Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Click compare / Firefox

Click compare / Firefox


Log-Analyse und Auswertung: Click compare / Firefox

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 11.02.2013, 01:29   #5
mknie
 
Click compare / Firefox - Standard

Click compare / Firefox


Hi t'john,

so den Fix habe ich gemacht. Der Logfile ist:

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07DEEA11-591D-AB3D-561C-229D5818F17E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07DEEA11-591D-AB3D-561C-229D5818F17E}\ deleted successfully.
C:\ProgramData\SaveByclick\5102c87b8aa23.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\saveby~1\sprote~1.dll deleted successfully.
c:\progra~2\saveby~1\sprote~1.dll moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SaveByclick folder moved successfully.
C:\ProgramData\SaveByclick folder moved successfully.
C:\Program Files (x86)\SaveByClick folder moved successfully.
========== FILES ==========
File\Folder C:\ProgramData\*.exe not found.
File\Folder C:\ProgramData\*.dll not found.
File\Folder C:\ProgramData\*.tmp not found.
File\Folder C:\ProgramData\TEMP not found.
C:\Users\Melissa\B0BF705768694E4B920CEA2A58DA07F0.TMP folder moved successfully.
C:\Users\Melissa\AppData\Local\Temp\fp_pl_pfs_installer.exe moved successfully.
C:\Users\Melissa\AppData\Local\Temp\MyClaroTB.exe moved successfully.
C:\Users\Melissa\AppData\Local\Temp\SkypeSetup.exe moved successfully.
C:\Users\Melissa\AppData\Local\Temp\uninst1.exe moved successfully.
C:\Users\Melissa\AppData\Local\Temp\ydetect.exe moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Melissa\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Melissa\Desktop\cmd.bat deleted successfully.
C:\Users\Melissa\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Melissa
->Temp folder emptied: 22972209 bytes
->Temporary Internet Files folder emptied: 78196353 bytes
->FireFox cache emptied: 113475158 bytes
->Google Chrome cache emptied: 106385651 bytes
->Flash cache emptied: 85519 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 173605248 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33711 bytes
RecycleBin emptied: 10539530 bytes

Total Files Cleaned = 482,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 02112013_012223

Files\Folders moved on Reboot...
C:\Users\Melissa\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...


Als nächstes mache ich nun Schritt 3 und die Ergebnisse werde ich wieder hier posten.

Danke und Gruß

mknie

Hier nun das Ergebnis des AdwCleaners:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.112 - Datei am 11/02/2013 um 01:32:07 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Melissa - MELISSA-TOSH
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Melissa\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\faq32inl.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\faq32inl.default\bprotector_prefs.js
Gelöscht mit Neustart : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\InstallMate
Ordner Gelöscht : C:\Users\Melissa\AppData\LocalLow\SaveByclick
Ordner Gelöscht : C:\Users\Melissa\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\SProtector
Schlüssel Gelöscht : HKCU\Software\d08d8bb23eb817
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SaveByClick_RASMANCS
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\d08d8bb23eb817
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{26B5A6D1-1F75-3B59-5825-E4D4CAE3445D}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Datei : C:\Users\Melissa\AppData\Roaming\Mozilla\Firefox\Profiles\faq32inl.default\prefs.js

Gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Gelöscht : user_pref("aol_toolbar.default.search.check", false);
Gelöscht : user_pref("extensions.5102c87b8a948.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v24.0.1312.57

Datei : C:\Users\Melissa\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [4101 octets] - [19/11/2012 00:58:25]
AdwCleaner[R2].txt - [1455 octets] - [19/11/2012 01:04:20]
AdwCleaner[R3].txt - [1352 octets] - [19/11/2012 01:07:15]
AdwCleaner[R4].txt - [1472 octets] - [19/11/2012 01:10:52]
AdwCleaner[S1].txt - [4061 octets] - [19/11/2012 01:00:39]
AdwCleaner[S2].txt - [1523 octets] - [19/11/2012 01:04:31]
AdwCleaner[S3].txt - [1420 octets] - [19/11/2012 01:07:25]
AdwCleaner[S4].txt - [3565 octets] - [11/02/2013 01:32:07]

########## EOF - C:\AdwCleaner[S4].txt - [3625 octets] ##########
--- --- ---

Über eine erneute Interpretation wäre ich sehr dankbar, weil ich damit quasi nichts anfangen kann.
Darüber hinaus würde ich mich freuen, nicht nur zu wissen, dass der Trojaner/Virus weg ist, sondern auch was ich vorbeugend machen kann (ist nämlich der zweite Virus innerhalb weniger Monate). Welches Virenprogramm würdest du aus deiner Erfahrung empfehlen? Bei Kauf meines Toshibas war das McAfee-Programm vorinstalliert, allerdings nur für wenige Wochen. Hilft es das Abonnement zu erwerben?

Besten Dank und Gruß,

mknie

Geändert von mknie (11.02.2013 um 01:44 Uhr)

 

Themen zu Click compare / Firefox
autorun, browser, browser manager, compare, converter, defender, diner dash, error, fehler, firefox, flash player, format, galaxy, google, home, install.exe, microsoft office starter 2010, mozilla, plug-in, port, realtek, registry, riskware.installmonetizer, rundll, savebyclick, siteadvisor, software, svchost.exe, usb, wildtangent games, windows, wlan


« GVU Trojaner | Bundespolizei Virus kann aber noch auf Desktop zugreifen »


Ähnliche Themen: Click compare / Firefox


  1. Trojanerbeseitigung click compare MAC
    Log-Analyse und Auswertung - 08.09.2014 (3)
  2. Click Compare Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.07.2014 (3)
  3. Click Compare Trojaner in Firefox 27.0.1 ?
    Plagegeister aller Art und deren Bekämpfung - 08.03.2014 (12)
  4. Click Compare im Firefox
    Plagegeister aller Art und deren Bekämpfung - 17.02.2014 (2)
  5. Click-Compare Trojaner in Mozilla Firefox auf Windows 7
    Log-Analyse und Auswertung - 15.11.2013 (3)
  6. Click Compare Virus
    Log-Analyse und Auswertung - 19.08.2013 (8)
  7. Click Compare, Instant Savings etc. Probleme bei Firefox
    Plagegeister aller Art und deren Bekämpfung - 19.06.2013 (5)
  8. Click Compare und Windows 8
    Plagegeister aller Art und deren Bekämpfung - 29.05.2013 (2)
  9. Click-Compare befällt Firefox 21.0
    Log-Analyse und Auswertung - 24.05.2013 (16)
  10. click compare - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 11.05.2013 (12)
  11. Click Compare Trojaner
    Plagegeister aller Art und deren Bekämpfung - 14.04.2013 (9)
  12. Click compare trojaner
    Log-Analyse und Auswertung - 29.03.2013 (2)
  13. Click Compare Trojaner
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (11)
  14. Click Compare Trojaner entfernen?!
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (11)
  15. Click Compare auf dem Laptop
    Plagegeister aller Art und deren Bekämpfung - 26.02.2013 (2)
  16. Click Compare in Browser
    Plagegeister aller Art und deren Bekämpfung - 14.02.2013 (5)
  17. Click Compare sucht Firefox und Co. heim
    Plagegeister aller Art und deren Bekämpfung - 05.01.2013 (15)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Click compare / Firefox - Hi t'john, so den Fix habe ich gemacht. Der Logfile ist: All processes killed ========== OTL ========== Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07DEEA11-591D-AB3D-561C-229D5818F17E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07DEEA11-591D-AB3D-561C-229D5818F17E}\ deleted successfully. C:\ProgramData\SaveByclick\5102c87b8aa23.dll - Click compare / Firefox...
Archiv
Du betrachtest: Click compare / Firefox auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131