Matt
2009-02-21, 17:24
Hallo,
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-02-11 TeaTimer.exe (1.6.5.28)
2009-01-29 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-01-22 Includes\Adware.sbi
2009-01-22 Includes\AdwareC.sbi
2009-02-18 Includes\Beta.sbi
2007-11-06 Includes\Beta.uti
2009-01-22 Includes\Cookies.sbi
2009-01-06 Includes\Dialer.sbi
2009-01-22 Includes\DialerC.sbi
2009-01-22 Includes\HeavyDuty.sbi
2009-02-10 Includes\Hijackers.sbi
2009-02-10 Includes\HijackersC.sbi
2008-12-09 Includes\Keyloggers.sbi
2009-02-17 Includes\KeyloggersC.sbi
2008-11-18 Includes\Malware.sbi
2009-02-17 Includes\MalwareC.sbi
2008-12-16 Includes\PUPS.sbi
2009-02-10 Includes\PUPSC.sbi
2009-01-22 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2009-02-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2009-01-28 Includes\Spyware.sbi
2009-01-28 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2009-02-18 Includes\Trojans.sbi
2009-02-17 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Spybot hat keine Schädlinge gefunden.
Habe anschließend SpywareTerminator durchlaufen lassen, folgende Reste von Malware wurden im Ordner C:\Windows\system32\ gefunden:
1) winupsvc.exe
2) winsvcup.exe
Werde euch die Dateien gleich schicken. ;)
Könnt ihr diese Dateien in die Erkennungsregeln mit aufnehmen oder sind sie ungefährlich aus euerer Sicht?
Grüße aus Bayern,
-Matt-
--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---
2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-02-11 TeaTimer.exe (1.6.5.28)
2009-01-29 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-01-22 Includes\Adware.sbi
2009-01-22 Includes\AdwareC.sbi
2009-02-18 Includes\Beta.sbi
2007-11-06 Includes\Beta.uti
2009-01-22 Includes\Cookies.sbi
2009-01-06 Includes\Dialer.sbi
2009-01-22 Includes\DialerC.sbi
2009-01-22 Includes\HeavyDuty.sbi
2009-02-10 Includes\Hijackers.sbi
2009-02-10 Includes\HijackersC.sbi
2008-12-09 Includes\Keyloggers.sbi
2009-02-17 Includes\KeyloggersC.sbi
2008-11-18 Includes\Malware.sbi
2009-02-17 Includes\MalwareC.sbi
2008-12-16 Includes\PUPS.sbi
2009-02-10 Includes\PUPSC.sbi
2009-01-22 Includes\Revision.sbi
2009-01-13 Includes\Security.sbi
2009-02-10 Includes\SecurityC.sbi
2008-06-03 Includes\Spybots.sbi
2008-06-03 Includes\SpybotsC.sbi
2009-01-28 Includes\Spyware.sbi
2009-01-28 Includes\SpywareC.sbi
2008-06-03 Includes\Tracks.uti
2009-02-18 Includes\Trojans.sbi
2009-02-17 Includes\TrojansC.sbi
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
Spybot hat keine Schädlinge gefunden.
Habe anschließend SpywareTerminator durchlaufen lassen, folgende Reste von Malware wurden im Ordner C:\Windows\system32\ gefunden:
1) winupsvc.exe
2) winsvcup.exe
Werde euch die Dateien gleich schicken. ;)
Könnt ihr diese Dateien in die Erkennungsregeln mit aufnehmen oder sind sie ungefährlich aus euerer Sicht?
Grüße aus Bayern,
-Matt-