Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
searchqu.com/413

searchqu.com/413


Plagegeister aller Art und deren Bekämpfung: searchqu.com/413

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 11.09.2011, 13:52   #1
friecky
 
searchqu.com/413 - Standard

searchqu.com/413


Hab wie besprochen das Programm FreeFlvConverter gelöscht (über Systemsteuerung Programme) und bei meinem Firefox wieder die Google- als Startseite eingetragen.
Danach habe ich den OTL-Fix durchgeführt. Nach dem Neustart funktionierte Firefox kurzfristig nicht. Nachdem ich den IE geladen und wieder geschlossen haben, hat der Firefox auch wieder funktioniert (Startseite Google )

Hier die log von OTL

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll moved successfully.
Prefs.js: "Web Search" removed from browser.search.defaultenginename
Prefs.js: "Web Search" removed from browser.search.order.1
Prefs.js: "Web Search" removed from browser.search.selectedEngine
Prefs.js: "hxxp://www.searchqu.com/413" removed from browser.startup.homepage
Prefs.js: o2cplayer@eleco.com:2.0.0.56 removed from extensions.enabledItems
Prefs.js: "hxxp://dts.search-results.com/sr?src=ffb&appid=0&systemid=413&q=" removed from keyword.URL
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\components folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\skin folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\locale\EN-US folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\locale folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome\content folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402}\chrome folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\{B922D405-6D13-4A2B-AE89-08A030DA4402} folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\search@searchsettings.com\COMPONENTS folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\search@searchsettings.com\CHROME\LOCALE\EN-US folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\search@searchsettings.com\CHROME\LOCALE folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\search@searchsettings.com\CHROME\CONTENT folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\search@searchsettings.com\CHROME folder moved successfully.
C:\Program Files (x86)\mozilla firefox\extensions\search@searchsettings.com folder moved successfully.
Folder move failed. C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\COFFPLGN_2011_7_1_3\content scheduled to be moved on reboot.
Folder move failed. C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\COFFPLGN_2011_7_1_3\components scheduled to be moved on reboot.
Folder move failed. C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\COFFPLGN_2011_7_1_3\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\COFFPLGN_2011_7_1_3\chrome scheduled to be moved on reboot.
Folder move failed. C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\COFFPLGN_2011_7_1_3 scheduled to be moved on reboot.
Folder move failed. C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPLGN\components scheduled to be moved on reboot.
Folder move failed. C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPLGN\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPLGN\chrome scheduled to be moved on reboot.
Folder move failed. C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\IPSFFPLGN scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ scheduled to be deleted on reboot.
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}\ .
File move failed. C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll scheduled to be moved on reboot.
Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ scheduled to be deleted on reboot.
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}\ .
File move failed. C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
C:\PROGRA~2\WI9130~1\Datamngr\ToolBar\searchqudtx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
File move failed. C:\PROGRA~2\WI9130~1\Datamngr\BROWSE~1.DLL scheduled to be moved on reboot.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ deleted successfully.
C:\Program Files (x86)\pdfforge Toolbar\WidgiToolbarIE.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}\ not found.
File C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ .
File move failed. C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
File C:\PROGRA~2\WI9130~1\Datamngr\ToolBar\searchqudtx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}\ not found.
File C:\Program Files (x86)\pdfforge Toolbar\WidgiToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Unable to delete registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ .
File move failed. C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DATAMNGR deleted successfully.
File move failed. C:\PROGRA~2\WI9130~1\Datamngr\DATAMN~1.EXE scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\eRecoveryService deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NWEReboot deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully.
C:\Program Files (x86)\pdfforge Toolbar\SearchSettings.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{631516c2-3ce7-11db-acfe-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{631516c2-3ce7-11db-acfe-806d6172696f}\ not found.
File D:\AUTORUN\AUTORUN.EXE not found.
ADS E:\Desktop\Bonhoeffer.avi:TOC.WMV deleted successfully.
========== FILES ==========

Antwort

Themen zu searchqu.com/413
als startseite, browser, browsern, entferne, entfernen, erscheint, firefox, google, guten, interne, internet, löschen, meldung, morgen, neustart, norton, norton internet security, problem, programm, richtig, searchqu.com/413 in browser, security, seite, spybot, startseite, trojaner


« jashla.exe/Bundespolizei-Scareware plötzlich nicht mehr auffindbar | PC hängt sich auf »


Ähnliche Themen: searchqu.com/413


  1. Vista - Malwarebytes findet http://www.searchqu.com/406 und PUP.Optional.Searchqu.A
    Log-Analyse und Auswertung - 16.09.2013 (5)
  2. Searchqu Toolbar
    Log-Analyse und Auswertung - 17.06.2013 (3)
  3. und nochmal searchqu
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (14)
  4. Problem mit Searchqu
    Plagegeister aller Art und deren Bekämpfung - 17.06.2012 (43)
  5. searchqu.com/406
    Plagegeister aller Art und deren Bekämpfung - 24.01.2012 (12)
  6. http://www.searchqu.com/406
    Log-Analyse und Auswertung - 10.01.2012 (24)
  7. searchqu eingefangen!
    Log-Analyse und Auswertung - 02.01.2012 (1)
  8. www.searchqu.com/410 in der Adressleiste
    Plagegeister aller Art und deren Bekämpfung - 14.12.2011 (26)
  9. Startseite www.searchqu.com/406
    Plagegeister aller Art und deren Bekämpfung - 02.12.2011 (5)
  10. searchqu.com/406
    Plagegeister aller Art und deren Bekämpfung - 03.11.2011 (27)
  11. searchqu.com/406
    Log-Analyse und Auswertung - 30.09.2011 (24)
  12. Trojaner www.searchqu.com/410
    Plagegeister aller Art und deren Bekämpfung - 21.09.2011 (1)
  13. searchqu.com/413
    Log-Analyse und Auswertung - 04.09.2011 (34)
  14. searchqu.com/413
    Log-Analyse und Auswertung - 22.08.2011 (1)
  15. Probleme mit searchqu.com/410
    Log-Analyse und Auswertung - 21.08.2011 (1)
  16. Searchqu ...
    Plagegeister aller Art und deren Bekämpfung - 17.08.2011 (2)
  17. www.searchqu.com/406
    Log-Analyse und Auswertung - 05.08.2011 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema searchqu.com/413 - Hab wie besprochen das Programm FreeFlvConverter gelöscht (über Systemsteuerung Programme) und bei meinem Firefox wieder die Google- als Startseite eingetragen. Danach habe ich den OTL-Fix durchgeführt. Nach dem Neustart funktionierte - searchqu.com/413...
Archiv
Du betrachtest: searchqu.com/413 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19