Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Antiviren-, Firewall- und andere Schutzprogramme (https://www.trojaner-board.de/antiviren-firewall-andere-schutzprogramme/)
-   -   Generic Host Process for Win32 Services - Fehlermeldung (https://www.trojaner-board.de/95544-generic-host-process-for-win32-services-fehlermeldung.html)

stjohannboys 09.02.2011 17:55
Generic Host Process for Win32 Services - Fehlermeldung
 
Hallo zusammen,

bei jedem Systemstart kommt die obige Fehlermeldung. Wenn ich dann auf "Nicht senden" klicke, stockt der PC wie sonstwas.

Ich hab hier mich durchgeforstet und mit dem Malwarebytes Anti-Malware einen kompletten Scan durchgeführt. Die infizierten Dateien habe ich löschen lassen.

Zwar geht der PC nun jetzt wieder fast normal, doch die Meldung kommt nach wie vor. Allerdings lasse ich sie "links liegen" und kann somit normal arbeiten.

Hier meine Logdatei von Malwarebytes:
Zitat:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5719

Windows 5.1.2600 Service Pack 2 (Safe Mode)
Internet Explorer 6.0.2900.2180

09.02.2011 17:42:06
mbam-log-2011-02-09 (17-42-06).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 727871
Laufzeit: 2 Stunde(n), 13 Minute(n), 27 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 12
Infizierte Registrierungswerte: 3
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 12
Infizierte Dateien: 38

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{7E54CD0B-F9C1-7415-B42C-39C283A63818} (Backdoor.PoisonIvy) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Value: (default) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Value: FunWebProducts -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\dokumente und einstellungen\alexander\anwendungsdaten\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\alexander\anwendungsdaten\funwebproducts\Data (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\alexander\anwendungsdaten\funwebproducts\Data\alexander (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christoph\anwendungsdaten\Dealio (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christoph\anwendungsdaten\Dealio\res (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christoph\anwendungsdaten\Dealio\temp (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Michaela\anwendungsdaten\Dealio (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Michaela\anwendungsdaten\Dealio\res (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Michaela\anwendungsdaten\Dealio\temp (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Robert\anwendungsdaten\Dealio (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Robert\anwendungsdaten\Dealio\res (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Robert\anwendungsdaten\Dealio\temp (PUP.Dealio) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\dokumente und einstellungen\alexander\Desktop\Alex\fifa11textureeditor.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\alexander\Desktop\Alex\u96.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\alexander\Desktop\Alex\U98.exe (Adware.UltraReach) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\alexander\Desktop\corel.videostudio.pro.x3.multilingual.only.keymaker-core\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\alexander\Desktop\corel.videostudio.pro.x3.multilingual.only.keymaker-core\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297019.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297020.SCR (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297021.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297022.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297023.EXE (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297024.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297025.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297026.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297027.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297028.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297029.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297030.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297031.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297032.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297033.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297034.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297035.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1005\A0297038.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1034\A0324416.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1034\A0324417.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1037\A0330814.exe (PUP.Dealio) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP1040\A0336595.exe (Malware.Packer.gen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP975\A0274181.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
c:\system volume information\_restore{4a03de67-62a4-4cef-b507-e1e3ab23f5d5}\RP986\A0284910.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\alexander\anwendungsdaten\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\alexander\anwendungsdaten\funwebproducts\Data\alexander\avatar.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christoph\anwendungsdaten\Dealio\res\widgets.xml (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\christoph\anwendungsdaten\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Michaela\anwendungsdaten\Dealio\res\widgets.xml (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Michaela\anwendungsdaten\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Robert\anwendungsdaten\Dealio\res\widgets.xml (PUP.Dealio) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\Robert\anwendungsdaten\Dealio\temp\http___www_dealio_com_rss_coupons-deals_dotd_.xml (PUP.Dealio) -> Quarantined and deleted successfully.
Danke im voraus für eure Hilfe!

blow-in 10.02.2011 09:31
Hallo stjohannboys
Mit dieser illegalen Software
Zitat:
c:\dokumente und einstellungen\alexander\Desktop\corel.videostudio.pro.x3.multilingual.only.keymaker-core\CORE10k.EXE (Dont.Steal.Our.Software) -> Quarantined and deleted successfully.
c:\dokumente und einstellungen\alexander\Desktop\corel.videostudio.pro.x3.multilingual.only.keymaker-core\keygen.exe (Trojan.Dropper.PGen) -> Quarantined and deleted successfully.
:nono:
hast du leider die Hilfe in diesem Forum verloren.
Für diech geht es hier weiter Neuaufsetzen und in Zukunft die Finger von solchen Keygen.
Denke auch daren, deine ganzen Passworte zu ändern.


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:32 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55