Malwarebytes' Anti-Malware 1.41 Datenbank Version: 2775 Windows 5.1.2600 Service Pack 3 01.10.2009 20:08:17 mbam-log-2009-10-01 (20-08-17).txt Scan-Methode: Quick-Scan Durchsuchte Objekte: 99924 Laufzeit: 11 minute(s), 8 second(s) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 7 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 6 Infizierte Verzeichnisse: 0 Infizierte Dateien: 8 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8bc6346b-ffb0-4435-ace3-faca6cd77816} (Trojan.BHO.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8bc6346b-ffb0-4435-ace3-faca6cd77816} (Trojan.BHO.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\AppID\{73364d99-1240-4dff-b12a-67e448373148} (Trojan.Bzub) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\RX ToolBar (Adware.RXToolbar) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Helper (Trojan.Banker) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\instcat (Worm.Locksky) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ntio256 (Rootkit.Agent) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.66 85.255.112.61 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{b9d1cb10-b497-4f68-8d4c-d02ab03c854b}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.66,85.255.112.61 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.66 85.255.112.61 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{b9d1cb10-b497-4f68-8d4c-d02ab03c854b}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.116.66,85.255.112.61 -> Quarantined and deleted successfully. Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: C:\DOKUME~1\Standard\LOKALE~1\Temp\MegaHost.dll (Trojan.BHO.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\cookie.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\help.txt (Stolen.data) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ps.a3d (Stolen.data) -> Quarantined and deleted successfully. C:\WINDOWS\system32\ps.dat (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\stt82.ini (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\smdat32a.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\smdat32m.sys (Rootkit.Agent) -> Quarantined and deleted successfully.