| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Search Protect läst sich nicht entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
14.01.2014, 17:14
| #7 |
| |  Search Protect läst sich nicht entfernen Hallo Matthias, ich habe die Logs erstellt die du noch mal sehen möchtest. Hier sind die Logs: 1. FRST Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-01-2014 01
Ran by Steven's Netbook at 2014-01-12 21:35:17 Run:1
Running from C:\Users\Steven's Netbook\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
C:\Program Files\Enigma Software Group
end
*****************
C:\Program Files\Enigma Software Group => Moved successfully.
==== End of Fixlog ====
Code:
ATTFilter HitmanPro 3.7.8.208
www.hitmanpro.com
Computer name . . . . : STEVENSNETBOOK
Windows . . . . . . . : 6.1.1.7601.X86/2
User name . . . . . . : StevensNetbook\Steven's Netbook
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (30 days left)
Scan date . . . . . . : 2014-01-12 21:40:20
Scan mode . . . . . . : Normal
Scan duration . . . . : 4m 45s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 4
Traces . . . . . . . : 55
Objects scanned . . . : 943.812
Files scanned . . . . : 13.819
Remnants scanned . . : 274.446 files / 655.547 keys
Malware _____________________________________________________________________
C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C537M02Q\FRST[1].exe -> Quarantined
Size . . . . . . . : 1.220.096 bytes
Age . . . . . . . : 0.9 days (2014-01-11 23:52:47)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 1E73161C61C0AD0F2C513ED4D1583533A50DCA173FF844CE88D1ADEF2D3399C4
Needs elevation . : Yes
Publisher . . . . : Farbar
Version . . . . . : 0.0.0.0
Source URL . . . . : hxxp://download.bleepingcomputer.com/dl/b9c116e6a12aac8925bce9c4a7d6cc1b/52d1cb3f/windows/security/security-utilities/f/farbar-recovery-scan-tool/32/FRST.exe
> Bitdefender . . . : Gen:Variant.Symmi.36833
Fuzzy . . . . . . : 113.0
Forensic Cluster
-18.8s C:\ProgramData\Kaspersky Lab\PURE13\SysWHist\bsslogs\17
-3.2s C:\ProgramData\Kaspersky Lab\PURE13\SysWHist\bsslogs\18
-1.3s C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5GQGKLRL\
-1.3s C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C537M02Q\
-1.3s C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMR2LBBH\
-1.3s C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QACL0PCC\
-0.4s C:\Users\Steven's Netbook\AppData\Roaming\Microsoft\Windows\Cookies\34PTLGDR.txt
0.0s C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C537M02Q\FRST[1].exe
12.5s C:\ProgramData\Kaspersky Lab\PURE13\SysWHist\file_cache\55c559a808d2eb2292d5cf8a596714d7.bin
14.4s C:\ProgramData\Kaspersky Lab\PURE13\SysWHist\bsslogs\19
C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMR2LBBH\FRST[1].exe -> Quarantined
Size . . . . . . . : 1.219.584 bytes
Age . . . . . . . : 0.0 days (2014-01-12 21:34:52)
Entropy . . . . . : 7.8
SHA-256 . . . . . : E88392F005E6CAB2E01122DA5885CC860D5F035ADFEAC154DEC245E11A3C2859
Needs elevation . : Yes
Publisher . . . . : Farbar
Version . . . . . : 0.0.0.0
Source URL . . . . : hxxp://download.bleepingcomputer.com/dl/15e09003cd770bff964b034d88b83511/52d2fc6c/windows/security/security-utilities/f/farbar-recovery-scan-tool/32/FRST.exe
> Bitdefender . . . : Gen:Variant.Symmi.36833
Fuzzy . . . . . . : 113.0
Forensic Cluster
-5.2s C:\ProgramData\Kaspersky Lab\PURE13\SysWHist\bsslogs\25
-2.4s C:\ProgramData\Kaspersky Lab\PURE13\SysWHist\bsslogs\26
-0.4s C:\Users\Steven's Netbook\AppData\Roaming\Microsoft\Windows\Cookies\Z4IO3TUR.txt
-0.4s C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMR2LBBH\81[2].htm
0.0s C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VMR2LBBH\FRST[1].exe
5.2s C:\$RECYCLE.BIN\S-1-5-21-168492923-2159611283-3327635747-1000\$RZW2GMX\
6.2s C:\Windows\Prefetch\FRST.EXE-1511BF02.pf
8.9s C:\ProgramData\Kaspersky Lab\PURE13\SysWHist\file_cache\5ccc1f9bd7ce202689e178883755e395.bin
11.1s C:\ProgramData\Kaspersky Lab\PURE13\SysWHist\bsslogs\27
13.4s C:\Users\Steven's Netbook\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C537M02Q\FRST[2].exe
C:\Users\Steven's Netbook\Desktop\Log Nr.3\FRST.exe -> Quarantined
Size . . . . . . . : 1.220.096 bytes
Age . . . . . . . : 0.0 days (2014-01-12 21:34:17)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 1E73161C61C0AD0F2C513ED4D1583533A50DCA173FF844CE88D1ADEF2D3399C4
Needs elevation . : Yes
Publisher . . . . : Farbar
Version . . . . . : 0.0.0.0
Source URL . . . . : hxxp://download.bleepingcomputer.com/dl/b9c116e6a12aac8925bce9c4a7d6cc1b/52d1cb3f/windows/security/security-utilities/f/farbar-recovery-scan-tool/32/FRST.exe
> Bitdefender . . . : Gen:Variant.Symmi.36833
Fuzzy . . . . . . : 116.0
Forensic Cluster
0.0s C:\Users\Steven's Netbook\Desktop\Log Nr.3\FRST.exe
0.0s C:\Users\Steven's Netbook\Desktop\Log Nr.4\FRST.exe
C:\Users\Steven's Netbook\Desktop\Log Nr.4\FRST.exe -> Quarantined
Size . . . . . . . : 1.219.584 bytes
Age . . . . . . . : 0.0 days (2014-01-12 21:34:17)
Entropy . . . . . : 7.8
SHA-256 . . . . . : E88392F005E6CAB2E01122DA5885CC860D5F035ADFEAC154DEC245E11A3C2859
Needs elevation . : Yes
Publisher . . . . : Farbar
Version . . . . . : 0.0.0.0
Source URL . . . . : hxxp://download.bleepingcomputer.com/dl/15e09003cd770bff964b034d88b83511/52d2fc6c/windows/security/security-utilities/f/farbar-recovery-scan-tool/32/FRST.exe
> Bitdefender . . . : Gen:Variant.Symmi.36833
Fuzzy . . . . . . : 116.0
Forensic Cluster
0.0s C:\Users\Steven's Netbook\Desktop\Log Nr.3\FRST.exe
0.0s C:\Users\Steven's Netbook\Desktop\Log Nr.4\FRST.exe
Cookies _____________________________________________________________________
C:\Users\Steven's Netbook\AppData\Roaming\Microsoft\Windows\Cookies\DSOAWSLU.txt
C:\Users\Steven's Netbook\AppData\Roaming\Microsoft\Windows\Cookies\X486Q9NC.txt
C:\Users\Steven's Netbook\AppData\Roaming\Microsoft\Windows\Cookies\X6VW2PA9.txt
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ad.360yield.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ad.ad-srv.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ad.adc-serv.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ad.adition.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ad.dyntracker.de
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ad.yieldmanager.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ad.zanox.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:adbrite.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ads.247activemedia.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ads.creative-serving.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ads.spinsoft.de
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ads.wiezoekje.nl
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:adtech.de
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:apmebf.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:atdmt.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:bs.serving-sys.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:casalemedia.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:content.yieldmanager.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:creative-serving.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:doubleclick.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:eas.apm.emediate.eu
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:emjcd.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:fastclick.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:fl01.ct2.comclick.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:invitemedia.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:media6degrees.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:mediaplex.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:microsoftwllivemkt.112.2o7.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:revsci.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:rotator.adjuggler.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ru4.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:serving-sys.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:smartadserver.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:specificclick.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:stat.onestat.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:statse.webtrendslive.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:track.adform.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:track.solocpm.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:tradedoubler.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:tribalfusion.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:ww251.smartadserver.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:www.burstnet.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:www.emjcd.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:www.etracker.de
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:www.googleadservices.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:xiti.com
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:yieldmanager.net
C:\Users\Steven's Netbook\AppData\Roaming\Mozilla\Firefox\Profiles\4v69ml4x.default\cookies.sqlite:zedo.com
3. ESET Online Scan Log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7eb090b35fc4f04d9df9e1a172a1c835
# engine=16634
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-13 05:53:51
# local_time=2014-01-13 06:53:51 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 80284 141266822 0 0
# scanned=124881
# found=0
# cleaned=0
# scan_time=8490
Code:
ATTFilter Results of screen317's Security Check version 0.99.78 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Kaspersky PURE 3.0 Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 Adobe Flash Player 11.9.900.170 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (26.0) ````````Process Check: objlist.exe by Laurent```````` Kaspersky Lab Kaspersky PURE 3.0 avp.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Ich habe dann nochmal eine andere Frage. Würdest du denn auch meinen zweiten Rechner überprüfen auch wenn ich jetzt keine Probleme oder Mengel feststellen kann ? Also so eine Art Vorsorge untersuchung. |
| Themen zu Search Protect läst sich nicht entfernen |
| .com, adblock, cid, computer, device driver, ebanking, entfernen, error, firefox, flash player, homepage, installation, launch, msiinstaller, ntdll.dll, plug-in, problem, programm, pup.optional.conduit.a, pup.optional.searchprotect.a, scan, search protect, secure search, security, spyhunter, spyhunter entfernen, spyware, svchost.exe, system error, vtoolbarupdater, windows |
Baum-Darstellung