ComputerBase Menü
Aktuelles

Exe dateien werden nach Neustart nicht mehr zugeordnet

M

mogelbaum

Newbie
Registriert
Juni 2009
Beiträge
6
Gerade eben habe ich nach einem Neustart ne Desktop Fehermeldung bekommen.

Code: 
Desktop!

Die in der Registrierung angegebene Anwendung "C:\Windows\system32\msugfp.exe" 
konnte nicht geladen werden. Stellen Sie sicher das diese Datei vorhanden ist,
 der entfernen Sie den Eintrag auf diese Datei aus der Registrierung.

Also kommt bei jedem anklicken einer .exe:


z.Bsp. Firefox starten:


Code: 
Öffnen mit

Wählen Sie ein Programm aus, das Sie zum Öffnen dieser DAtei verwenden möchten:
Datei: firefox.exe


Empfohlene Programme 
xxxxxxxxxxxxxxxxxx

--------------------------------------------------------------------------------
Andere Programme
xxxxxxxxxxxxxxxxxxxxxxx

ich kann auch kéinen Haken mehr setzen um immer mit dem jeweiligen Programm auszuführen. Das Kästchen bleibt grauunterlegt.
Komisch unter Google oder andere Suchdienste finden nichts zu der "msugfp.exe"

Edit

Inzwischen habe ich gemerkt das das eher ein Virus sein muß, denn die Fehlermeldungen bei Neustarts haben immer neue .exe aufgelistet und keine davon habe ich im Internet wiedergefunden. Shätze mal der Virus hat über eine Art Zufallsgenerator irgendwelche falsche .exe's Meldungen erstellt, bis zu 5 Stck. nach einem Neustart. Nach Scan mit Spybot S&D läuft alles wieder "normal", komme aber wohl nicht um eine Formatierung herum.

Das hatte Spybot gefunden u. vorläufig entfernt:
Code: 
Microsoft.Windows.FileExe: [SBI $D204F52E] Einstellungen (Registrierungsdatenbank-Änderung, nothing done)
  HKEY_CLASSES_ROOT\.exe\

Microsoft.Windows.FileExe: [SBI $D204F52E] Einstellungen (Registrierungsdatenbank-Änderung, nothing done)
  HKEY_CLASSES_ROOT\.exe\

Microsoft.WindowsSecurityCenter_disabled: [SBI $2E20C9A9] Einstellungen (Registrierungsdatenbank-Änderung, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start

Microsoft.WindowsSecurityCenter_disabled: [SBI $2E20C9A9] Einstellungen (Registrierungsdatenbank-Änderung, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start

DNSFlush.cws: [SBI $893785D8] Autorun-Einstellungen () (Registrierungsdatenbank-Wert, nothing done)
  HKEY_USERS\S-1-5-21-3945379657-313147436-1014527770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\

DNSFlush.cws: [SBI $893785D8]  Programmdatei (Datei, nothing done)
  C:\Users\gemma\AppData\Local\Temp\hcop99p8i8.exe
  Properties.size=15001
  Properties.md5=53B2FFD04922AEEC8E7356C99729D237
  Properties.filedate=1245352000
  Properties.filedatetext=2009-06-18 21:06:39

DNSFlush.cws: [SBI $893785D8] Autorun-Einstellungen (hsf7husjnfg98gi498aejhiugjkdg4) (Registrierungsdatenbank-Wert, nothing done)
  HKEY_USERS\S-1-5-21-3945379657-313147436-1014527770-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\hsf7husjnfg98gi498aejhiugjkdg4

DNSFlush.cws: [SBI $455D41DA] Benutzereinstellungen (Registrierungsdatenbank-Änderung, nothing done)
  HKEY_USERS\S-1-5-21-3945379657-313147436-1014527770-1000\Software\Microsoft\Internet Explorer\New Windows\PopupMgr

DNSFlush.cws: [SBI $9C28881C] Benutzereinstellungen (Registrierungsdatenbank-Änderung, nothing done)
  HKEY_USERS\S-1-5-21-3945379657-313147436-1014527770-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Hidden

DNSFlush.cws: [SBI $FB926B58] Benutzereinstellungen (Registrierungsdatenbank-Änderung, nothing done)
  HKEY_USERS\S-1-5-21-3945379657-313147436-1014527770-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\HideFileExt

DNSFlush.cws: [SBI $A1906895] Benutzereinstellungen (Registrierungsdatenbank-Änderung, nothing done)
  HKEY_USERS\S-1-5-21-3945379657-313147436-1014527770-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SuperHidden

PWS.LDPinchIE: [SBI $32D83D62] Benutzereinstellungen (Registrierungsdatenbank-Wert, nothing done)
  HKEY_USERS\S-1-5-21-3945379657-313147436-1014527770-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\idstrf

Win32.Delf.rtk: [SBI $B2ADE84B]  Systemdatei (Datei, nothing done)
  C:\Windows\System32\comsa32.sys
  Properties.size=8
  Properties.md5=CEE3959C5E3B0602BB7B181607F52CFD
  Properties.filedate=1239814676
  Properties.filedatetext=2009-04-15 18:57:55

Virtumonde.sdn: [SBI $BE5502AC] Autorun-Einstellungen (sysldtray) (Registrierungsdatenbank-Wert, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysldtray

Virtumonde.sdn: [SBI $BE5502AC]  Programmdatei (Datei, nothing done)
  C:\Windows\ld10.exe
  Properties.size=14336
  Properties.md5=6060AAD45FAD480DF4E8CF4C25602322
  Properties.filedate=1245352005
  Properties.filedatetext=2009-06-18 21:06:45

Virtumonde.sdn: [SBI $37F95C42]  Ausführbare Datei (Datei, nothing done)
  C:\Windows\System32\sopidkc.exe
  Properties.size=122368
  Properties.md5=73612A84B096AA4AB11075C9D5373143
  Properties.filedate=1245358712
  Properties.filedatetext=2009-06-18 22:58:32

Virtumonde.sdn: [SBI $1A867428] Einstellungen (Registrierungsdatenbank-Schlüssel, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dhcpsrv

Virtumonde.sdn: [SBI $1A867428] Einstellungen (Registrierungsdatenbank-Schlüssel, nothing done)
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dhcpsrv


--- Spybot - Search & Destroy version: 1.6.2  (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-03-05 TeaTimer.exe (1.6.6.32)
2009-04-20 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-05-19 Includes\Adware.sbi (*)
2009-06-02 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-05-19 Includes\Dialer.sbi (*)
2009-06-02 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2009-06-09 Includes\HijackersC.sbi (*)
2009-06-16 Includes\Keyloggers.sbi (*)
2009-06-16 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-06-10 Includes\Malware.sbi (*)
2009-06-16 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-06-17 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-06-02 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-04-07 Includes\Spyware.sbi (*)
2009-06-02 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-06-17 Includes\Trojans.sbi (*)
2009-06-17 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll
 
Zuletzt bearbeitet:
... diese Datei ist eigenartig: hcop99p8i8.exe. Lass doch auch mal AntiVir durchlaufen. Wenn es keinen Fund mehr gibt, ist eigentlich alles wieder in Ordnung.
 
Weisst Du was noch eigenartiger war. Als ich Malwarebytes Antimalware nach Spybot drüber laufen liess. Kam eine so extreme Menge an Funde aus den Funden habe ich ein paar Dateien erkannt die nach jedem Neustart per Fehlermeldung beschrieben wurden. Seit die Probleme mit der Zuordnung der .exe Dateien und fehlen der Sytemwiederherstellung auftauchten und das ich nicht in regedit kam, kamen bei einem Neustart immer dieselben ca. 5 Fehlermeldungen nur mit immer wieder variierenden .exe Dateien wie:
mselor.exe
mshgt.exe
msiexzgj.exe
ulmgod.exe
msulmgod.exe

Da auch google keine einzige von den .exe's finden konnte bin ich skeptisch geworden

Nur diese msugfp.exe Meldung war immer gleich und das war auch immer die erste

Code: 
Desktop!

Die in der Registrierung angegebene Anwendung "C:\Windows\system32\[COLOR="Red"]msugfp.exe[/COLOR]" 
konnte nicht geladen werden. Stellen Sie sicher das diese Datei vorhanden ist,
der entfernen Sie den Eintrag auf diese Datei aus der Registrierung.

Auszüge v. Malwarebytes log

Code: 
Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{b2c7b2a1-00f3-42bd-f434-00aaba2c8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b2c7b2a1-00f3-42bd-f434-00aaba2c8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dfgdjhse5rjfmkfsderhkldtd576ogd80 (Rootkit.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\glaide32 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\driver (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\driverdrv (Trojan.Downloader) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\exec (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{b2c7b2a1-00f3-42bd-f434-00aaba2c8952} (Trojan.Ertfor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\WINID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateNew (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\run (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\driver (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Downloader) -> Data: c:\windows\system32\msiygjv.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.bat\(default) (Hijacked.BatFile) -> Bad: (csfile) Good: (batfile) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\.com\(default) (Hijacked.ComFile) -> Bad: (csfile) Good: (comfile) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
C:\Windows\System32\3361 (Trojan.Downloader) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Windows\SysWOW64\3361\services.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\msmigp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\gsf83iujid.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
c:\Windows\dfgdjhse5rjfmkfsderhkldtd576ogd81.exe (Rootkit.Agent) -> Quarantined and deleted successfully.
c:\Windows\System32\install.log (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\lsass.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msdrqk.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msduwe.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msdxe.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msdxtglv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msebu.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mseed.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mselor.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mseoarp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mseonlkr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mseqjll.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mserjhhg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msexckzi.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msexugat.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mseycaim.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msezxudh.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msffymw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msfggq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msfigd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msfirde.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msfyvt.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msfzlnyk.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msgbx.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msgery.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msggnu.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msgjiz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msgnzw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msgoa.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msgoh.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
csuccessfully.
c:\Windows\System32\msmabxy.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmaqe.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmdot.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmedyfq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmeiqg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmks.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmmfnao.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmnbsl.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmoszcz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmphxh.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmqbsm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmsar.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmzt.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msmzvy.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msnczn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msnda.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msndxesj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msnjryqd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msnlwpa.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msnpiacv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msnqzlkw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msnra.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msnvrkxj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msodyc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msoelrrn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msomq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msomto.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msorgilw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msormfjd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msozo.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mspmle.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mspneq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mspskr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mspwwef.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mspzxn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqdjjj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqetba.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqew.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqhitqt.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqji.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqmxkn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqpb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqqz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqsmdl.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqth.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msqvm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msrhzt.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msrhzy.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msrurbu.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msrux.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msrvphb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msrvxmbf.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msrxcq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msrzpyaq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mssctx.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mssgu.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msshkg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mssobsx.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msswa.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mssxredb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mssyqpug.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msszgy.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msszqpj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mstam.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mstdggt.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mstffhn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mstoxme.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mstwgcfv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mstzxfcl.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msucl.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msugfp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msuhspkr.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msukz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msula.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msulmgod.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msumvm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msuuruy.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msuuxyn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msuxvey.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msvaygxk.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msvaylc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msvdgmzc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msvlmmbz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msvnabe.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msvnzbsu.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msvtrrom.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msvvuteb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msvzj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswbo.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswhsiw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswkjl.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswlbwm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswld.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswmvwpz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswnur.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswrwzno.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswxf.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswzb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mswzwg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxal.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxdjmmg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxdqfi.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxiqm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxmzm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxskui.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxueh.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxvlm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxym.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxyzln.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msxzniuw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msyaj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msychonq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msydorw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msyebymg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msyezpj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msyhmmfk.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msylzxp.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msyndymc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msypmza.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msyqvbms.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msyxvg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszakam.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszddajd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszfkt.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszfmhc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszfw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszid.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszldqh.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszlqz.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszlui.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszlypa.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\msznx.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszpxa.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\mszvudfw.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\svchost.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\tpsaxyd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\winexec.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\winres.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\dbagmtsq.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\debgx.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\XXXX\AppData\Local\Temp\dfgdjhse5rjfmkfsderhkldtd576ogd43.exe (Spyware.Agent) -> Quarantined and deleted successfully.
c:\Users\XXXX\AppData\Local\Temp\dfgdjhse5rjfmkfsderhkldtd576ogd44.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\XXXX\AppData\Local\Temp\dfgdjhse5rjfmkfsderhkldtd576ogd46.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\XXXX\AppData\Local\Temp\ro_1245352047.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\System32\3361\mlog (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\System32\3361\services.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\System32\gsf83iujid.dll (Trojan.Ertfor) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\glaide32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\beep.sys (Fake.Beep.sys) -> Quarantined and deleted successfully.
C:\Windows\System32\dncyool32.sys (Trojan.Backdoor) -> Quarantined and deleted successfully.
c:\Windows\KBPK090618.log (Malware.Trace) -> Quarantined and deleted successfully.
c:\windows\dll\RUNDLL32.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Program Files (x86)\driver\driver.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files (x86)\driver\driver.sys (Trojan.Downloader) -> Quarantined and deleted successfully.

Als Marwarebytes alles entfernt hatte kam ich wieder in die Registry und hab gleich diesen Eintrag msugfp.exe gelöscht und seitdem habe ich Ruhe. Keine Meldung bei Neustarts mehr. Alles andere klappt auch wie immer. Bis jetzt zumindest
 
... mselor.exe
mshgt.exe
msiexzgj.exe
ulmgod.exe
msulmgod.exe

das sind mit hoher Wahrscheinlichkeit miese Dateien gewesen. Wenn sie auch noch um die 10-300KB hatten, dann sogar mit Sicherheit. Installiere dir Antivir Freeware. Dann ist Ruhe.
dfgdjhse5rjfmkfsderhkldtd576ogd81.exe... Hoho :cool_alt:.
 
Du musst dich einloggen oder registrieren, um hier zu antworten.

Ähnliche Themen

kennykylestan
Interne SSD ist nicht mehr zugeordnet
2
Antworten
28
Aufrufe
882
Denniss
D
B
Festplatte wird nicht mehr zugeordnet
Antworten
13
Aufrufe
2.141
bruchmeier
B
B
Bestimmte .exe-Dateien werden nicht mehr gelöscht und sind danach gelöscht!
Antworten
8
Aufrufe
1.503
wertzuiop123
wertzuiop123
S
Externe Festplatte nach internen Einbau nicht mehr zugeordnet
Antworten
15
Aufrufe
3.747
highks
H
I
SDHC 4GB Card ist nicht mehr zugeordnet
Antworten
1
Aufrufe
1.032
wupi
wupi

Passend zum Thema

Zurück
Oben

Willkommen auf ComputerBase!

Mit Werbung weiterlesen

Besuche ComputerBase wie gewohnt mit Werbung und Tracking. Die Zustimmung ist jederzeit widerrufbar.

Details im Privacy Center und in der Liste unserer Partner. Ein Widerruf ist möglich in der Datenschutzerklärung.

… oder ComputerBase Pro bestellen

Nutze ComputerBase ohne Werbebanner, Video-Ads und Werbetracking schon für 4 €/Monat oder 36 €/Jahr.

Mehr zu ComputerBase Pro

Bereits Pro-Nutzer? Hier anmelden.

Tracking: Wir und unsere 158 Partner verarbeiten personenbezogene Daten, indem wir mit auf Ihrem Gerät gespeicherten Informationen (z. B. eindeutige Kennungen in Cookies) ein Nutzungsprofil erstellen, um z. B. Anzeigen zu personalisieren. Verarbeitungszwecke: Genaue Standortdaten und Abfrage von Geräteeigenschaften zur Identifikation, Informationen auf einem Gerät speichern und/oder abrufen, Personalisierte Anzeigen und Inhalte, Anzeigen- und Inhaltsmessungen, Erkenntnisse über Zielgruppen und Produktentwicklungen.

Impressum Kontakt Datenschutz