| clntbestwud | 12.01.2014 14:52 |
Hijackthis zeigt das Programme nicht im System32 Ordner sind.
Hallo Trojaner-Board ,
Ich hatte gestern das schöne Problem gehabt das ich irgendwie einen Virus /Malware auf dem PC hatte. Diese konnte ich durch CCCleaner und ADW Cleaner löschen lassen.
Nun kriege ich von Hijackthis das einige exen nicht im System32 Ordner sind und diese eventuell schädlich sein könnten. Ich würde einfach gerne mal einen Scan über meinen neuen PC laufen lassen.
Und nachschauen lassen ob alles weg ist was gestern gelöscht worden ist.
Adw Logs :AdwCleaner Logfile:
AdwCleaner Logfile: Code:
# AdwCleaner v3.016 - Bericht erstellt am 12/01/2014 um 00:57:01
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Tobi - TOBI-PC
# Gestartet von : C:\Users\Tobi\Downloads\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : SProtection
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gefunden : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage-journal
Ordner Gefunden : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Ordner Gefunden C:\Program Files (x86)\Common Files\Umbrella
Ordner Gefunden C:\Program Files (x86)\Iminent
Ordner Gefunden C:\Program Files (x86)\Show-Password
Ordner Gefunden C:\Users\Tobi\AppData\Local\Temp\Iminent
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Show-Password
Schlüssel Gefunden : HKCU\Software\Iminent
Schlüssel Gefunden : [x64] HKCU\Software\Iminent
Schlüssel Gefunden : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Schlüssel Gefunden : HKLM\Software\Umbrella
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [936 octets] - [15/12/2013 01:22:51]
AdwCleaner[R10].txt - [1632 octets] - [10/01/2014 16:29:19]
AdwCleaner[R11].txt - [1693 octets] - [10/01/2014 20:22:20]
AdwCleaner[R12].txt - [4503 octets] - [12/01/2014 00:57:01]
AdwCleaner[R1].txt - [914 octets] - [16/12/2013 16:44:48]
AdwCleaner[R2].txt - [1119 octets] - [21/12/2013 15:21:29]
AdwCleaner[R3].txt - [1153 octets] - [21/12/2013 15:24:11]
AdwCleaner[R4].txt - [1213 octets] - [23/12/2013 18:18:25]
AdwCleaner[R5].txt - [1270 octets] - [24/12/2013 18:36:25]
AdwCleaner[R6].txt - [1391 octets] - [29/12/2013 15:26:53]
AdwCleaner[R7].txt - [1451 octets] - [08/01/2014 18:16:09]
AdwCleaner[R8].txt - [1511 octets] - [09/01/2014 00:41:02]
AdwCleaner[R9].txt - [1571 octets] - [09/01/2014 18:40:51]
AdwCleaner[S0].txt - [952 octets] - [15/12/2013 01:23:25]
AdwCleaner[S1].txt - [974 octets] - [16/12/2013 16:45:20]
AdwCleaner[S2].txt - [1134 octets] - [21/12/2013 15:23:13]
AdwCleaner[S3].txt - [1332 octets] - [24/12/2013 18:37:02]
AdwCleaner[S4].txt - [1754 octets] - [10/01/2014 20:23:21]
########## EOF - C:\AdwCleaner\AdwCleaner[R12].txt - [5401 octets] ##########
--- --- ---
--- --- ---
Heutiger Logfile Scan
AdwCleaner Logfile: Code:
# AdwCleaner v3.016 - Bericht erstellt am 12/01/2014 um 14:03:59
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Tobi - TOBI-PC
# Gestartet von : C:\Users\Tobi\Downloads\adwcleaner.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Google Chrome v31.0.1650.63
[ Datei : C:\Users\Tobi\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [936 octets] - [15/12/2013 01:22:51]
AdwCleaner[R10].txt - [1632 octets] - [10/01/2014 16:29:19]
AdwCleaner[R11].txt - [1693 octets] - [10/01/2014 20:22:20]
AdwCleaner[R12].txt - [5510 octets] - [12/01/2014 00:57:01]
AdwCleaner[R13].txt - [2059 octets] - [12/01/2014 00:58:36]
AdwCleaner[R14].txt - [2056 octets] - [12/01/2014 01:03:07]
AdwCleaner[R15].txt - [2118 octets] - [12/01/2014 01:04:21]
AdwCleaner[R16].txt - [1080 octets] - [12/01/2014 14:03:59]
AdwCleaner[R1].txt - [914 octets] - [16/12/2013 16:44:48]
AdwCleaner[R2].txt - [1119 octets] - [21/12/2013 15:21:29]
AdwCleaner[R3].txt - [1153 octets] - [21/12/2013 15:24:11]
AdwCleaner[R4].txt - [1213 octets] - [23/12/2013 18:18:25]
AdwCleaner[R5].txt - [1270 octets] - [24/12/2013 18:36:25]
AdwCleaner[R6].txt - [1391 octets] - [29/12/2013 15:26:53]
AdwCleaner[R7].txt - [1451 octets] - [08/01/2014 18:16:09]
AdwCleaner[R8].txt - [1511 octets] - [09/01/2014 00:41:02]
AdwCleaner[R9].txt - [1571 octets] - [09/01/2014 18:40:51]
AdwCleaner[S0].txt - [952 octets] - [15/12/2013 01:23:25]
AdwCleaner[S1].txt - [974 octets] - [16/12/2013 16:45:20]
AdwCleaner[S2].txt - [1134 octets] - [21/12/2013 15:23:13]
AdwCleaner[S3].txt - [1332 octets] - [24/12/2013 18:37:02]
AdwCleaner[S4].txt - [1754 octets] - [10/01/2014 20:23:21]
AdwCleaner[S5].txt - [5528 octets] - [12/01/2014 00:57:41]
AdwCleaner[S6].txt - [2119 octets] - [12/01/2014 00:59:00]
########## EOF - C:\AdwCleaner\AdwCleaner[R16].txt - [2098 octets] ##########
--- --- ---
[/PHP]
Würde mich auf eine Hilfe freuen | 
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.