Rechner mit XP-Antivirus 2011 infiziert

Santelmo · 31.03.2011, 08:39

Hallo Arne,

ich habe den Fix mit OTL angewandt, anbei das Log File. Allerdings kann ich die automatischen Updates immer noch nicht aktivieren und auch die Windows Update Seite funktioniert noch nicht.

Hier das von OTL erstellte Logfile:

All processes killed
========== OTL ==========
C:\Documents and Settings\All Users\Application Data\5nfu81broaes3q06d moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:mfvwajrk.dll deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders:mpevsjed.dll deleted successfully.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator

User: Administrator.DDT
->Temp folder emptied: 379637 bytes
->Temporary Internet Files folder emptied: 735830 bytes
->FireFox cache emptied: 18072504 bytes
->Flash cache emptied: 456 bytes

User: All Users

User: AllysonM
->Temp folder emptied: 870391 bytes
->Temporary Internet Files folder emptied: 52260595 bytes
->Java cache emptied: 25494212 bytes
->FireFox cache emptied: 60094677 bytes
->Flash cache emptied: 1299 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 96688372 bytes
->Flash cache emptied: 649 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 375326277 bytes
->Flash cache emptied: 1179 bytes

User: NicoleJ
->Temp folder emptied: 29697057 bytes
->Temporary Internet Files folder emptied: 16744786 bytes
->Java cache emptied: 50987279 bytes
->FireFox cache emptied: 83281866 bytes
->Flash cache emptied: 36402 bytes

User: ShahidB
->Temp folder emptied: 19507252 bytes
->Temporary Internet Files folder emptied: 10768179 bytes
->FireFox cache emptied: 66402395 bytes
->Flash cache emptied: 405 bytes

User: ShahidB.WS503
->Temp folder emptied: 673611 bytes
->Temporary Internet Files folder emptied: 14282259 bytes
->FireFox cache emptied: 53351994 bytes
->Flash cache emptied: 592 bytes

User: user
->Temp folder emptied: 4341154 bytes
->Temporary Internet Files folder emptied: 4596266 bytes

User: __sbs_netsetup__
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: __sbs_netsetup__.ALLYSON
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: __sbs_netsetup__.TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: __sbs_netsetup__.TESTER
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: __sbs_netsetup__.WS503
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2402044 bytes
%systemroot%\System32 .tmp files removed: 2007057 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16366167 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 959.00 mb

OTL by OldTimer - Version 3.2.22.3 log created on 03312011_082934

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Z18KGH8B\google_es[3].txt not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Z18KGH8B\landing_impCAV0G20T.php moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Z18KGH8B\redirect[8].htm moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\Z18KGH8B\xd_proxy[1].php moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\312319[1].txt not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\answer[1].py moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\fan[1].php not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\iframe3CAFWH05L.htm moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\jump2[1].htm moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\jump2[2].htm moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\landing_impCAYJX30K.php moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\MzswOzUxNjIzOzE5NTA3OzEwNTc5OzQ2NDE1OzA7MTMwMTU1NjU0MDc5OQ[1].htm moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\playCA35D2YL.html moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\playCAOCR4LO.html moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\playCAWJSULO.html moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\UTTQT9O4\restserver[1].php moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U36U33KP\landing_impCAETSK5W.php moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U36U33KP\playCA2IHHU7.html not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U36U33KP\playCA96C33M.html moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U36U33KP\playCA9OSQRC.html not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U36U33KP\playCACPPM8Y.html moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U36U33KP\recommendation[1].txt not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U36U33KP\search[1].txt moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\U36U33KP\stCAU4O306 moved successfully.
File\Folder C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\HOHONTDY\background_gradient[1] not found!
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\HOHONTDY\MzswOzUxNjIzOzE5NTA3OzEwNTc5OzQ2NDE1OzA7MTMwMTU1NjUxNzQwNw[1].htm moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\HOHONTDY\playCAXT7IQZ.html moved successfully.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\HOHONTDY\preferences[2].txt moved successfully.

Registry entries deleted on Reboot...

Vielen Dank für deine Hilfe!

Rechner mit XP-Antivirus 2011 infiziert

Log-Analyse und Auswertung: Rechner mit XP-Antivirus 2011 infiziert

Rechner mit XP-Antivirus 2011 infiziert

Ähnliche Themen: Rechner mit XP-Antivirus 2011 infiziert