Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Bitte um Hilfe bei Anti-Malware Report (https://www.trojaner-board.de/53640-bitte-um-hilfe-anti-malware-report.html)

Kiwuzi 07.06.2008 21:18
Bitte um Hilfe bei Anti-Malware Report
 
Hallo Leute , mein Sohn hat sich auf seinem PC etliche Trojaner eingefangen.
Ich habe bei euch auf dem Board mir einige Beiträge zu Zlob durchgelesen und folgendes gemacht.
Zu erst mit Smitfraudfix probiert , damit konnte ich vorerst die größten Probleme beheben , aber es erschienen immer noch vom Trojaner verursachte Meldungen. Dann habe ich Anti - Malware benutzt und es sieht im Moment ganz gut aus. Da ich bei euch gelesen habe man soll den Report trotzdem posten , mach ich das jetzt - auf das mir jemand sagen kann ob alles gut ist ?
Danke für eure Mühe - Kiwuzi

Malwarebytes' Anti-Malware 1.15
Datenbank Version: 838

21:09:06 07.06.2008
mbam-log-6-7-2008 (21-09-06).txt

Scan Art: Komplett Scan (C:\|)
Objekte gescannt: 111297
Scan Dauer: 20 minute(s), 18 second(s)

Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 0
Infizierte Registrierungsschlüssel: 13
Infizierte Registrierungswerte: 8
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 5
Infizierte Dateien: 17

Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)

Infizierte Speicher Module:
(Keine Malware Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\e405.e405mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\e405.e405mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6b5cfd66-1f55-4fc2-b5af-36b66e7cfe6a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6b5cfd66-1f55-4fc2-b5af-36b66e7cfe6a} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{99ba268b-4021-4739-9945-3c774217fe75} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99ba268b-4021-4739-9945-3c774217fe75} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} (Trojan.Zlob) -> Quarantined and deleted successfully.
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internetgamebox (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\e405.e405mgr (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\e405.e405mgr.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\AntiVirProtect (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\e405.e405mgr (Trojan.Zlob) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{51d81dd5-55b7-497f-95db-d356429bb54e} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.

Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\InternetGameBox (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\skins (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\favoris (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\247880 (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153798.exe (Rogue.VirusHeat) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153853.exe (Rogue.AntiVirProtect) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153855.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153856.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{0D24E212-DA42-4273-9407-6AE2E4916E91}\RP159\A0153857.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\InternetGameBox.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\language (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\uninst.exe (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\AttenteOff.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\AttenteOn.html (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\configv2_en.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\configv2_es.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\configv2_fr.xml (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\ressources\favoris\defaultv2.swf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Programme\InternetGameBox\skins\skinv2.skn (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nvs2.inf (Adware.EGDAccess) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\****\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\VirusHeat 4.4.lnk (Rogue.VirusHeat) -> Quarantined and deleted successfully.

BataAlexander 07.06.2008 21:51
Ich kann Dir sagen, das viel gefunden wurde. :D

Poste bitte noch ein HiJackThis Logfile, dann können wir weiter sehen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:00 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131