Trojaner in Ordner, der mir den Zugriff verweigert

#1 Kapersky hat mir gerade das hier ausgespuckt, leider komm ich nur nich dran, um irgendwas zu machen, hat einer eine Lösung???

Scan Statistics
Total number of scanned objects 55061
Number of viruses found 20
Number of infected objects 46
Number of suspicious objects 0
Duration of the scan process 02:14:53

Infected Object Name Virus Name Last Action
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0018872.dll Infected: Trojan-Downloader.Win32.Dyfuca.gen skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0019876.exe Infected: Trojan-Dropper.Win32.Small.sa skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0019879.exe Infected: Trojan-Downloader.Win32.Agent.kp skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0019919.exe Infected: Trojan-Downloader.Win32.IstBar.gen skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0019925.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020963.exe Infected: Trojan-Dropper.Win32.Agent.hj skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020964.exe Infected: Trojan-Downloader.Win32.Small.aju skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020965.exe Infected: Trojan-Downloader.Win32.Small.aju skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020966.exe Infected: Trojan-Downloader.Win32.Small.agk skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020967.exe Infected: Trojan-Dropper.Win32.Small.we skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020968.exe Infected: Trojan-Downloader.Win32.Small.agk skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020969.exe Infected: Trojan-Downloader.Win32.Small.agk skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020970.exe Infected: Trojan-Downloader.Win32.Small.agk skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020971.exe Infected: Trojan-Clicker.Win32.Delf.bv skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020972.exe Infected: Trojan-Downloader.Win32.Apher.gen skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020985.exe Infected: Trojan-Downloader.Win32.Agent.lm skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020986.exe Infected: Trojan-Downloader.Win32.IstBar.gen skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020987.dll Infected: Trojan-Downloader.Win32.IstBar.gen skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020992.exe Infected: Trojan-Downloader.Win32.Dyfuca.ep skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020993.exe Infected: Trojan-Downloader.Win32.Dyfuca.ep skipped
C:\System Volume Information\_restore{2B88EE46-DFC4-4BC7-AFB5-F3F88E53D1B2}\RP69\A0020994.exe Infected: Trojan-Dropper.Win32.Small.qo skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021095.exe Infected: Trojan-Downloader.Win32.Apher.gen skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021097.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021101.exe Infected: Trojan-Downloader.Win32.Dyfuca.ep skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021156.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021164.exe Infected: Trojan-Dropper.Win32.Small.sa skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021165.dll Infected: Trojan-Downloader.Win32.Small.ajp skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021169.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021187.exe Infected: Trojan-Downloader.Win32.Apher.gen skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022355.exe Infected: Trojan-Downloader.Win32.Apher.gen skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022382.exe Infected: Trojan.Win32.Delf.ik skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022383.exe Infected: Trojan.Win32.Delf.ik skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022384.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022385.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022387.dll Infected: Trojan-Downloader.Win32.Small.ajp skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022388.exe Infected: Trojan-Dropper.Win32.Small.sa skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022403.exe Infected: Trojan-Clicker.Win32.Delf.bv skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022404.exe Infected: Trojan-Clicker.Win32.Delf.bv skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022405.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022406.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022407.exe Infected: Trojan-Downloader.Win32.Apher.gen skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022409.exe Infected: Trojan.Win32.StartPage.wv skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022419.exe Infected: Trojan-Downloader.Win32.Dyfuca.ep skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022431.dll Infected: Trojan-Clicker.Win32.Redir.b skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022444.dll Infected: Trojan.Win32.StartPage.mz skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022448.dll Infected: Trojan-PSW.Win32.Small.bk skipped

#2 Hallo,

deaktiviere die Systemwiederherstellung, wie hier beschrieben.
Fahre den Rechner dann runter, starte ihn neu, jetzt kann die Systemwiederherstellung wieder aktiviert werden.
Führe einen Onlinescan z.B. bei Panda hier durch und poste das Ergebnis.

Gruß

Schrulli[/url]

#3 Nur zur Ergänzung:

bei deiner Auflistung handelt es sich um bereits gelöschte Dateien. Bei aktivierter Systemwiederherstellung behält WinXP Informationen über die gelöschten Objekte, um bei einem Rücksetzen des Systems auf einen früheren Zeitpunkt, alle erforderlichen Daten wieder herstellen zu können.

U.a. nicht ungefährlich, da dieser Vorgang Malware nicht ausschließt.
__________
Durchsuchen --> Aussuchen --> Untersuchen

#4 Hab ich so gemacht, aber Kapersky spuckt mir immernoch das Gleiche aus:

Scan Statistics
Total number of scanned objects 50661
Number of viruses found 11
Number of infected objects 25
Number of suspicious objects 0
Duration of the scan process 02:07:54

Infected Object Name Virus Name Last Action
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021095.exe Infected: Trojan-Downloader.Win32.Apher.gen skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021097.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021101.exe Infected: Trojan-Downloader.Win32.Dyfuca.ep skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021156.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021164.exe Infected: Trojan-Dropper.Win32.Small.sa skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021165.dll Infected: Trojan-Downloader.Win32.Small.ajp skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021169.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP49\A0021187.exe Infected: Trojan-Downloader.Win32.Apher.gen skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022355.exe Infected: Trojan-Downloader.Win32.Apher.gen skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022382.exe Infected: Trojan.Win32.Delf.ik skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022383.exe Infected: Trojan.Win32.Delf.ik skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022384.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022385.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022387.dll Infected: Trojan-Downloader.Win32.Small.ajp skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022388.exe Infected: Trojan-Dropper.Win32.Small.sa skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022403.exe Infected: Trojan-Clicker.Win32.Delf.bv skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022404.exe Infected: Trojan-Clicker.Win32.Delf.bv skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022405.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022406.exe Infected: Trojan-Downloader.Win32.Delf.ia skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022407.exe Infected: Trojan-Downloader.Win32.Apher.gen skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022409.exe Infected: Trojan.Win32.StartPage.wv skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022419.exe Infected: Trojan-Downloader.Win32.Dyfuca.ep skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022431.dll Infected: Trojan-Clicker.Win32.Redir.b skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022444.dll Infected: Trojan.Win32.StartPage.mz skipped
C:\System Volume Information\_restore{7D45BDA3-C1F4-4C2B-850E-02B89BBA936E}\RP50\A0022448.dll Infected: Trojan-PSW.Win32.Small.bk skipped
Scan process completed.



Und das sagt mein Bitdefender (die Datei finde ich aber schlicht gar nicht, nur eben über den Bitdefender):

Adware:Adware/MediaTickets Not disinfected C:\WINDOWS\Downloaded Program Files\MediaTicketsInstaller.INF

#5 TanteFreya

Arbeitsplatz-->Rechtsklick, dann auf Eigenschaften--->Reiter Systemwiederherstellung--->Häkchen setzen bei Systemwiederherstellung auf allen Laufwerken deaktivieren.
http://virus-protect.org/systemwiederherstellung.html

loeschen:..eventuell mit der Killbox http://virus-protect.org/killbox.html

C:\WINDOWS\Downloaded Program Files\MediaTicketsInstaller.INF

**
__________
MfG Sabina

rund um die PC-Sicherheit