Maleware Probleme - Malewarebytes Bericht

Daniong

Hallo,

Seit ein paar Tagen wird Werbung vom IE geladen ohne das ich irgendetwas mache. Mein AntiVir meldet Malware. Deswegen habe ich mal Malewarebytes durchlaufen lassen und hier ist der Bericht:


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 6502

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.19048

04.05.2011 00:01:32
mbam-log-2011-05-04 (00-01-32).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 160011
Laufzeit: 8 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 1
Infizierte Dateien: 12

Infizierte Speicherprozesse:
c:\Windows\Mquzia.exe (Trojan.Downloader) -> 3980 -> Unloaded process successfully.
c:\Users\Neu\AppData\Local\Temp\Mp2.exe (Trojan.Downloader) -> 6612 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\GHWAUC6NNZ (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ICS5R7Y0OS (Trojan.FakeAlert.SA) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\GHWAUC6NNZ (Trojan.Downloader) -> Value: GHWAUC6NNZ -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\4E3E0230AEBB4E96 (Trojan.SpyEyes) -> Value: 4E3E0230AEBB4E96 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (hxxp://www.helpmeopen.com/?n=app&ext=%s) Good: (hxxp://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
c:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Windows\Mquzia.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Neu\AppData\Local\Temp\Mp2.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Neu\AppData\Local\Temp\Mp1.exe (Trojan.Downloader) -> Delete on reboot.
c:\Users\Neu\AppData\Local\Temp\Mp0.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Neu\AppData\Local\Temp\Mpz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Neu\AppData\Local\Temp\349114.uninstall\uninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\Neu\AppData\Local\Temp\icreinstall\aviconvertersetup.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{22116563-108c-42c0-a7ce-60161b75e508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{bbaeaeaf-1275-40e2-bd6c-bc8f88bd114a}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{810401e2-dde0-454e-b0e2-aa89c9e5967c}.job (Trojan.FraudPack) -> Quarantined and deleted successfully.
c:\Recycle.Bin\recycle.bin.exe (Trojan.SpyEyes) -> Quarantined and deleted successfully.
c:\Recycle.Bin\config.bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.


Ich hoffe ihr könnt mir helfen!

Liebe Grüße Daniong