Antivir findet EXP/CVE-2010-4452.CE

TheBurli · 07.01.2012, 01:39

Bin im abgesicherten modus, virenscanner ist offenbar hier nicht aktiv?!
Oder kann ich anderweitig auf geöffnete programme prüfen?

EDIT:
Da ich keine offenen Programme festgestellt habe, nach deinem Plan ausgeführt. Nach dem Fix, auto Reboot im Abgesicherten Modus mit Netzwerktreibern.

Hier die .txt

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WinampAgent deleted successfully.
C:\Program Files (x86)\Winamp\winampa.exe moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\BrowserChoice deleted successfully.
File move failed. C:\Windows\SysNative\browserchoice.exe scheduled to be moved on reboot.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\MSKSSRV deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\MSPCLOCK deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\MSPQM deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\MSTEE.CxTransform deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\MSTEE.Splitter deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\WDM_DRMKAUD deleted successfully.
========== FILES ==========
C:\ProgramData\~quh3l3SOHmDGU2 moved successfully.
C:\ProgramData\~quh3l3SOHmDGU2r moved successfully.
C:\ProgramData\quh3l3SOHmDGU2 moved successfully.
C:\ProgramData\quh3l3SOHmDGU2.exe moved successfully.
C:\ProgramData\rojcXnmSQnPTbrc.exe moved successfully.
C:\ProgramData\uf0hd51mqs87866fu1i28h2h408k0m864462i0q7f6vqq moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Burli
->Temp folder emptied: 281088 bytes
->Temporary Internet Files folder emptied: 10898831 bytes
->FireFox cache emptied: 57523923 bytes
->Flash cache emptied: 805 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Surfen
->Temp folder emptied: 4833906 bytes
->Temporary Internet Files folder emptied: 2629767 bytes
->Java cache emptied: 103026 bytes
->FireFox cache emptied: 46006067 bytes
->Flash cache emptied: 19232 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 72096 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 117,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 01072012_014337

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\browserchoice.exe scheduled to be moved on reboot.
File move failed. C:\Users\Surfen\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

Antivir findet EXP/CVE-2010-4452.CE

Log-Analyse und Auswertung: Antivir findet EXP/CVE-2010-4452.CE

Antivir findet EXP/CVE-2010-4452.CE

Ähnliche Themen: Antivir findet EXP/CVE-2010-4452.CE