Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Lästige Werbung beim Internet Explorer (https://www.trojaner-board.de/167792-laestige-werbung-beim-internet-explorer.html)

schrauber 12.07.2015 11:17
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {0366B356-4748-440C-9E5D-F7F4808CD534} - \sup_games_notification_service No Task File <==== ATTENTION

Task: {0BFAFBB9-4476-44BC-B388-6FBAA998713B} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-3 No Task File <==== ATTENTION

Task: {3795D49F-97B0-428A-886A-C92EB64C6C40} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-5 No Task File <==== ATTENTION

Task: {5AB37152-38BA-43EC-86FC-8AC2A07EE949} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-4 No Task File <==== ATTENTION

Task: {8E8D44DA-EA84-4DC0-950D-A90970DF8874} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-1 No Task File <==== ATTENTION

Task: {A285E65C-471A-4D8F-9EDA-7E0AD01A617D} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION

Task: {B9207C0B-71B2-441E-9785-DBAE4317E0EF} - \temp_66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION
HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.77.253
Tcpip\..\Interfaces\{E18D4E09-AD6C-4156-9375-44EDC8C95F81}: [NameServer] 192.168.120.252,192.168.120.253
Tcpip\..\Interfaces\{F7780FA9-170A-4DD6-9B49-6E97103E3F56}: [DhcpNameServer] 192.168.77.253
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Zitat:
C:\Program Files\Game til you Die\game_til_you_die_helper_service.exe
Kennst Du das?

jeejo 12.07.2015 17:20
Danke werde ich morgen machen wenn ich am Pc bin. Diese "game_til_you_die_helper_service.exe " ist mir bisher unbekannt. :-/

schrauber 13.07.2015 08:13
Dann mach den Fix und poste bitte ein frisches FRST log.

jeejo 14.07.2015 16:41
Code:
Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by Riehl at 2015-07-14 17:37:41 Run:1
Running from C:\Users\Riehl\Downloads
Loaded Profiles: Riehl & Acronis Agent User (Available Profiles: Riehl & Acronis Agent User)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Task: {0366B356-4748-440C-9E5D-F7F4808CD534} - \sup_games_notification_service No Task File <==== ATTENTION

Task: {0BFAFBB9-4476-44BC-B388-6FBAA998713B} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-3 No Task File <==== ATTENTION

Task: {3795D49F-97B0-428A-886A-C92EB64C6C40} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-5 No Task File <==== ATTENTION

Task: {5AB37152-38BA-43EC-86FC-8AC2A07EE949} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-4 No Task File <==== ATTENTION

Task: {8E8D44DA-EA84-4DC0-950D-A90970DF8874} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-1 No Task File <==== ATTENTION

Task: {A285E65C-471A-4D8F-9EDA-7E0AD01A617D} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION

Task: {B9207C0B-71B2-441E-9785-DBAE4317E0EF} - \temp_66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION
HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.77.253
Tcpip\..\Interfaces\{E18D4E09-AD6C-4156-9375-44EDC8C95F81}: [NameServer] 192.168.120.252,192.168.120.253
Tcpip\..\Interfaces\{F7780FA9-170A-4DD6-9B49-6E97103E3F56}: [DhcpNameServer] 192.168.77.253
Emptytemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0366B356-4748-440C-9E5D-F7F4808CD534}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0366B356-4748-440C-9E5D-F7F4808CD534}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\sup_games_notification_service" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BFAFBB9-4476-44BC-B388-6FBAA998713B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BFAFBB9-4476-44BC-B388-6FBAA998713B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-3" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3795D49F-97B0-428A-886A-C92EB64C6C40}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3795D49F-97B0-428A-886A-C92EB64C6C40}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-5" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AB37152-38BA-43EC-86FC-8AC2A07EE949}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AB37152-38BA-43EC-86FC-8AC2A07EE949}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-4" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E8D44DA-EA84-4DC0-950D-A90970DF8874}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E8D44DA-EA84-4DC0-950D-A90970DF8874}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-1" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A285E65C-471A-4D8F-9EDA-7E0AD01A617D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A285E65C-471A-4D8F-9EDA-7E0AD01A617D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-2" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9207C0B-71B2-441E-9785-DBAE4317E0EF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9207C0B-71B2-441E-9785-DBAE4317E0EF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\temp_66f0ed68-c883-4d32-aef0-cf1f0c66136e-2" => key removed successfully.
"HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E18D4E09-AD6C-4156-9375-44EDC8C95F81}\\NameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F7780FA9-170A-4DD6-9B49-6E97103E3F56}\\DhcpNameServer => value removed successfully.
EmptyTemp: => 3.5 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 17:38:11 ====

EDIT: Nachdem ich die "Gasme til you die" Geschichte entfernt habe ist bis jetzt nichts weiter gekommen...

schrauber 15.07.2015 09:44
das frische frst log bitte noch :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:53 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131