I NEED HELP

View previous topic View next topic Go down

I NEED HELP

Post by Helpme^^ on Mon Nov 16, 2009 12:20 pm

I need help, I get all the time these popup windows from "Windows secrurity Center", I can't do anything-.- can you please tell me how to delete it? I uploaded a screenshot to show you what it lokks like.

Helpme^^
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-11-16
OS OS : XP
Points Points : 25776
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I NEED HELP

Post by Helpme^^ on Mon Nov 16, 2009 12:22 pm

I don't know why it doesn't show the pic, it's 312.

Helpme^^
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-11-16
OS OS : XP
Points Points : 25776
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I NEED HELP

Post by Helpme^^ on Mon Nov 16, 2009 1:01 pm

Malwarebytes' Anti-Malware 1.41
Datenbank Version: 3178
Windows 5.1.2600 Service Pack 2

16.11.2009 14:01:57
mbam-log-2009-11-16 (14-01-57).txt

Scan-Methode: Quick-Scan
Durchsuchte Objekte: 127771
Laufzeit: 1 hour(s), 2 minute(s), 34 second(s)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 11
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 24

Infizierte Speicherprozesse:
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\wow64main.exe (Malware.Packer) -> Unloaded process successfully.
C:\WINDOWS\msb.exe (Trojan.Agent) -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\xml.xml (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Worm.Allaple) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9233c3c0-1472-4091-a505-5580a23bb4ac} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Active Security (Rogue.ActiveSecurity) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\CoreGuard (Rogue.CoreguardAV) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{055fd26d-3a88-4e15-963d-dc8493744b1d} (Trojan.BHO) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mailblocker (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wow64main.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\wow64main.exe (Malware.Packer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msxml71.dll (Worm.Allaple) -> Quarantined and deleted successfully.
C:\Programme\delete.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\Installer.exe (Malware.Packer) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\uacad8b.tmp (Malware.Packer) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\uacaf31.tmp (Malware.Packer) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\uacb0b8.tmp (Malware.Packer) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\uace8c8.tmp (Malware.Packer) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\uaceafa.tmp (Malware.Packer) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\uacedc9.tmp (Malware.Packer) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\wscsvc32.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\b.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\aconti.sdb (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\msb.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\a.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\c.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\d.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\e.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Dokumente und Einstellungen\Philip\Lokale Einstellungen\Temp\f.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Programme\ICQToolbar\3150\toolbaru.dll (Trojan.BHO) -> Quarantined and deleted successfully.

Helpme^^
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-11-16
OS OS : XP
Points Points : 25776
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I NEED HELP

Post by Helpme^^ on Mon Nov 16, 2009 1:06 pm

ok i downloaded malwarebytes and it cleaned up everything, thanks a lot for offering that program Big Grin

Helpme^^
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2009-11-16
OS OS : XP
Points Points : 25776
# Likes # Likes : 0

View user profile

Back to top Go down

Re: I NEED HELP

Post by Belahzur on Mon Nov 16, 2009 6:27 pm

Hello.

  • Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
    [You must be registered and logged in to see this link.]
    [You must be registered and logged in to see this link.]
  • Double click DDS.scr to run.
  • When complete, two logs will open. Save both of the report to your Desktop.
  • Copy and paste BOTH LOGS back here, use more than one post if needed.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34916
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : XP SP3 Media Centre
Points Points : 245069
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum