Show-Password Addon - nervige Werbeeinblendungen

goliard · 20.11.2013, 12:51

Hallo Matthias,
danke für deine Hilfe!
Hier die gewünschten Logs:

Code:

ATTFilter

# AdwCleaner v3.012 - Bericht erstellt am 20/11/2013 um 12:05:06
# Updated 11/11/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : TP - TP-PC
# Gestartet von : C:\Users\TP\Desktop\adwcleaner_3012.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\TP\AppData\Roaming\Mozilla\Firefox\Profiles\nnckum2k.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2467 octets] - [17/11/2013 13:31:05]
AdwCleaner[R1].txt - [909 octets] - [17/11/2013 13:37:21]
AdwCleaner[R2].txt - [1027 octets] - [17/11/2013 13:40:23]
AdwCleaner[R3].txt - [1088 octets] - [17/11/2013 21:14:53]
AdwCleaner[R4].txt - [1148 octets] - [18/11/2013 21:16:29]
AdwCleaner[R5].txt - [1208 octets] - [18/11/2013 21:31:56]
AdwCleaner[R6].txt - [1368 octets] - [20/11/2013 12:04:40]
AdwCleaner[S0].txt - [2480 octets] - [17/11/2013 13:34:23]
AdwCleaner[S1].txt - [969 octets] - [17/11/2013 13:39:24]
AdwCleaner[S2].txt - [1285 octets] - [20/11/2013 12:05:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1345 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by TP on 20.11.2013 at 12:07:03,23
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\TP\AppData\Roaming\mozilla\firefox\profiles\nnckum2k.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.11.2013 at 12:11:53,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.11.20.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
TP :: TP-PC [Administrator]

Schutz: Aktiviert

20.11.2013 12:12:49
mbam-log-2013-11-20 (12-12-49).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 202702
Laufzeit: 1 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

Zoek.exe Version 4.0.0.5 Updated 14-November-2013
Tool run by TP on 20.11.2013 at 12:15:04,26.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\TP\Desktop\zoek\zoek.scr [Script inserted] 

==== System Restore Info ======================

20.11.2013 12:16:19 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3873378463-2275669578-4028046783-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f5d84a10-30cc-477d-8aa0-4e72091adc29} deleted successfully
HKEY_USERS\S-1-5-21-3873378463-2275669578-4028046783-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f5d84a10-30cc-477d-8aa0-4e72091adc29} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{f5d84a10-30cc-477d-8aa0-4e72091adc29} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f5d84a10-30cc-477d-8aa0-4e72091adc29} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3873378463-2275669578-4028046783-1000\Software\Mozilla\Firefox\Extensions\{27d907bf-158e-435a-bd8b-a62ced9803f7} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\TP\AppData\Roaming\Mozilla\Firefox\Profiles\nnckum2k.default\prefs.js:
user_pref("browser.startup.homepage", "about:blank");

Added to C:\Users\TP\AppData\Roaming\Mozilla\Firefox\Profiles\nnckum2k.default\prefs.js:

ProfilePath: C:\Users\TP\AppData\Roaming\Mozilla\Firefox\Profiles\nnckum2k.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs__1222_.backup

==== Deleting Files \ Folders ======================

C:\ProgramData\Package Cache deleted
C:\windows\SysNative\Tasks\Show-Password Update deleted
C:\Windows\Tasks\Show-Password Update.job deleted
C:\Users\TP\AppData\Roaming\Mozilla\Firefox\Profiles\nnckum2k.default\jetpack deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [23.10.2013 16:50]

==== Firefox Extensions ======================

ProfilePath: C:\Users\TP\AppData\Roaming\Mozilla\Firefox\Profiles\nnckum2k.default
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\TP\AppData\Roaming\Mozilla\Firefox\Profiles\nnckum2k.default
EE8D96E7899D12FC3AA5DB2034C0853C	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll -	Shockwave Flash


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[05.09.2013 15:04]
logekkkdbdidmmcgkonmmonclldogceg - C:\Program Files (x86)\Show-Password\135.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\logekkkdbdidmmcgkonmmonclldogceg deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\TP\AppData\Local\Mozilla\Firefox\Profiles\nnckum2k.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\TP\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 20.11.2013 at 12:39:27,82 ======================

Show-Password Addon - nervige Werbeeinblendungen

Plagegeister aller Art und deren Bekämpfung: Show-Password Addon - nervige Werbeeinblendungen

Show-Password Addon - nervige Werbeeinblendungen

Ähnliche Themen: Show-Password Addon - nervige Werbeeinblendungen