Zitat:
Zitat von
nochdigger Hallo
Jupp
Malwarebytes löschen lassen --> Log posten
Blacklight scannen --> Log posten
Sollte sich bald bessern
MFG
Code:
Alles auswählen Aufklappen ATTFilter
Malwarebytes' Anti-Malware 1.21
Datenbank Version: 967
Windows 5.1.2600 Service Pack 2
19:59:55 19.07.2008
mbam-log-7-19-2008 (19-59-55).txt
Scan-Methode: Quick-Scan
Durchsuchte Objekte: 47750
Laufzeit: 2 minute(s), 46 second(s)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 4
Infizierte Registrierungsschlüssel: 12
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 0
Infizierte Dateien: 32
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
C:\WINXP\system32\byXqromn.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINXP\system32\rgfkfbry.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINXP\system32\uxemcgfa.dll (Trojan.Vundo) -> Unloaded module successfully.
C:\WINXP\system32\efcCtUlI.dll (Trojan.Vundo) -> Unloaded module successfully.
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{3c4727c2-bf3f-48f0-9670-33d72e2ed5c0} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{3c4727c2-bf3f-48f0-9670-33d72e2ed5c0} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{587c4de2-ed1f-497b-a0a1-024d336bb19b} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{587c4de2-ed1f-497b-a0a1-024d336bb19b} (Trojan.Vundo) -> Quarantined and deleted
successfully.
HKEY_CLASSES_ROOT\CLSID\{bf0ca4fc-6378-4062-b546-3cde8a28b1e0} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{bf0ca4fc-6378-4062-b546-3cde8a28b1e0} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\efcctuli (Trojan.Vundo) -> Delete
on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9cdbde2b (Trojan.Vundo) -> Quarantined and
deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bm9fe8edb7 (Trojan.Vundo) -> Quarantined and
deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{bf0ca4fc-6378-4062-b546-
3cde8a28b1e0} (Trojan.Vundo) -> Delete on reboot.
Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo) -> Data:
c:\winxp\system32\byxqromn -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data:
c:\winxp\system32\byxqromn -> Delete on reboot.
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\WINXP\system32\byXqromn.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINXP\system32\nmorqXyb.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\nmorqXyb.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\oxxrdj.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\ekhadtip.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\pitdahke.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\kukyxbhw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\whbxykuk.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\otkshhyp.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\pyhhskto.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\pbmbqftl.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\ltfqbmbp.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\rgfkfbry.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINXP\system32\yrbfkfgr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\rtqmmmig.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\gimmmqtr.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\txcctayk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\kyatccxt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\usyoyjul.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\lujyoysu.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\uxemcgfa.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINXP\system32\efcCtUlI.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINXP\system32\tatkgjnw.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\ealtammu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\sxtupyul.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\unvscpkv.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\knbaivva.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\jdccssse.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\system32\wfxieqfg.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINXP\BM9fe8edb7.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINXP\BM9fe8edb7.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
19.07.2008, 19:12
Baum-Darstellung