| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Falsches Vista-SicherheitscenterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
03.04.2010, 06:09
| #1 |
| |  Falsches Vista-Sicherheitscenter Hallo zusammen, hier mein Log nachdem ich Malwarebytes habe drüber laufen lassen. Hoffe, alles gelöscht. Danke schon mal! Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Datenbank Version: 3930 Windows 5.1.2600 Service Pack 2 Internet Explorer 6.0.2900.2180 02.04.2010 23:34:28 mbam-log-2010-04-02 (23-34-28).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Durchsuchte Objekte: 154449 Laufzeit: 4 Stunde(n), 37 Minute(n), 36 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 5 Infizierte Registrierungswerte: 2 Infizierte Dateiobjekte der Registrierung: 7 Infizierte Verzeichnisse: 9 Infizierte Dateien: 46 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qe8qa-rrb (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.BHO.FL) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{32262652-c404-8a6a-0a44-6975a5e7e10f} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{32262652-c404-8a6a-0a44-6975a5e7e10f} (Adware.AdRotator) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_CLASSES_ROOT\.exe\shell\open\command\(default) (Hijack.ExeFile) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\secfile\shell\open\command\(default) (Rogue.MultipleAV) -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Anwendungsdaten\ave.exe" /START "C:\Programme\Mozilla Firefox\firefox.exe") Good: (firefox.exe) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Anwendungsdaten\ave.exe" /START "C:\Programme\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Anwendungsdaten\ave.exe" /START "C:\Programme\Mozilla Firefox\firefox.exe" -safe-mode) Good: (firefox.exe -safe-mode) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\.exe\(default) (Hijacked.exeFile) -> Bad: (secfile) Good: (exefile) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Infizierte Verzeichnisse: C:\Programme\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully. Infizierte Dateien: C:\Dokumente und Einstellungen\Julen\Eigene Dateien\Downloads\FLVDirect.exe (Adware.MediaPass) -> Quarantined and deleted successfully. C:\Dokumente und Einstellungen\Julen\Lokale Einstellungen\Temporary Internet Files\Content.IE5\XI07XPZC\setup[1].exe (Adware.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\Qe8qA-Rrb.exe (Adware.AdRotator) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\dskinliteu.dll (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\player.dat (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\uninstall.exe (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_default.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_disable.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Button\button_normal.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonDown.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonHot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\combobox_buttonNor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\ComboBox\edit_back.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menubg.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_arrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_check.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuitem_select.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Menu\menuItem_seperator.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_close_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_max_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_min_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_down.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_hot.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\SysButton\sys_restore_nor.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\BottomBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\downarrow.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\LeftBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\main.ico (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\RightBorder.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Programme\FLV Direct Player\SkinDirectFLV\skin\Window\TitlePattern.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully. C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully. C:\WINDOWS\system32\o_-Z_SU_A7.dll (Adware.AdRotator) -> Quarantined and deleted successfully. |
|
03.04.2010, 10:07
| #2 |
 | Falsches Vista-Sicherheitscenter Oh mein Gott...wusste garnicht, das man soviel Adware auf dem rechner haben kann!
__________________MBAM hat die ja jetzt gelöscht...und dann sollten sie weg sein! Das nächste mal bischen vorsichtiger Surfen und nicht alles Installieren, wo ein Kästchen für ein Häckchen ist....schätze mal, das das daher kam! Brain ist viel besser als jeder Virenscanner....^^ Gruss BIOTEC |
|
| Themen zu Falsches Vista-Sicherheitscenter |
| adware.adrotator, adware.flvplayer, appdatalow, content.ie5, disabled.securitycenter, firefox.exe, hijack.exefile, hijack.startmenuinternet, install.exe, mein log, rogue.multipleav |
Linear-Darstellung
