support.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Desktop\Dr. Guard.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\{username}\Application Data\Microsoft\Internet Explorer\Quick Launch\Dr. Guard.lnk (Rogue.DrGuard) -> Quarantined and deleted successfully.
         
Miniaturansicht angehängter Grafiken
Dr. Guard entfernen-9.jpg  
__________________


Alt 01.03.2010, 14:56   #3
Da GuRu
Administrator
/// technical service
 

Dr. Guard entfernen - Standard

Dr. Guard entfernen




Dr. Guard immer noch nicht entfernt?

OTH - OTHelper - Kill All Processes


Mit aktualisiertem (!!) Malwarebytes Anti-Malware nach Ausführen von OTH nochmal QUICKSCAN ausführen.

Bitte alle temporären Dateien löschen und Speicherplatz freigeben.


Weitergehende Prüfung

Das System könnte noch nicht vollständig sauber sein.

Daher unbedingt ein Thema erstellen: Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Nicht vergessen mit FRST-Logfiles wie in der Anleitung beschrieben.

Wie man Hilfe bekommt steht auch hier.

__________________

Antwort

Themen zu Dr. Guard entfernen
disabletaskmgr, dr. guard, dr. guard entfernen, drguard, launch, pc läuft, rogue-malware, rogue.drguard, scan-software, start menu



Ähnliche Themen: Dr. Guard entfernen


  1. Ads By Win Guard entfernen
    Anleitungen, FAQs & Links - 24.09.2015 (2)
  2. guard-search.com bzw. Guard Search entfernen
    Anleitungen, FAQs & Links - 22.10.2014 (2)
  3. Windows Internet Guard entfernen
    Anleitungen, FAQs & Links - 02.10.2014 (2)
  4. Smart Guard Protection entfernen
    Anleitungen, FAQs & Links - 09.12.2013 (2)
  5. Windows Active Guard entfernen
    Anleitungen, FAQs & Links - 22.07.2012 (2)
  6. Windows Maintenance Guard entfernen
    Anleitungen, FAQs & Links - 17.06.2012 (2)
  7. Windows Guard Tools entfernen
    Anleitungen, FAQs & Links - 24.05.2012 (2)
  8. Windows Be-on-Guard Edition entfernen
    Anleitungen, FAQs & Links - 11.05.2012 (2)
  9. Windows Premium Guard entfernen
    Anleitungen, FAQs & Links - 24.04.2012 (2)
  10. Windows Guard Solutions entfernen
    Anleitungen, FAQs & Links - 18.04.2012 (2)
  11. Windows Stability Guard entfernen
    Anleitungen, FAQs & Links - 27.02.2012 (2)
  12. Internet Security Guard entfernen
    Anleitungen, FAQs & Links - 14.01.2012 (2)
  13. Guard Online entfernen
    Anleitungen, FAQs & Links - 07.10.2011 (2)
  14. Security Guard 2012 entfernen
    Anleitungen, FAQs & Links - 05.10.2011 (2)
  15. AV Guard Online entfernen
    Anleitungen, FAQs & Links - 05.10.2011 (2)
  16. Security Guard entfernen
    Anleitungen, FAQs & Links - 21.03.2010 (2)
  17. GuardPro / Guard Pro entfernen
    Anleitungen, FAQs & Links - 22.02.2010 (2)

Zum Thema Dr. Guard entfernen - Dr. Guard entfernen Was ist Dr. Guard? Dr. Guard ist eine weitere Rogue-Malware (verwandt mit Paladin Antivirus ) in Form einer gefälschten Scan-Software, die mittels eines trojanischen Pferdes in den - Dr. Guard entfernen...
Archiv
Du betrachtest: Dr. Guard entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.