| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: GVU Trojaner mit Malwarebyte entfernt, aber vollständig?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
31.08.2012, 18:36
| #3 |
 |  GVU Trojaner mit Malwarebyte entfernt, aber vollständig? Moin, erstmal ein rieeeßen
__________________ für diesen TOP Service hier  Ich habe die Anleitung soweit abgearbeitet: 1. OTL Code:
ATTFilter All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "file:///C:\\Users\\Jonas\\AppData\\Local\\Temp\\proxtube.pac" removed from network.proxy.autoconfig_url
Prefs.js: "localhost" removed from network.proxy.http
Prefs.js: 9666 removed from network.proxy.http_port
Prefs.js: "localhost" removed from network.proxy.socks
Prefs.js: 9050 removed from network.proxy.socks_port
Prefs.js: true removed from network.proxy.socks_remote_dns
Prefs.js: "localhost" removed from network.proxy.ssl
Prefs.js: 9666 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EDO-Soft Sticky Notes deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLinkedConnections deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\An OneNote s&enden\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xcel exportieren\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\An OneNote s&enden\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xcel exportieren\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\ProgramData\nud0repor.pad moved successfully.
========== FILES ==========
C:\Users\Jonas\AppData\Local\{015B02CE-1CE5-4775-A243-FA136396EFCD} folder moved successfully.
C:\Users\Jonas\AppData\Local\{05FD327B-F65E-4CB0-90CB-F8850748880B} folder moved successfully.
C:\Users\Jonas\AppData\Local\{0606CCBC-64A8-43DB-A8BB-ABA0A0F1DCE5} folder moved successfully.
C:\Users\Jonas\AppData\Local\{0804B4C8-87A2-4B71-8B8B-077687BD6547} folder moved successfully.
C:\Users\Jonas\AppData\Local\{0996F430-C371-42DC-8C52-C863D48B60BF} folder moved successfully.
C:\Users\Jonas\AppData\Local\{09AE1C81-5318-4FB5-BC37-12D2920DDF4A} folder moved successfully.
C:\Users\Jonas\AppData\Local\{113577F8-4CEB-4EBD-8EFD-D2E2AA64B254} folder moved successfully.
C:\Users\Jonas\AppData\Local\{15810115-4A18-4BEA-A07C-BEF8C53AA7C8} folder moved successfully.
C:\Users\Jonas\AppData\Local\{1A03E34A-D523-49B7-8B9D-4E37B14734E7} folder moved successfully.
C:\Users\Jonas\AppData\Local\{20D0F74F-596D-4BA6-9B02-B04DE9990771} folder moved successfully.
C:\Users\Jonas\AppData\Local\{20E985BF-DC13-4536-AF23-D8BC4002D144} folder moved successfully.
C:\Users\Jonas\AppData\Local\{2714F040-DD0F-4294-A6EB-EDB81CB51BF7} folder moved successfully.
C:\Users\Jonas\AppData\Local\{2BF0C356-12F7-4B8C-B3D8-022C2EA24DE7} folder moved successfully.
C:\Users\Jonas\AppData\Local\{2ED1AFF1-FB5F-4FB0-9F07-DE395714B050} folder moved successfully.
C:\Users\Jonas\AppData\Local\{34DBF5EC-C3F2-4565-9723-8B50C72AA52D} folder moved successfully.
C:\Users\Jonas\AppData\Local\{3752D84D-043E-44C5-835F-2938CA5E938D} folder moved successfully.
C:\Users\Jonas\AppData\Local\{3760B608-7411-4856-BD7C-F82C5F177C62} folder moved successfully.
C:\Users\Jonas\AppData\Local\{3C8B103B-7BDB-4C0F-9F35-F5CCC8986AE8} folder moved successfully.
C:\Users\Jonas\AppData\Local\{40D72B1D-64AA-4B93-9B92-4162B0B3CD0F} folder moved successfully.
C:\Users\Jonas\AppData\Local\{41650DF7-6EBB-4738-A7B4-2D32925E6017} folder moved successfully.
C:\Users\Jonas\AppData\Local\{4611DFC8-32B9-48B0-92DD-52E35E486226} folder moved successfully.
C:\Users\Jonas\AppData\Local\{4F3873B7-D6E6-47A4-A97A-75E201B4B595} folder moved successfully.
C:\Users\Jonas\AppData\Local\{6094402A-AAA6-422D-BDBF-3716ED5028F5} folder moved successfully.
C:\Users\Jonas\AppData\Local\{6940EA01-92D9-41E2-9A64-8E7792E072B9} folder moved successfully.
C:\Users\Jonas\AppData\Local\{71A57F2C-FD8D-481E-948F-AADAD9B0BE9B} folder moved successfully.
C:\Users\Jonas\AppData\Local\{723B8E45-57D8-4F7B-9087-D54DE86F9CF1} folder moved successfully.
C:\Users\Jonas\AppData\Local\{743C5480-3509-4E47-9686-00F55EB58197} folder moved successfully.
C:\Users\Jonas\AppData\Local\{7674999A-1E5A-4026-9617-7E9F01C9EBB0} folder moved successfully.
C:\Users\Jonas\AppData\Local\{7709E1BF-D2B7-41A4-BD0F-5F7DDE15ABC8} folder moved successfully.
C:\Users\Jonas\AppData\Local\{77642D08-277E-4AED-8265-BBB786308136} folder moved successfully.
C:\Users\Jonas\AppData\Local\{7D0A8C8D-8CB6-4318-AAF1-84D3D36D23DF} folder moved successfully.
C:\Users\Jonas\AppData\Local\{7DEA4DDA-95EB-49BA-8D59-417A25777AC1} folder moved successfully.
C:\Users\Jonas\AppData\Local\{7FFC4822-E43A-4D0F-B2D5-039E26D5D682} folder moved successfully.
C:\Users\Jonas\AppData\Local\{81B84E83-6EB1-4D62-A25F-B9AAADAEA8D3} folder moved successfully.
C:\Users\Jonas\AppData\Local\{841556EE-3CDF-4754-95C8-98127752CEAE} folder moved successfully.
C:\Users\Jonas\AppData\Local\{84D0C9DC-4343-4F93-BDCA-E95DFA387C98} folder moved successfully.
C:\Users\Jonas\AppData\Local\{8E429753-ECCC-4D72-9AFA-3A451B01C4E0} folder moved successfully.
C:\Users\Jonas\AppData\Local\{961B440C-0A43-40F0-82BE-11F846E56583} folder moved successfully.
C:\Users\Jonas\AppData\Local\{9809F4E7-A863-496C-9D7F-0C4FAA88F994} folder moved successfully.
C:\Users\Jonas\AppData\Local\{9CFB24D6-3C89-4446-80F1-7794CF906FFC} folder moved successfully.
C:\Users\Jonas\AppData\Local\{A55A4F0D-9950-4E08-8381-59E27B725119} folder moved successfully.
C:\Users\Jonas\AppData\Local\{A86C8488-C927-49D9-A6D0-46A6DDAA4892} folder moved successfully.
C:\Users\Jonas\AppData\Local\{AAAF1E27-5DED-4B91-B82B-F7744A19511A} folder moved successfully.
C:\Users\Jonas\AppData\Local\{AE40D882-2D66-4BA6-AB46-BE0FB5F9C597} folder moved successfully.
C:\Users\Jonas\AppData\Local\{B0051270-285C-43B7-8B52-078DD023F83D} folder moved successfully.
C:\Users\Jonas\AppData\Local\{B26AED9F-B158-4879-A331-510A801A2CD1} folder moved successfully.
C:\Users\Jonas\AppData\Local\{BB0CB9A3-83FE-4010-A93D-9B37B9B0D4E0} folder moved successfully.
C:\Users\Jonas\AppData\Local\{BB28D544-07A0-4573-B613-A034CD536404} folder moved successfully.
C:\Users\Jonas\AppData\Local\{BC68062A-6562-4BD2-B72B-27D1296CE002} folder moved successfully.
C:\Users\Jonas\AppData\Local\{BEA80F0D-CEF4-40B7-898F-7989555B8774} folder moved successfully.
C:\Users\Jonas\AppData\Local\{C6AF6D4A-3173-4005-9632-3CB1B64C39A7} folder moved successfully.
C:\Users\Jonas\AppData\Local\{D834CB4F-D1AD-4DE9-B876-D5593884AB7B} folder moved successfully.
C:\Users\Jonas\AppData\Local\{D9FF6F02-7C28-422D-895A-CD75C5DE4F0F} folder moved successfully.
C:\Users\Jonas\AppData\Local\{E180C4F5-A404-42E2-A158-24B7D94A60DB} folder moved successfully.
C:\Users\Jonas\AppData\Local\{E19CCA3A-9A41-4A97-B568-D2E41C5F2AC1} folder moved successfully.
C:\Users\Jonas\AppData\Local\{E26F7DC2-40FA-4896-875F-3511458B3BAB} folder moved successfully.
C:\Users\Jonas\AppData\Local\{E7EBDADF-3B1C-4338-B1D7-097DD472F1BF} folder moved successfully.
C:\Users\Jonas\AppData\Local\{EBCD400F-60F7-44D1-B1DB-43C8000C1A50} folder moved successfully.
C:\Users\Jonas\AppData\Local\{ECE496EB-0C12-4561-A6D6-294C0223FFB0} folder moved successfully.
File\Folder C:\ProgramData\*.exe not found.
File\Folder C:\ProgramData\TEMP not found.
C:\Users\Jonas\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Jonas\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
File/Folder C:\Users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found.
File/Folder C:\Windows\System32\*.tmp not found.
File/Folder C:\Windows\SysWOW64\*.tmp not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Jonas\Desktop\cmd.bat deleted successfully.
C:\Users\Jonas\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Jonas
->Temp folder emptied: 988923 bytes
->Temporary Internet Files folder emptied: 273857705 bytes
->FireFox cache emptied: 843240818 bytes
->Google Chrome cache emptied: 146172213 bytes
->Flash cache emptied: 139580 bytes
User: Public
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 158218146 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 46396283 bytes
RecycleBin emptied: 2644940983 bytes
Total Files Cleaned = 3.923,00 mb
OTL by OldTimer - Version 3.2.59.1 log created on 08312012_172211
Files\Folders moved on Reboot...
C:\Users\Jonas\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.31.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Jonas :: JONASDESKTOP [Administrator] Schutz: Aktiviert 31.08.2012 17:28:29 mbam-log-2012-08-31 (17-28-29).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 644474 Laufzeit: 1 Stunde(n), 57 Minute(n), 7 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v2.000 - Datei am 08/31/2012 um 19:27:33 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Jonas - JONASDESKTOP
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Jonas\Desktop\adwcleaner(1).exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gefunden : C:\Users\Jonas\AppData\Roaming\pdfforge
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v15.0 (de)
Profilname : default [Profil par défaut]
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\s1itmmrk.default\prefs.js
[OK] Die Datei ist sauber.
Profilname : Outdoordeals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\0juducq7.Outdoordeals\prefs.js
[OK] Die Datei ist sauber.
Profilname : Survivaldeals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\xg5ibzne.Survivaldeals\prefs.js
[OK] Die Datei ist sauber.
Profilname : Raddeals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\x16iw5jk.Raddeals\prefs.js
[OK] Die Datei ist sauber.
Profilname : WSeminar
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\0xelmwvm.WSeminar\prefs.js
[OK] Die Datei ist sauber.
Profilname : DieTester
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\2p1n40z9.DieTester.eu\prefs.js
[OK] Die Datei ist sauber.
Profilname : Kiddideals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\jb7bzk4g.Kiddideals\prefs.js
[OK] Die Datei ist sauber.
Profilname : Boarderdeals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\ykl69wkl.Boarderdeals.\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v21.0.1180.83
Datei : C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [38813 octets] - [28/08/2012 23:02:21]
AdwCleaner[S1].txt - [38903 octets] - [28/08/2012 23:02:44]
AdwCleaner[R2].txt - [2177 octets] - [31/08/2012 19:27:33]
########## EOF - C:\AdwCleaner[R2].txt - [2237 octets] ##########
Code:
ATTFilter # AdwCleaner v2.000 - Datei am 08/31/2012 um 19:29:21 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Jonas - JONASDESKTOP
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Jonas\Desktop\adwcleaner(1).exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Users\Jonas\AppData\Roaming\pdfforge
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
Wiederhergestellt : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
-\\ Mozilla Firefox v15.0 (de)
Profilname : default [Profil par défaut]
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\s1itmmrk.default\prefs.js
[OK] Die Datei ist sauber.
Profilname : Outdoordeals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\0juducq7.Outdoordeals\prefs.js
[OK] Die Datei ist sauber.
Profilname : Survivaldeals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\xg5ibzne.Survivaldeals\prefs.js
[OK] Die Datei ist sauber.
Profilname : Raddeals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\x16iw5jk.Raddeals\prefs.js
[OK] Die Datei ist sauber.
Profilname : WSeminar
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\0xelmwvm.WSeminar\prefs.js
[OK] Die Datei ist sauber.
Profilname : DieTester
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\2p1n40z9.DieTester.eu\prefs.js
[OK] Die Datei ist sauber.
Profilname : Kiddideals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\jb7bzk4g.Kiddideals\prefs.js
[OK] Die Datei ist sauber.
Profilname : Boarderdeals
Datei : C:\Users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\ykl69wkl.Boarderdeals.\prefs.js
[OK] Die Datei ist sauber.
-\\ Google Chrome v21.0.1180.83
Datei : C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [38813 octets] - [28/08/2012 23:02:21]
AdwCleaner[S1].txt - [38903 octets] - [28/08/2012 23:02:44]
AdwCleaner[R2].txt - [2306 octets] - [31/08/2012 19:27:33]
AdwCleaner[S2].txt - [2896 octets] - [31/08/2012 19:29:21]
########## EOF - C:\AdwCleaner[S2].txt - [2956 octets] ##########
|
| Themen zu GVU Trojaner mit Malwarebyte entfernt, aber vollständig? |
| 7-zip, antivir, avira, bho, canon, crystaldiskinfo, document, emsisoft, error, fehler, firefox, flash player, format, google earth, homepage, install.exe, langs, logfile, mozilla, msiinstaller, pixel, plug-in, port, realtek, registry, richtlinie, rundll, scan, senden, server, sicherheit, software, spotify web helper, trojaner, usb, usb 3.0, virtualbox, visual studio, windows |
Baum-Darstellung