hier zunächst das Log von Malwarebytes
Code:
Alles auswählen Aufklappen ATTFilter
Malwarebytes' Anti-Malware 1.28
Datenbank Version: 1203
Windows 5.1.2600 Service Pack 2
25.09.2008 21:17:54
mbam-log-2008-09-25 (21-17-54).txt
Scan-Methode: Vollständiger Scan (C:\|)
Durchsuchte Objekte: 86948
Laufzeit: 41 minute(s), 32 second(s)
Infizierte Speicherprozesse: 1
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 36
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 9
Infizierte Dateien: 51
Infizierte Speicherprozesse:
C:\Programme\Foxie Suite\Firewall.exe (Rogue.Foxie) -> Unloaded process successfully.
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\firewall (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\firewall (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\firewall (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{53b8b576-27ef-4cf5-ad81-0487f96bf21f} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6db1d8a4-3493-4414-9fd2-3924617491b5} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72fc8424-86d6-4100-8846-ff211f275897} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{96eb9c1c-140f-44d8-8674-840b318b7e0b} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{09c02180-3b46-4cd8-83ff-34daf442bdef} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b18fd94-2904-4aa0-ad63-7231d59e63a2} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c65185b1-d52b-44a9-861f-8201b50d1f37} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c65185b1-d52b-44a9-861f-8201b50d1f37} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{618d0948-6cd1-4129-9fdb-221a7f973f37} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4879d63c-c3cc-42cc-9d1c-e861b42d0a5c} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5fba0f92-abe8-421c-992e-2a85db9910c1} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{432cae3b-690f-4c3b-bd97-070ebda210d5} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{432cae3b-690f-4c3b-bd97-070ebda210d5} (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\foxie privacy, security & productivity suite (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\foxie.foxiecore (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\foxie.foxiecore.1 (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\foxie.foxiesecuritymodule (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\foxie.foxiesecuritymodule.1 (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\foxie.foxietoolbar (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\foxie.foxietoolbar.1 (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\foxie.httpfilter (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\foxie.httpfilter.1 (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FoxIE (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FoxIE (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\foxie firewall (Rogue.Foxie) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{09c02180-3b46-4cd8-83ff-34daf442bdef} (Rogue.Foxie) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
C:\Programme\Foxie Suite (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\AdBlock (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Firewall (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\HTML (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Icons (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Sweeper (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Updates (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\N***s\Startmenü\Antivirus 2009 (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
Infizierte Dateien:
C:\WINDOWS\system32\injlhcuo.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ouchljni.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Firewall.exe (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Cleaner.exe (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\firewall.sys (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Sweeper.exe (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\update.exe (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP3\A0000121.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP4\A0001112.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005198.sys (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005203.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005204.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005205.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005206.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005208.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005209.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005210.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005212.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005213.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005215.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005218.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005219.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005220.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005221.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005223.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005224.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{88A30F3B-5FA6-486A-9983-67C6D0E0CB01}\RP6\A0005225.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\foxiecore.dll (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\foxiecoreu.dll (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\foxietoolbaru.dll (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\uninst.exe (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Uninstaller.exe (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\AdBlock\adblock.dat (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Firewall\spamservers.dat (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Firewall\spyservers.dat (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Firewall\wormservers.dat (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\HTML\Desktop.htm (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\HTML\index.gif (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\HTML\Infinity.htm (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\HTML\Query.htm (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Icons\Cleaner.ico (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Icons\Desktop.ico (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Icons\Infinity.ico (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Icons\Sweeper.ico (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Sweeper\pests.dtx (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Programme\Foxie Suite\Resources\Updates\index.dat (Rogue.Foxie) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\N***s\Startmenü\Antivirus 2009\Antivirus 2009.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\N***s\Startmenü\Antivirus 2009\Uninstall Antivirus 2009.lnk (Rogue.Antivirus2008) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMbbe8bc11.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BMbbe8bc11.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
25.09.2008, 20:19
Baum-Darstellung