Hallo Alle,
ich habe hier mit diesem Rechner genau dieses selbe Problem und habe schon genau das versucht, was in dem Forum vorgeschlagen wurde. Das Problem besteht leider immernoch. Außerdem sind vorher schon alle möglichen Anty-Spy Programme schon drübergelaufen, die das Problem auch nicht lösen konnten. Ich wäre wirklich sehr dankbar für Hilfe.
Hier die Logfile:
Malwarebytes' Anti-Malware 1.26
Datenbank Version: 1122
Windows 5.1.2600 Service Pack 3
07.09.2008 11:24:09
mbam-log-2008-09-07 (11-24-09).txt
Scan-Methode: Quick-Scan
Durchsuchte Objekte: 51749
Laufzeit: 6 minute(s), 35 second(s)
Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 9
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 5
Infizierte Dateien: 21
Infizierte Speicherprozesse:
C:\WINDOWS\system32\spoolvs.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\WINDOWS\system32\printer.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\{65de966d-11d1-4bb1-bf7e-b8a273514daf} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\{5222008a-dd62-49c7-a735-7bd18ecc7350} (Rogue.VirusRemover) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2a8d06b4-1b40-009f-e531-629a59080f43} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2a8d06b4-1b40-009f-e531-629a59080f43} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\altcompare (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\virusremover2008 (Rogue.VirusRemove) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PCPrivacyCleaner (Rogue.PCPrivacyCleaner) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spoolsv (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Printer (Trojan.Agent) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Trojan.Agent) -> Data: c:\windows\shell.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe C:\WINDOWS\shell.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
Infizierte Verzeichnisse:
C:\Programme\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\append.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\xlib254.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Programme\altcmd (Trojan.Agent) -> Quarantined and deleted successfully.
Infizierte Dateien:
C:\Programme\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\altcmd\almd32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Programme\altcmd\altcmd.inf (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Programme\altcmd\altcmd32.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Programme\altcmd\uninstall.bat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spoolvs.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\printer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spoolvs.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\printer.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\shell.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\OPERNREISEFÜHRER\Desktop\VirusRemover2008.lnk (Rogue.VirusRemove) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\OPERNREISEFÜHRER\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\VirusRemover2008.lnk (Rogue.VirusRemove) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\OPERNREISEFÜHRER\Desktop\PCPrivacyCleaner.lnk (Rogue.PCPrivacyCleaner) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\OPERNREISEFÜHRER\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\PCPrivacyCleaner.lnk (Rogue.PCPrivacyCleaner) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\OPERNREISEFÜHRER\Anwendungsdaten\printer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\OPERNREISEFÜHRER\Anwendungsdaten\pcpriv.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Vielen Dank im Voraus!
Andy C. Gast |