Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Falsches Vista-Sicherheitscenter

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.04.2010, 06:09   #1
Ninjulen
 
Falsches Vista-Sicherheitscenter - Standard

Falsches Vista-Sicherheitscenter



Hallo zusammen, hier mein Log nachdem ich Malwarebytes habe drüber laufen lassen. Hoffe, alles gelöscht. Danke schon mal!

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 3930

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

02.04.2010 23:34:28
mbam-log-2010-04-02 (23-34-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 154449
Laufzeit: 4 Stunde(n), 37 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 7
Infizierte Verzeichnisse: 9
Infizierte Dateien: 46

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qe8qa-rrb (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32262652-c404-8a6a-0a44-6975a5e7e10f} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{32262652-c404-8a6a-0a44-6975a5e7e10f} (Adware.AdRotator) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Anwendungsdaten\ave.exe" /START "C:\Programme\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Anwendungsdaten\ave.exe" /START "C:\Programme\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Anwendungsdaten\ave.exe" /START "C:\Programme\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\Programme\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Dokumente und Einstellungen\Julen\Eigene Dateien\Downloads\FLVDirect.exe (Adware.MediaPass) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XI07XPZC\setup[1].exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Qe8qA-Rrb.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\dskinliteu.dll (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\player.dat (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_default.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_disable.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_normal.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonDown.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonHot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonNor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\edit_back.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menubg.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_arrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_check.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuitem_select.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_seperator.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\BottomBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\downarrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\LeftBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\main.ico (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\RightBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\TitlePattern.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\o_-Z_SU_A7.dll (Adware.AdRotator) -> Quarantined and deleted successfully.

Alt 03.04.2010, 10:07   #2
BIOTEC
 
Falsches Vista-Sicherheitscenter - Standard

Falsches Vista-Sicherheitscenter



Oh mein Gott...wusste garnicht, das man soviel Adware auf dem rechner haben kann!

MBAM hat die ja jetzt gelöscht...und dann sollten sie weg sein!

Das nächste mal bischen vorsichtiger Surfen und nicht alles Installieren, wo ein Kästchen für ein Häckchen ist....schätze mal, das das daher kam!

Brain ist viel besser als jeder Virenscanner....^^

Gruss BIOTEC
__________________


Antwort

Themen zu Falsches Vista-Sicherheitscenter
adware.adrotator, adware.flvplayer, appdatalow, content.ie5, disabled.securitycenter, firefox.exe, hijack.exefile, hijack.startmenuinternet, install.exe, mein log, rogue.multipleav



Ähnliche Themen: Falsches Vista-Sicherheitscenter


  1. (Vista) Sicherheitscenter lässt sich nicht mehr aktivieren
    Log-Analyse und Auswertung - 24.12.2014 (3)
  2. Windows Vista Sicherheitscenter und AntiVir nach Neustart immer abgeschaltet - Bereits bekanntes Phänomen in Eurem Forum
    Log-Analyse und Auswertung - 08.10.2013 (9)
  3. Windows Vista - Sicherheitscenter und Avira nach jedem Starten deaktiviert
    Log-Analyse und Auswertung - 16.09.2013 (11)
  4. Trojaner Sirefef.AG.9 u. Sirefef.AL.50 in C:\$Recycle.Bin\, Vista-Sicherheitscenter u. Firewall nach anschl. VistaUpdate nicht mehr startbar
    Plagegeister aller Art und deren Bekämpfung - 06.03.2013 (41)
  5. Sicherheitscenter bei Windows Vista lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 16.02.2013 (25)
  6. Falsches Forum
    Mülltonne - 06.06.2012 (1)
  7. (Vista) Sicherheitscenter lässt sich nach Virus nicht mehr aktivieren
    Log-Analyse und Auswertung - 11.04.2012 (9)
  8. Windows-Sicherheitscenter (Vista) ist ausgeschaltet und lässt sich nicht einschalten
    Plagegeister aller Art und deren Bekämpfung - 29.03.2012 (9)
  9. Sicherheitscenter / Vista
    Antiviren-, Firewall- und andere Schutzprogramme - 26.03.2012 (3)
  10. Falsches Unterforum
    Mülltonne - 30.12.2011 (0)
  11. Sicherheitscenter Inactiv auf Vista nach Rootkit mit Backdoor (schon beseitigt?)
    Log-Analyse und Auswertung - 27.12.2011 (17)
  12. Falsches Thema
    Mülltonne - 04.11.2011 (0)
  13. Vista Sicherheitscenter zeigt ständig Alarme: "Malware intrusion/Privacy alert" usw
    Plagegeister aller Art und deren Bekämpfung - 19.04.2010 (14)
  14. Falsche Vista-Sicherheitscenter
    Plagegeister aller Art und deren Bekämpfung - 27.01.2010 (3)
  15. Vista Sicherheitscenter deaktiviert sich ständig
    Log-Analyse und Auswertung - 24.12.2009 (1)
  16. Falsches Windows Sicherheitscenter
    Mülltonne - 17.11.2008 (0)
  17. läuft da was falsches? mit hjt - log
    Log-Analyse und Auswertung - 27.07.2005 (1)

Zum Thema Falsches Vista-Sicherheitscenter - Hallo zusammen, hier mein Log nachdem ich Malwarebytes habe drüber laufen lassen. Hoffe, alles gelöscht. Danke schon mal! Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Datenbank Version: 3930 Windows 5.1.2600 Service Pack 2 - Falsches Vista-Sicherheitscenter...
Archiv
Du betrachtest: Falsches Vista-Sicherheitscenter auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.