Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Blue screen bei Installation von Programmen

Blue screen bei Installation von Programmen


Log-Analyse und Auswertung: Blue screen bei Installation von Programmen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 22.10.2008, 15:13   #1
knutschi
 
Blue screen bei Installation von Programmen - Standard

Blue screen bei Installation von Programmen


Hallo zusammen,

nachdem ich seit Tagen vergeblich versuche, ein paar Progs zu installieren, damit aber jedesmal am blue screen scheitere, hab ich mal Eure Anweisungen befolgt und einen Scan laufen lassen.

Das Ergebnis (, das mich als Laie in helle Panik verfallen lässt, ) seht Ihr hier:

Malwarebytes' Anti-Malware 1.29
Datenbank Version: 1305
Windows 5.1.2600 Service Pack 2

22.10.2008 13:53:11
mbam-log-2008-10-22 (13-53-11).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 60276
Laufzeit: 5 minute(s), 7 second(s)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 8
Infizierte Registrierungsschlüssel: 29
Infizierte Registrierungswerte: 9
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 4
Infizierte Dateien: 56

Infizierte Speicherprozesse:
C:\WINDOWS\a251dHNjaGZ1c3NlbA\command.exe (Adware.CommAd) -> Failed to unload process.
C:\Programme\Network Monitor\netmon.exe (Trojan.DNSChanger) -> Unloaded process successfully.

Infizierte Speichermodule:
C:\WINDOWS\a251dHNjaGZ1c3NlbA\asappsrv.dll (Adware.CommAd) -> Delete on reboot.
C:\Programme\webHancer\Programs\webhdll.dll (Adware.Webhancer) -> Delete on reboot.
C:\WINDOWS\system32\nwqsyx.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\kjqvcn.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mcmrooec.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\lihkfz.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hgGyaYRK.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\stmqhxsb.dll (Trojan.Vundo.H) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\agadoo (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e37ccbd7-c7d7-1e85-7963-fa3cc49f2b5e} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e37ccbd7-c7d7-1e85-7963-fa3cc49f2b5e} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdservice (Adware.CommAd) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdservice (Adware.CommAd) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cmdservice (Adware.CommAd) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deewoo Network Manager (Adware.Radio) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webHancer Agent (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj.1 (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\webHancer (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c89435b0-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\whiehelperobj.whiehelperobj (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c8cb3870-cdfe-11d3-976a-00e02913a9e0} (Adware.WebHancer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\asc3550p (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877c2cd-f137-4144-bdb2-0a811492f920} (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{a394e835-c8d6-4b4b-884b-d2709059f3be} (Trojan.Network.Monitor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Network Monitor (Trojan.Service) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{dfb25425-5b62-481a-ba0b-7369d070ad3d} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{15cd15b1-f4a4-4912-97f8-a8c8ac5d8fe9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2aee7df3-aaf7-4ef1-9287-8b73777cb799} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{2aee7df3-aaf7-4ef1-9287-8b73777cb799} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15cd15b1-f4a4-4912-97f8-a8c8ac5d8fe9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{f1-11-14-48-dw} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ExploreUpdSched (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\34df11e7 (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\hggyayrk -> Delete on reboot.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\hggyayrk -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\Programme\webHancer\Programs (Adware.Webhancer) -> Delete on reboot.
C:\Programme\webHancer (Adware.Webhancer) -> Delete on reboot.
C:\Programme\Network Monitor (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\NetMon (Trojan.NetMon) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\WINDOWS\system32\vukcrsjnqqiqi.dll (Adware.BHO) -> Delete on reboot.
C:\WINDOWS\a251dHNjaGZ1c3NlbA\command.exe (Adware.CommAd) -> Delete on reboot.
C:\WINDOWS\a251dHNjaGZ1c3NlbA\asappsrv.dll (Adware.CommAd) -> Delete on reboot.
C:\Programme\webHancer\Programs\license.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Programme\webHancer\Programs\sporder.dll (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Programme\webHancer\Programs\whinstaller.exe (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Programme\webHancer\Programs\whagent.ini (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Programme\webHancer\Programs\readme.txt (Adware.Webhancer) -> Quarantined and deleted successfully.
C:\Programme\webHancer\Programs\webhdll.dll (Adware.Webhancer) -> Delete on reboot.
C:\WINDOWS\system32\zxdnt3d.cfg. (Adware.ZenoSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\beep.sys (Fake.Beep.Sys) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\winpfz33.sys (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\uninstall_nmon.vbs (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\zxdnt3d.cfg (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\config\42251460.Evt (Rootkit.Agent.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\qcntrtdl.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\atmtd.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\atmtd.dll._ (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\knutschfusel\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dwwnw64r.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gside.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\rlwnw64q.exe (Trojan.Agent) -> Delete on reboot.
C:\Programme\Network Monitor\netmon.exe (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\NetMon\log.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\NetMon\domains.txt (Trojan.NetMon) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\knutschfusel\Lokale Einstellungen\Temp\cmdinst.exe (Trojan.Proxy) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hgGVLBsS.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\geBsttQK.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\euleob.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lalklgfd.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\vvomcply.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nbyfcsjk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nwqsyx.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\hmayno.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\hphikhtu.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\kjqvcn.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\KRYayGgh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\iwhpsiuy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lgrsruhy.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\mcmrooec.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\gbsngmil.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\poygfwjw.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wjwfgyop.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lihkfz.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\hgGyaYRK.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\lytprkbh.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\KRYayGgh.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yhursrgl.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yuisphwi.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uthkihph.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\limgnsbg.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\stmqhxsb.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\bsxhqmts.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.



Kann mir dazu jemand was sagen? Möchte ja zukünftig solche Probleme nicht mehr unbedingt haben.

Hab auch noch nicht versucht, die Progs nach dem Scan (der jetzt ohne infizierte Dateien oder Ordner durchgelaufen ist:aplaus zu installieren. Ich trau mich nicht...

knutschi

Antwort

Themen zu Blue screen bei Installation von Programmen
adware.agent, adware.bho, adware.webhancer, anti-malware, browser, controlset002, dateien, einstellungen, ergebnis, explorer, failed, helper, installation, internet, internet explorer, lsass.exe, malware.trace, microsoft, monitor, notification, ordner, probleme, programme, registrierungsschlüssel, rootkit.agent, scan, software, system, system32, temp, trojan.agent, trojan.downloader, trojan.netmon, trojan.proxy, trojan.vundo, unbedingt


« Rechner funzt nur im abgesicherten Modus TR/Fakealert.QE | Meldung "Your computer is infected!" in Task-Leiste »


Ähnliche Themen: Blue screen bei Installation von Programmen


  1. Seltsamer Blue-Screen... .
    Plagegeister aller Art und deren Bekämpfung - 03.05.2015 (3)
  2. Blue Screen
    Plagegeister aller Art und deren Bekämpfung - 17.07.2014 (31)
  3. Blue Screen: USB-Video.sys
    Alles rund um Windows - 11.01.2014 (3)
  4. Blue Screen (pacer.sys)
    Alles rund um Windows - 29.12.2013 (41)
  5. Blue Screen Win7
    Plagegeister aller Art und deren Bekämpfung - 01.07.2013 (35)
  6. Blue Screen Auswertung
    Log-Analyse und Auswertung - 24.09.2012 (1)
  7. Blue Screen bei PC Spiel
    Alles rund um Windows - 06.02.2012 (43)
  8. Blue Screen seit Windows 7 installation
    Alles rund um Windows - 20.12.2011 (2)
  9. Sporadisch Blue Screen
    Log-Analyse und Auswertung - 24.08.2011 (8)
  10. Virus : Windows Installation danach Blue Screen
    Log-Analyse und Auswertung - 21.05.2011 (17)
  11. Blue Screen Absturz
    Alles rund um Windows - 14.04.2011 (42)
  12. blue screen....shutdown....
    Log-Analyse und Auswertung - 11.11.2010 (1)
  13. Blue Screen of Death :(
    Alles rund um Windows - 11.11.2009 (10)
  14. Blue screen 0x0000008E
    Plagegeister aller Art und deren Bekämpfung - 15.04.2009 (2)
  15. blue screen
    Netzwerk und Hardware - 01.01.2009 (1)
  16. Blue Screen (Vista)
    Log-Analyse und Auswertung - 23.07.2008 (1)
  17. Blue Screen bei System Scan mit verschiedenen AV Programmen
    Plagegeister aller Art und deren Bekämpfung - 11.03.2007 (29)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Blue screen bei Installation von Programmen - Hallo zusammen, nachdem ich seit Tagen vergeblich versuche, ein paar Progs zu installieren, damit aber jedesmal am blue screen scheitere, hab ich mal Eure Anweisungen befolgt und einen Scan laufen - Blue screen bei Installation von Programmen...
Archiv
Du betrachtest: Blue screen bei Installation von Programmen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131