Malwarebytes' Anti-Malware 1.31 Datenbank Version: 1463 Windows 6.0.6001 Service Pack 1 05.12.2008 20:05:58 mbam-log-2008-12-05 (20-05-58).txt Scan-Methode: Quick-Scan Durchsuchte Objekte: 47208 Laufzeit: 3 minute(s), 34 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 1 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 19 Infizierte Verzeichnisse: 1 Infizierte Dateien: 1 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Tribute Service (Trojan.Agent) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{592fa153-2214-4123-8ca6-e3861a1c6740}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b1a7de28-4a4d-4002-b0da-e67993636f82}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{592fa153-2214-4123-8ca6-e3861a1c6740}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Delete on reboot. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{b1a7de28-4a4d-4002-b0da-e67993636f82}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{05a1afd2-c55b-41c7-942b-bfe68b1f739c}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{592fa153-2214-4123-8ca6-e3861a1c6740}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{592fa153-2214-4123-8ca6-e3861a1c6740}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{91d2a0e2-fed1-417f-866f-dc44c7e530a3}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{b1a7de28-4a4d-4002-b0da-e67993636f82}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.156;85.255.112.190 -> Quarantined and deleted successfully. Infizierte Verzeichnisse: C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully. Infizierte Dateien: C:\resycled\boot.com (Trojan.DNSChanger) -> Quarantined and deleted successfully.