Antivirus XP 2008 drauf, und nun?

wilfredo · 24.08.2008, 20:03

Hallo,

sieht ja furchtbar aus

hier mein erstes Log:

Malwarebytes' Anti-Malware 1.25
Datenbank Version: 1081
Windows 5.1.2600 Service Pack 2

20:26:40 24.08.2008
mbam-log-08-24-2008 (20-26-40).txt

Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 193555
Laufzeit: 54 minute(s), 20 second(s)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 14
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 13
Infizierte Dateien: 6

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\rhcr51j0eeca (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\rhcr51j0eeca (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msctrl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msavsc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msscan.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msiemon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msfw.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mssadv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msctrl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msavsc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msscan.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msiemon.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msfw.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mssadv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\Microsoft Security Adviser (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Programme\rhcr51j0eeca (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine\Autorun (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine\Autorun\HKCU (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine\Autorun\HKCU\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine\Autorun\HKLM (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine\Autorun\HKLM\RunOnce (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine\Autorun\StartMenuAllUsers (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine\Autorun\StartMenuCurrentUser (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine\BrowserObjects (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\rhcr51j0eeca\Quarantine\Packages (Rogue.Multiple) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\System Volume Information\_restore{4A46FFA5-5E33-4DBC-AD83-F55DC583C79B}\RP3\A0001057.scr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Programme\Microsoft Security Adviser\msctrl.log (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Programme\Microsoft Security Adviser\mssadv.log (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Programme\Microsoft Security Adviser\mssadv_sp.log (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Desktop\Antivirus XP 2008.lnk (Rogue.Antivirus) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Wilfried\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.

Gruß
Wilfried

Antivirus XP 2008 drauf, und nun?

Log-Analyse und Auswertung: Antivirus XP 2008 drauf, und nun?

Antivirus XP 2008 drauf, und nun?

Ähnliche Themen: Antivirus XP 2008 drauf, und nun?