 BOO TDSS M , Rechner und Internet browser langsamer
 Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Datenbank Version: 7748
Windows 6.1.7600
Internet Explorer 9.0.8112.16421
19.09.2011 18:22:01
mbam-log-2011-09-19 (18-22-01).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 417991
Laufzeit: 1 Stunde(n), 19 Minute(n), 34 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 16
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OO1310T0QS (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\� (Hijack.Zones) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Java Update (Trojan.Agent.Gen) -> Value: Java Update -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\KeApplet (Trojan.Agent) -> Value: KeApplet -> Delete on reboot.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.
Infizierte Dateien:
c:\newdnswatch\8bf491c5ab2.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\7CHGP2BW\load[1].htm (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\0.43085303321689083.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\Nc2.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\Nc3.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\Nc4.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\Nc8.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\Nc9.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\Nda.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\jar_cache6182722404583965036.tmp (Trojan.Agent.SZ) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\0.6465531458146891.exe (Exploit.Drop.2) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Roaming\Help\ceptr.tll (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Roaming\Help\comm.tll (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Admin\AppData\Local\Temp\ke64tnkff.exe (Trojan.Agent) -> Delete on reboot.
c:\Recycle.Bin\0582b608128ef7e (Trojan.Spyeyes) -> Quarantined and deleted successfully.
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=21d47a98cba7894bab58bc03439ce65e
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-19 07:28:54
# local_time=2011-09-19 09:28:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1797 16775165 100 94 79846 52990441 1923457 0
# compatibility_mode=5893 16776574 100 94 56167167 68888763 0 0
# compatibility_mode=8192 67108863 100 0 117 117 0 0
# compatibility_mode=9217 16777214 75 66 14081736 18410722 0 0
# scanned=198711
# found=4
# cleaned=0
# scan_time=10516
C:\Users\Admin\AppData\Local\Temp\jar_cache4056103344549975675.tmp a variant of Win32/Kryptik.SKG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\5e875b5a-3bd7cc49 Java/TrojanDownloader.OpenStream.NBV trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\552fd2c8-1e945da3 a variant of Java/Agent.DM trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Desktop\BurgerKing\WhiteSmokeInstaller_9165.exe a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=21d47a98cba7894bab58bc03439ce65e
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-09-21 05:14:59
# local_time=2011-09-21 07:14:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1797 16775165 100 94 38900 53035998 31645 0
# compatibility_mode=5893 16776574 100 94 56212724 68934320 0 0
# compatibility_mode=8192 67108863 100 0 45674 45674 0 0
# compatibility_mode=9217 16777214 75 66 14127293 18456279 0 0
# scanned=860324
# found=14
# cleaned=0
# scan_time=125
C:\Users\Admin\AppData\Local\Temp\jar_cache4056103344549975675.tmp a variant of Win32/Kryptik.SKG trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26\5e875b5a-3bd7cc49 Java/TrojanDownloader.OpenStream.NBV trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8\552fd2c8-1e945da3 a variant of Java/Agent.DM trojan (unable to clean) 00000000000000000000000000000000 I
C:\Users\Admin\Desktop\BurgerKing\WhiteSmokeInstaller_9165.exe a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I
D:\Down\Directlinks\CRC-Killer.exe Win32/Packed.Autoit.D.Gen application (unable to clean) 00000000000000000000000000000000 I
D:\Windows\CameraFixer.exe probably a variant of Win32/KillProc.A application (unable to clean) 00000000000000000000000000000000 I
D:\Windows\FixCamera.exe a variant of Win32/KillProc.A application (unable to clean) 00000000000000000000000000000000 I
E:\Dokumente und Einstellungen\Arbeit\Desktop\VisualBoyAdvance\MY Stuff\UltraMixer-2.3.2-win.exe multiple threats (unable to clean) 00000000000000000000000000000000 I
E:\Dokumente und Einstellungen\Neu\Anwendungsdaten\Nyux\daop.exe Win32/Spy.Zbot.YW trojan (unable to clean) 00000000000000000000000000000000 I
E:\Dokumente und Einstellungen\Neu\Lokale Einstellungen\Temp\plugtmp\plugin-2fdp.php JS/Exploit.Pdfka.OTW.Gen trojan (unable to clean) 00000000000000000000000000000000 I
E:\Programme\Burn4Free Toolbar\v3.3.0.1\Burn4Free_Toolbar.dll Win32/Adware.Agent.NJT application (unable to clean) 00000000000000000000000000000000 I
E:\Programme\Free WMA to MP3 Converter\readmedia.dll probably a variant of Win32/PSW.Agent.BUPXGWL trojan (unable to clean) 00000000000000000000000000000000 I
E:\Programme\WarRock\System\WarRock.exe a variant of Win32/Packed.Themida application (unable to clean) 00000000000000000000000000000000 I
E:\WINDOWS\CameraFixer.exe probably a variant of Win32/KillProc.A application (unable to clean) 00000000000000000000000000000000 I
| 
Hybrid-Darstellung
