Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Falsches Vista-Sicherheitscenter (https://www.trojaner-board.de/84468-falsches-vista-sicherheitscenter.html)

Ninjulen 03.04.2010 06:09
Falsches Vista-Sicherheitscenter
 
Hallo zusammen, hier mein Log nachdem ich Malwarebytes habe drüber laufen lassen. Hoffe, alles gelöscht. Danke schon mal!

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 3930

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

02.04.2010 23:34:28
mbam-log-2010-04-02 (23-34-28).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 154449
Laufzeit: 4 Stunde(n), 37 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 5
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 7
Infizierte Verzeichnisse: 9
Infizierte Dateien: 46

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qe8qa-rrb (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32262652-c404-8a6a-0a44-6975a5e7e10f} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{32262652-c404-8a6a-0a44-6975a5e7e10f} (Adware.AdRotator) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Anwendungsdaten\ave.exe" /START "C:\Programme\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Anwendungsdaten\ave.exe" /START "C:\Programme\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Anwendungsdaten\ave.exe" /START "C:\Programme\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\Programme\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Dokumente und Einstellungen\Julen\Eigene Dateien\Downloads\FLVDirect.exe (Adware.MediaPass) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XI07XPZC\setup[1].exe (Adware.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Qe8qA-Rrb.exe (Adware.AdRotator) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\dskinliteu.dll (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\player.dat (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_default.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_disable.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_normal.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonDown.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonHot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonNor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\edit_back.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menubg.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_arrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_check.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuitem_select.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_seperator.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\BottomBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\downarrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\LeftBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\main.ico (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\RightBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\TitlePattern.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\o_-Z_SU_A7.dll (Adware.AdRotator) -> Quarantined and deleted successfully.

BIOTEC 03.04.2010 10:07
Oh mein Gott...wusste garnicht, das man soviel Adware auf dem rechner haben kann!

MBAM hat die ja jetzt gelöscht...und dann sollten sie weg sein!

Das nächste mal bischen vorsichtiger Surfen und nicht alles Installieren, wo ein Kästchen für ein Häckchen ist....schätze mal, das das daher kam!

Brain ist viel besser als jeder Virenscanner....^^

Gruss BIOTEC


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:25 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129