![]() |
|
Log-Analyse und Auswertung: Trojan.Win32.genericWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
| ![]() Trojan.Win32.generic Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Datenbank Version: 6674 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 25.05.2011 18:23:07 mbam-log-2011-05-25 (18-23-07).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 158647 Laufzeit: 10 Minute(n), 14 Sekunde(n) Infizierte Speicherprozesse: 1 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 11 Infizierte Registrierungswerte: 5 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 7 Infizierte Dateien: 7 Infizierte Speicherprozesse: c:\dokumente und einstellungen\Norbert\anwendungsdaten\windefender.exe (Malware.Packer.GenX) -> 2620 -> Unloaded process successfully. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_CLASSES_ROOT\CLSID\{6F6E86F1-FD0D-BBAB-B14B-B3B972BFFBDA} (Malware.Packer.GenX) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6F6E86F1-FD0D-BBAB-B14B-B3B972BFFBDA} (Malware.Packer.GenX) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{6F6E86F1-FD0D-BBAB-B14B-B3B972BFFBDA} (Malware.Packer.GenX) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{1CYI8Q51-31AK-XUS8-3J02-75AQVK4214G7} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1CYI8Q51-31AK-XUS8-3J02-75AQVK4214G7} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{1CYI8Q51-31AK-XUS8-3J02-75AQVK4214G7} (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{31P7J017-R14K-51TO-1455-83255AAI2P3G} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{31P7J017-R14K-51TO-1455-83255AAI2P3G} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{31P7J017-R14K-51TO-1455-83255AAI2P3G} (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Defender (Malware.Packer.GenX) -> Value: Windows Defender -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Windows Defender (Malware.Packer.GenX) -> Value: Windows Defender -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Defender (Malware.Packer.GenX) -> Value: Windows Defender -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKCU (Trojan.Agent) -> Value: HKCU -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\HKLM (Trojan.Agent) -> Value: HKLM -> Quarantined and deleted successfully. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\dokumente und einstellungen\Norbert\anwendungsdaten\Baidu (Trojan.Cinmus) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Norbert\anwendungsdaten\Baidu\Toolbar (Trojan.Cinmus) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Norbert\anwendungsdaten\Baidu\Toolbar\custom buttons (Trojan.Cinmus) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Norbert\anwendungsdaten\windefender (Rogue.WinDefender) -> Quarantined and deleted successfully. c:\programme\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully. c:\programme\funwebproducts\Installr\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully. Infizierte Dateien: c:\dokumente und einstellungen\Norbert\anwendungsdaten\windefender.exe (Malware.Packer.GenX) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Norbert\anwendungsdaten\data.dat (Stolen.Data) -> Quarantined and deleted successfully. c:\extracted\password.txt (Malware.Trace) -> Quarantined and deleted successfully. c:\WINDOWS\system32\install\server.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\WINDOWS\system32\sed.dll (Trojan.Koobface) -> Quarantined and deleted successfully. c:\WINDOWS\sys32\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\dokumente und einstellungen\Norbert\anwendungsdaten\Baidu\Toolbar\custom buttons\custom.xml (Trojan.Cinmus) -> Quarantined and deleted successfully. |
Themen zu Trojan.Win32.generic |
active, anti-malware, baidu, bösartige, dateien, dokumente, einstellungen, explorer, gen, malware.packer.genx, malwarebytes, microsoft, minute, process, programme, rogue.windefender, server.exe, service, setup, software, svchost.exe, system, system32, toolbar, troja, trojan.agent, trojan.cinmus, trojan.win32.generic, value, version |