Trojaner-Board - Anleitung Personal Security entfernen

Trojaner-Board (https://www.trojaner-board.de/)

- Anleitungen, FAQs & Links (https://www.trojaner-board.de/anleitungen-faqs-links/)

- - Anleitung Personal Security entfernen (https://www.trojaner-board.de/64598-anleitung-personal-security-entfernen.html)

Anleitung Personal Security entfernen

Personal Security entfernen

Personal Security ist eine falsche Anti-Spyware-Anwendung.
Personal Security hat eine böse Absicht, die Computer-Benutzer zum Kauf der lizenzierten Version von Personal Security zu bewegen. Personal Security kann via Trojaner wie Zlob oder Vundo installiert werden, und durch die Sicherheitslücken auf einem System.

http://www.trojaner-board.de/attachm...1&d=1265023861

Dateien von Personal Security:

Code:

c:\Program Files\PSecurity\

c:\Program Files\PSecurity\psecurity.exe

C:\Program Files\PersonalSec\

C:\Program Files\PersonalSec\psecurity.exe

C:\program files\PersSecurity\

C:\program files\PersSecurity\psecurity.exe

C:\program files\PersSecurity\personalsecurity.exe

C:\program files\PersSecurity\system.dat

C:\Program Files\PersonSecurity\

C:\Program Files\PersonSecurity\psecurity.exe

c:\Program Files\Common Files\PSecurityUninstall\

c:\Program Files\Common Files\PSecurityUninstall\Uninstall.lnk

c:\WINDOWS\system32\win32extension.dll

c:\Documents and Settings\All Users\Start Menu\PSecurity

c:\Documents and Settings\All Users\Start Menu\PSecurity\Computer Scan.lnk

c:\Documents and Settings\All Users\Start Menu\PSecurity\Help.lnk

c:\Documents and Settings\All Users\Start Menu\PSecurity\Personal Security.lnk

c:\Documents and Settings\All Users\Start Menu\PSecurity\Registration.lnk

c:\Documents and Settings\All Users\Start Menu\PSecurity\Security Center.lnk

c:\Documents and Settings\All Users\Start Menu\PSecurity\Settings.lnk

c:\Documents and Settings\All Users\Start Menu\PSecurity\Update.lnk

%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\PSecurity.lnk

%UserProfile%\Desktop\Personal Security.lnk

Personal Security Windows Registry:

Code:

HKEY_CLASSES_ROOT\CLSID\{35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC}

HKEY_LOCAL_MACHINE\SOFTWARE\5FFB10D58FFCF482208906E6A889FD56

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "PSecurity"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "PersonalSec"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "PersSecurity"

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "PersonSecurity"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\post platform "WinTSI 01.12.2009"

Symptome im HijackThis Log:

Zitat:

O2 - BHO: &Security Update - {35A5B43B-CB8A-49CA-A9F4-D3B308D2E3CC} - C:\WINDOWS\system32\win32extension.dll
O4 - HKCU\..\Run: [PSecurity] C:\Program Files\PSecurity\psecurity.exe
O4 - HKCU\..\Run: [PersonalSec] C:\Program Files\PersonalSec\psecurity.exe
O4 - HKCU\..\Run: [PersSecurity] C:\Program Files\PersSecurity\psecurity.exe
O4 - HKCU\..\Run: [PersSecurity] C:\Program Files\PersSecurity\personalsecurity.exe
O4 - HKCU\..\Run: [PersonSecurity] C:\Program Files\PersonSecurity\psecurity.exe

Personal Security entfernen

Symptome von Personal Security

Personal Security erzeugt unter anderem folgende Fake-Meldungen und Alerts:

Privacy violation alert!
Personal Security has detected numerous privacy violations. Some programs may send your private data to an untrusted internet host. Click here to permanently block this activity and remove the possible threat (Recommended)

System files modification alert!
Important system files of your computer may be modified by malicious program. It may cause system instability and data loss. Click here to block unauthorized modification and remove potential threats (Recommended).
Internal conflict alert!

Personal Security has detected internal software conflict. Some application endeavors to access system kernel (such behavior is typical for spyware/malware). Click here to prevent system crash and remove potential threats (Recommended)

Spyware activity alert!
Spyware.IEMonster is a popular spyware that attempts to steal passwords from Web browsers, e-mail clients and other programs, including login information from online banking sessions, billing pages, CC transactions, etc. It may also create special tracking files to log your activity and compromise your Internet privacy. It is strongly recommended to prevent this threat immediately. Click here to get protection against Spyware.IEMonster.

Privacy Violation alert!
Personal Security detected a Privacy Violation. A program is secretly sending your private data to an untrusted internet host. Click here to block this activity by removing the threat (Recommended).

System files modification alert!
Some critical system files of your computer were modified by malicious program. It may cause system instability and data loss. Click here to block unauthorized modification by removing threats (Recommended).

System files modification alert!
Personal Security detected internal software conflict. Some application tries to get access to system kernel (such behavior is typical to Spyware/Malware). It may cause crash of your computer. Click here to prevent system crash by removing threats (Recommended).

Spyware activity alert!
Spyware.IEMonster activity detected. It is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other programs, including logins and passwords from online banking sessions, eBay, PayPal. It may also create special tracking files to log your activity and compromise your Internet privacy. It's strongly recommended to remove this threat as soon as possible. Click here to remove Spyware.IEMonster.

Personal Security entfernen

Personal Security immer noch nicht entfernt?

OTH - OTHelper - Kill All Processes

Mit aktualisiertem (!!) Malwarebytes Anti-Malware nach Ausführen von OTH nochmal QUICKSCAN ausführen.

Bitte alle temporären Dateien löschen und Speicherplatz freigeben.

Weitergehende Prüfung

Das System könnte noch nicht vollständig sauber sein.

Daher unbedingt ein Thema erstellen: Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Nicht vergessen mit FRST-Logfiles wie in der Anleitung beschrieben.

Wie man Hilfe bekommt steht auch hier.