Trojaner-Board - Komplett verseuchter PC:Windows Explorer startet nicht.

Ok.

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Datenbank Version: 3949

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

03.04.2010 17:14:31
mbam-log-2010-04-03 (17-14-31).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 133255
Laufzeit: 17 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 3
Infizierte Speichermodule: 3
Infizierte Registrierungsschlüssel: 7
Infizierte Registrierungswerte: 10
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 2
Infizierte Dateien: 65

Infizierte Speicherprozesse:
C:\Users\T\AppData\Local\Temp\lsass.exe (Trojan.Agent) -> Unloaded process successfully.
C:\Users\T\AppData\Local\Temp\taskmgr.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\T\reader_s.exe (Trojan.Agent) -> Unloaded process successfully.

Infizierte Speichermodule:
C:\Users\T\AppData\Local\Temp\D40.tmp (Backdoor.Bot) -> Delete on reboot.
C:\Program Files\DosPop Toolbar\tbuCD9F\dospop.dll (Adware.Mostofate) -> Delete on reboot.
C:\Windows\System32\app_dll.dll (Trojan.Agent.Gen) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenU) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\ACM.dll (Adware.WhenU) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\W32xgl2 (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\bifrost (Bifrose.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57f9fef0-6eae-4030-a68a-30fdc38b1b13} (Adware.Mostofate) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{57f9fef0-6eae-4030-a68a-30fdc38b1b13} (Adware.Mostofate) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hf8wefhuaihf8ewfydiujhfdsfdf (Trojan.Agent) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf87efjhdsf87f3jfsdi7fhsujfd (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winsvc32 (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.mysearchnow.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\security center (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\Users\T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection System (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhenU (Adware.WhenU) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Users\T\reader_s.exe (Trojan.FakeAlert.H) -> Delete on reboot.
C:\Users\T\AppData\Local\Temp\D40.tmp (Backdoor.Bot) -> Delete on reboot.
C:\Program Files\DosPop Toolbar\tbuCD9F\dospop.dll (Adware.Mostofate) -> Delete on reboot.
C:\Users\T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ihaupd32.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\system32\Drivers\uhfysc.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\iexplore .exe (Trojan.Backdoor) -> Delete on reboot.
C:\Users\T\AppData\Local\Temp\VRT2ADA.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\VRT55FE.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\VRTF787.tmp (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\lshoavp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\d5d61d3b.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\txpxr_225008389191.b1k (Trojan.Koblu) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\~TMC382.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection System\Deinstallieren.lnk (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection System\Live-Support.lnk (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protection System\Protection System.lnk (Rogue.ProtectionSystem) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhenU\Customer Support.lnk (Adware.WhenU) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhenU\Uninstall Instructions.lnk (Adware.WhenU) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\e0qsot7u.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\js.mui (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\app_dll.dll (Trojan.Agent.Gen) -> Delete on reboot.
C:\Users\Tobias\AppData\Local\Temp\wmpscfgs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\wmpscfgs.exe (Trojan.Agent) -> Delete on reboot.
C:\Users\T\AppData\Roaming\server.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Roaming\svchost.exe (Trojan.Delf) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Roaming\wiaservg.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\murkrow.exe (Worm.AutoRun) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\aaa.exe (Password.Stealer) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\taskmgr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Temp\wpv931269213751.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\winsvc32.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\T\Protection System\sc.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Windows\System32\winsvc32.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\jisfije9fjoiee.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\Adobe\acrotray .exe (Trojan.Agent) -> Delete on reboot.
C:\Users\T\AppData\Roaming\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_00355.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_01025.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_01556.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_03455.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_04013.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_12177.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_12188.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_13462.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_14486.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_16327.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_25770.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_30142.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_34112.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_34561.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_37014.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_37112.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_40075.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_46703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_46710.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_51885.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_52188.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_53476.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_55037.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_66285.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_72367.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_72372.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\T\AppData\Local\Temp\eraseme_88170.exe (Trojan.Agent) -> Quarantined and deleted successfully.