| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Antimalware Docotr entfernen - OTLWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.03.2011, 13:23
| #1 |
| |  Antimalware Docotr entfernen - OTL Hallo ~ Irgendwie hab ich mir Antimalware Docotr eingefangen und will das Programm jetzt wieder entfernen. Einfach löschen geht ja nicht. Ich hab mir jetzt OTL runtergeladen und bräuchte Hilfe mit den nächsten Schritten. Wär sehr nett wenn mir jemand behilflich sein könnte. |
|
13.03.2011, 19:28
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Antimalware Docotr entfernen - OTL Bitte beachten => http://www.trojaner-board.de/95173-b...es-posten.html und http://www.trojaner-board.de/69886-a...-beachten.html
__________________ |
|
14.03.2011, 15:03
| #3 |
| | Antimalware Docotr entfernen - OTL ok
__________________danke für den hinweis Geändert von Dani42 (14.03.2011 um 15:56 Uhr) |
|
14.03.2011, 16:39
| #4 |
| | Antimalware Docotr entfernen - OTL Ich hab jetzt den mbam-scan gemacht. Ich post den mbam-log mal heir rein Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 6051 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 14.03.2011 16:28:01 mbam-log-2011-03-14 (16-27-50).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 154384 Laufzeit: 2 Minute(n), 30 Sekunde(n) Infizierte Speicherprozesse: 2 Infizierte Speichermodule: 3 Infizierte Registrierungsschlüssel: 31 Infizierte Registrierungswerte: 15 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 10 Infizierte Dateien: 91 Infizierte Speicherprozesse: c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 2036 -> No action taken. c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 3700 -> No action taken. Infizierte Speichermodule: c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken. c:\Users\Anna\AppData\Local\dmerler.dll (Trojan.Agent.U) -> No action taken. c:\Users\Anna\AppData\Local\akuqesod.dll (Trojan.Agent.U) -> No action taken. Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Trojan.FakeAlert) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> No action taken. HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken. HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> No action taken. HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fdebckalias70.exe (Trojan.FakeAlert) -> Value: fdebckalias70.exe -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\DEALIO@MYBROWSERBAR.COM (PUP.Dealio) -> Value: DEALIO@MYBROWSERBAR.COM -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Alikidedu (Trojan.Agent.U) -> Value: Alikidedu -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lhemaqo (Trojan.Agent.U) -> Value: Lhemaqo -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME.MANIFEST (PUP.Dealio) -> Value: CHROME.MANIFEST -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\INSTALL.RDF (PUP.Dealio) -> Value: INSTALL.RDF -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME\LOCALE\EN-US\WIDGITOOLBARPLUGIN.PROPERTIES (PUP.Dealio) -> Value: WIDGITOOLBARPLUGIN.PROPERTIES -> No action taken. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\program files\dealio toolbar (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\locale (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\locale\EN-US (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\IE (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\IE\4.3 (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res (PUP.Dealio) -> No action taken. Infizierte Dateien: c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> No action taken. c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken. c:\Users\Anna\AppData\Roaming\7a1c8c3cd8c2aa8f21f011ce50ce4d51\fdebckalias70.exe (Trojan.FakeAlert) -> No action taken. c:\program files\dealio toolbar\IE\4.3\dealiotoolbarie.dll (PUP.Dealio) -> No action taken. c:\Windows\System32\nlsmexicons0009.exe (Trojan.StartPage) -> No action taken. c:\Users\Anna\AppData\Local\Temp\EAD2.tmp (Rootkit.TDSS) -> No action taken. c:\Users\Anna\AppData\Local\Temp\err.log16241966 (Trojan.FakeAlert) -> No action taken. c:\Users\Anna\AppData\Local\Temp\F6D2.tmp (Trojan.FakeAlert) -> No action taken. c:\Users\Anna\AppData\Local\Temp\F6D3.exe (Trojan.FakeAlert) -> No action taken. c:\Users\Anna\AppData\Local\Temp\FC00.tmp (Trojan.FakeAlert) -> No action taken. c:\Users\Anna\AppData\Local\Temp\FC30.exe (Trojan.FakeAlert) -> No action taken. c:\Users\Anna\AppData\Local\Temp\2B5B.tmp (Trojan.FakeAlert) -> No action taken. c:\Users\Anna\AppData\Local\Temp\awcemxrnos.exe (Adware.Agent) -> No action taken. c:\Users\Anna\AppData\Local\Temp\setup2430362368.exe (Rootkit.TDSS) -> No action taken. c:\Users\Anna\AppData\Local\Temp\setup3158701824.exe (Rootkit.TDSS) -> No action taken. c:\program files\mozilla firefox\extensions\dealio@mybrowserbar.com (PUP.Dealio) -> No action taken. c:\programdata\sysreserve.ini (Malware.Trace) -> No action taken. c:\Users\Anna\AppData\Local\dmerler.dll (Trojan.Agent.U) -> No action taken. c:\Users\Anna\AppData\Local\akuqesod.dll (Trojan.Agent.U) -> No action taken. c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\widgihelper.exe (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome.manifest (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\install.rdf (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\chevron.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\chevron.xul (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\login.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\login.xul (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\parser.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\rsstickerwidget.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\searchbox.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\searchbox.xul (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\utils.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\widgichevron.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\widgicomm.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\widgihandling.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\widgilisteners.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.xul (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\content\widgiui.js (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\searchbox.dtd (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\yahoo-search.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\amazon.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\apple.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\barnes.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\bestbuy.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\chevron.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo_hover.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\ebay.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\icon_settings.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\macys.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\newegg.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\overstock.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\search-button-hover.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\search-button.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\search-chevron-hover.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\search-chevron.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\searchbox.css (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\search_amazon.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\search_dealio.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\search_ebay.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\search_yahoo.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\splitter.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\target.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\walmart.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\FF\chrome\skin\widgitoolbarplugin.css (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\IE\4.3\config.ini (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\amazon.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\apple.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\barnes.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\bestbuy.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\dealio_logo.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\dealio_logo_hover.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\ebay.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\icon_settings.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\macys.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\newegg.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\overstock.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\search-button-hover.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\search-button.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\search-chevron-hover.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\search-chevron.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\search_amazon.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\search_dealio.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\search_ebay.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\search_yahoo.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\target.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\walmart.gif (PUP.Dealio) -> No action taken. c:\program files\dealio toolbar\Res\widgets.xml (PUP.Dealio) -> No action taken. |
|
14.03.2011, 18:31
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antimalware Docotr entfernen - OTL Hast du die Funde nicht entfernt? Bitte nachholen. Mach auch routinemäßig einen Vollscan mit Malwarebytes.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
15.03.2011, 14:58
| #6 |
| | Antimalware Docotr entfernen - OTL Hab ich gemacht. Hier is der log Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 6051 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 15.03.2011 14:53:54 mbam-log-2011-03-15 (14-53-54).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 314968 Laufzeit: 41 Minute(n), 2 Sekunde(n) Infizierte Speicherprozesse: 2 Infizierte Speichermodule: 3 Infizierte Registrierungsschlüssel: 31 Infizierte Registrierungswerte: 15 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 10 Infizierte Dateien: 91 Infizierte Speicherprozesse: c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 2036 -> Not selected for removal. c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 3700 -> Not selected for removal. Infizierte Speichermodule: c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Delete on reboot. c:\Users\Anna\AppData\Local\dmerler.dll (Trojan.Agent.U) -> Delete on reboot. c:\Users\Anna\AppData\Local\akuqesod.dll (Trojan.Agent.U) -> Delete on reboot. Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal. HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fdebckalias70.exe (Trojan.FakeAlert) -> Value: fdebckalias70.exe -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\DEALIO@MYBROWSERBAR.COM (PUP.Dealio) -> Value: DEALIO@MYBROWSERBAR.COM -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Alikidedu (Trojan.Agent.U) -> Value: Alikidedu -> Delete on reboot. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lhemaqo (Trojan.Agent.U) -> Value: Lhemaqo -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME.MANIFEST (PUP.Dealio) -> Value: CHROME.MANIFEST -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\INSTALL.RDF (PUP.Dealio) -> Value: INSTALL.RDF -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME\LOCALE\EN-US\WIDGITOOLBARPLUGIN.PROPERTIES (PUP.Dealio) -> Value: WIDGITOOLBARPLUGIN.PROPERTIES -> Not selected for removal. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\program files\dealio toolbar (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\IE (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\IE\4.3 (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res (PUP.Dealio) -> Not selected for removal. Infizierte Dateien: c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal. c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Delete on reboot. c:\Users\Anna\AppData\Roaming\7a1c8c3cd8c2aa8f21f011ce50ce4d51\fdebckalias70.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\program files\dealio toolbar\IE\4.3\dealiotoolbarie.dll (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\widgihelper.exe (PUP.Dealio) -> Not selected for removal. c:\Users\Anna\AppData\Local\Temp\EAD2.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\Temp\err.log16241966 (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\Temp\F6D2.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\Temp\F6D3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\Temp\FC00.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\Temp\FC30.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\Temp\2B5B.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\Temp\awcemxrnos.exe (Adware.Agent) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\Temp\setup2430362368.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\Temp\setup3158701824.exe (Rootkit.TDSS) -> Quarantined and deleted successfully. c:\Windows\System32\nlsmexicons0009.exe (Trojan.StartPage) -> Quarantined and deleted successfully. c:\program files\mozilla firefox\extensions\dealio@mybrowserbar.com (PUP.Dealio) -> Not selected for removal. c:\programdata\sysreserve.ini (Malware.Trace) -> Quarantined and deleted successfully. c:\Users\Anna\AppData\Local\dmerler.dll (Trojan.Agent.U) -> Delete on reboot. c:\Users\Anna\AppData\Local\akuqesod.dll (Trojan.Agent.U) -> Delete on reboot. c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome.manifest (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\install.rdf (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\chevron.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\chevron.xul (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\login.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\login.xul (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\parser.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\rsstickerwidget.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\searchbox.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\searchbox.xul (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\utils.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgichevron.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgicomm.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgihandling.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgilisteners.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.xul (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgiui.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\searchbox.dtd (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\yahoo-search.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\apple.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\barnes.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\bestbuy.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\chevron.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo_hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\icon_settings.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\macys.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\newegg.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\overstock.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search-button-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search-button.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search-chevron-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search-chevron.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\searchbox.css (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search_amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search_dealio.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search_ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search_yahoo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\splitter.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\target.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\walmart.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\widgitoolbarplugin.css (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\IE\4.3\config.ini (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\apple.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\barnes.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\bestbuy.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\dealio_logo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\dealio_logo_hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\icon_settings.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\macys.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\newegg.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\overstock.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-button-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-button.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-chevron-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-chevron.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_dealio.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_yahoo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\target.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\walmart.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\widgets.xml (PUP.Dealio) -> Not selected for removal. |
|
15.03.2011, 16:17
| #7 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antimalware Docotr entfernen - OTLZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
15.03.2011, 17:11
| #8 |
| | Antimalware Docotr entfernen - OTL Jetzt hab ich es vorher aktualisiert und gleich den Scan gemacht Malwarebytes' Anti-Malware 1.50.1.1100 Malwarebytes Datenbank Version: 6067 Windows 6.0.6001 Service Pack 1 Internet Explorer 8.0.6001.19019 15.03.2011 17:10:03 mbam-log-2011-03-15 (17-10-03).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Durchsuchte Objekte: 314703 Laufzeit: 39 Minute(n), 44 Sekunde(n) Infizierte Speicherprozesse: 2 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 7 Infizierte Registrierungswerte: 13 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 10 Infizierte Dateien: 75 Infizierte Speicherprozesse: c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 288 -> Not selected for removal. c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 524 -> Not selected for removal. Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal. HKEY_CLASSES_ROOT\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Not selected for removal. Infizierte Registrierungswerte: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\DEALIO@MYBROWSERBAR.COM (PUP.Dealio) -> Value: DEALIO@MYBROWSERBAR.COM -> Not selected for removal. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lhemaqo (Trojan.Agent.U) -> Value: Lhemaqo -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Alikidedu (Trojan.Agent.U) -> Value: Alikidedu -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME.MANIFEST (PUP.Dealio) -> Value: CHROME.MANIFEST -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\INSTALL.RDF (PUP.Dealio) -> Value: INSTALL.RDF -> Not selected for removal. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME\LOCALE\EN-US\WIDGITOOLBARPLUGIN.PROPERTIES (PUP.Dealio) -> Value: WIDGITOOLBARPLUGIN.PROPERTIES -> Not selected for removal. Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: c:\program files\dealio toolbar (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\IE (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\IE\4.3 (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res (PUP.Dealio) -> Not selected for removal. Infizierte Dateien: c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\IE\4.3\dealiotoolbarie.dll (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\widgihelper.exe (PUP.Dealio) -> Not selected for removal. c:\program files\mozilla firefox\extensions\dealio@mybrowserbar.com (PUP.Dealio) -> Not selected for removal. c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome.manifest (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\install.rdf (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\chevron.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\chevron.xul (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\login.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\login.xul (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\parser.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\rsstickerwidget.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\searchbox.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\searchbox.xul (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\utils.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgichevron.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgicomm.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgihandling.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgilisteners.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.xul (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\content\widgiui.js (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\searchbox.dtd (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\locale\EN-US\yahoo-search.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\apple.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\barnes.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\bestbuy.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\chevron.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo_hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\icon_settings.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\macys.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\newegg.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\overstock.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search-button-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search-button.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search-chevron-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search-chevron.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\searchbox.css (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search_amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search_dealio.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search_ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\search_yahoo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\splitter.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\target.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\walmart.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\FF\chrome\skin\widgitoolbarplugin.css (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\IE\4.3\config.ini (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\apple.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\barnes.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\bestbuy.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\dealio_logo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\dealio_logo_hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\icon_settings.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\macys.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\newegg.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\overstock.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-button-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-button.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-chevron-hover.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search-chevron.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_amazon.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_dealio.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_ebay.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\search_yahoo.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\target.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\walmart.gif (PUP.Dealio) -> Not selected for removal. c:\program files\dealio toolbar\Res\widgets.xml (PUP.Dealio) -> Not selected for removal. |
|
15.03.2011, 21:10
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antimalware Docotr entfernen - OTL Du solltest doch alle Funde entfernen, wieso machst du das nicht?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.03.2011, 14:37
| #10 |
| | Antimalware Docotr entfernen - OTL wirklich ALLES? |
|
16.03.2011, 14:50
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Antimalware Docotr entfernen - OTL Ja. So steht es auch in der Anleitung.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Antimalware Docotr entfernen - OTL |
| antimalware, antimalware doctor entfernen, bräuchte, einfach, eingefangen, entferne, entfernen, gefangen, löschen, programm, runtergeladen, schritte |
Linear-Darstellung
