| AdminBot | 11.05.2010 09:44 |
Data Protection entfernen
Liste der Anhänge anzeigen (Anzahl: 10) Data Protection entfernen Was ist Data Protection?
Data Protection ist eine weitere Rogue-Malware in Form einer gefälschten Scan-Software, die mittels eines sog. Trojaners in den PC eindringt und dem Benutzer weissmacht, den PC nach Malware abzusuchen. Diese Software (Data Protection) ist ein Fake und selbst eine Schadsoftware und sollte nicht gekauft werden.
Da solche Software wie Data Protection sich gegen jede Entfernung wehren wird und Data Protection oftmals noch Rootkits mitinstalliert, sollte eine Neuinstallation des Systems in Erwägung gezogen werden.
Verbreitet wird Data Protection nicht mehr ausschliesslich über 'dubiose Seiten' für Cracks, KeyGens und Warez, sondern auch seriöse Seiten werden zunehmend für die Verbreitung dieser mißbraucht ( http://www.trojaner-board.de/90880-d...tallation.html). http://www.trojaner-board.de/attachm...1&d=1275574590 http://www.trojaner-board.de/attachm...1&d=1275574590 Symptome von Data Protection:- ständige Fake Virenmeldungen von Data Protection
- PC läuft seit Data Protection langsamer als üblich
• Malwarebytes' Anti-Malware
• F-Secure
• Norton Internet Security
• NOD32
• Avira AntiVir
• Agnitum Outpost Security Suite
• McAfee
• AVG8
• AntiVir
• avast!
http://www.trojaner-board.de/attachm...1&d=1275574590 http://www.trojaner-board.de/attachm...1&d=1275574590 http://www.trojaner-board.de/attachm...1&d=1275574590 http://www.trojaner-board.de/attachm...1&d=1275574590 http://www.trojaner-board.de/attachm...1&d=1275574590 http://www.trojaner-board.de/attachm...1&d=1275574590 http://www.trojaner-board.de/attachm...1&d=1275574590 http://www.trojaner-board.de/attachm...1&d=1275574590 Fake-Meldungen von Data Protection:Danger!
Unauthosrized <sic> access to your computer! Click on the message to install up-to-date antivirus software.
Danger!
A security threat detected on your computer. TrojanASPX.JS.Win32. It strongly recommended to remove this threat right now. Click on the message to remove it.
Danger!
It is strongly recommended to protect your computer against security threats. Click on the message to ensure the protection of your computer.
Warning! Network attack detected!
Network intrusion detected!
Your computer is being attacked from a remove PC.
Attach from <ip address>:<port #>
Process is trying to steal your passwords listed below. It is highly recommended to block this threat now.
Warning! Adware detected!
Adware module detected on your PC!
Zlob.Porn.Ad adware has been detected. This adware module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click the button below to locate and remove this threat now.
Antivirus Alert - Critical threat detected
Warning
Network attack detected
Network attack has been detected. Process is attempting to access your private data.
Warning! Virus threat detected!
Virus activity detected!
Trojan-Downloader.VBS adware has been detected. This adware module advertises websites with explicitly content. Be advised of such content being possibly illegal. Please click the button below to locate and remove this threat now.
Dateien von Data Protection: Code:
c:\Documents and Settings\All Users\Application Data\fiosejgfse.dll
%Temp%\4otjesjty.mof
%Temp%\MSWINSCK.exe
%Temp%\wscsvc32.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Data Protection.lnk
%UserProfile%\Desktop\Data Protection Support.lnk
%UserProfile%\Desktop\Data Protection.lnk
%UserProfile%\Desktop\spam001.exe
%UserProfile%\Desktop\spam002.exe
%UserProfile%\Desktop\spam003.exe
%UserProfile%\Desktop\troj000.exe
%UserProfile%\Start Menu\Programs\Data Protection
%UserProfile%\Start Menu\Programs\Data Protection\About.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Activate.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Buy.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Data Protection Support.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Data Protection.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Scan.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Settings.lnk
%UserProfile%\Start Menu\Programs\Data Protection\Update.lnk
c:\Program Files\Data Protection
c:\Program Files\Data Protection\about.ico
c:\Program Files\Data Protection\activate.ico
c:\Program Files\Data Protection\buy.ico
c:\Program Files\Data Protection\dat.db
c:\Program Files\Data Protection\datext.dll
c:\Program Files\Data Protection\dathook.dll
c:\Program Files\Data Protection\datprot.exe
c:\Program Files\Data Protection\help.ico
c:\Program Files\Data Protection\scan.ico
c:\Program Files\Data Protection\settings.ico
c:\Program Files\Data Protection\splash.mp3
c:\Program Files\Data Protection\Uninstall.exe
c:\Program Files\Data Protection\update.ico
c:\Program Files\Data Protection\virus.mp3
Registry-Einträge von Data Protection: Code:
HKEY_CURRENT_USER\Software\Malware Defense
HKEY_CURRENT_USER\Software\Paladin Antivirus
HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_LOCAL_MACHINE\SOFTWARE\Data Protection
HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Data Protection
HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus
HKEY_LOCAL_MACHINE\SOFTWARE\Program Groups
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Data Protection"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "DisableTaskMgr" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5E2121EE-0300-11D4-8D3B-444553540000}"
Data Protection im HijackThis-Log: Code:
O4 - HKCU\..\Run: [Data Protection] "C:\Program Files\Data Protection\datprot.exe" -noscan
| 