hier mal die logdatei von dem vorgang, vielleicht kann mir ja wer sagen, was los war:
Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 5098
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
12.11.2010 12:34:11
mbam-log-2010-11-12 (12-34-11).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:|F:|G:|H:|O:|)
Durchsuchte Objekte: 317835
Laufzeit: 55 Minute(n), 31 Sekunde(n)
Infizierte Speicherprozesse: 3
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 25
Infizierte Speicherprozesse:
C:\Users\Chris\AppData\Local\Temp\Ccv.exe (Trojan.FraudPack) -> Unloaded process successfully.
C:\Users\Chris\AppData\Local\Temp\Ccs.exe (Trojan.FraudPack) -> Unloaded process successfully.
C:\Windows\Cdigia.exe (Trojan.FraudPack) -> Unloaded process successfully.
Infizierte Speichermodule:
C:\Windows\System32\sshnas21.dll (Trojan.FraudPack) -> Delete on reboot.
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\U36VRSFLG6 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\metropolis (Trojan.FraudPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\u36vrsflg6 (Trojan.FraudPack) -> Quarantined and deleted successfully.
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Windows\System32\sshnas21.dll (Trojan.FraudPack) -> Delete on reboot.
C:\Users\Chris\AppData\Local\Temp\Ccv.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Ccs.exe (Trojan.FraudPack) -> Delete on reboot.
C:\Windows\Cdigia.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Opera\Opera\cache\g_000D\opr08GP9.tmp (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Opera\Opera\cache\g_000D\opr08GPA.tmp (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Opera\Opera\cache\g_000D\opr08GQH.tmp (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Opera\Opera\cache\g_000D\opr08GQI.tmp (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Cc0.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Ccp.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Ccq.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Ccr.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Cct.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Ccu.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Ccw.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Ccx.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Ccy.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\Ccz.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Users\Chris\AppData\Local\Temp\sshnas21.dll (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\sshnas21.dll (Trojan.FraudPack) -> Delete on reboot.
O:\Programme\Photoshop CS5 Extended v12.0\Keygen\keygen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.
C:\Windows\Tasks{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\Tasks{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
