Sobald man einen direkt downloadlink anklickt, popup ,werbung
 

Hallo,
ich habe das Gefühl, das mein PC sich nen schnupfen geholt hat.
Solbald ich von einer Seite, z.B. Nivida, einen Downloadlink anklicke, komme ich auf gaming, bzw. aduld game seiten raus. beim 2. mal funktioniert der Download-link.

Falls ich mir eher EBOLAIDS, statt nem schnupfen eingefangen, habe pls hlp.

Habe ADW-Cleaner mal drüber laufen lassen.
Hier mal das logfile:
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-21-2019
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 31
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\ByteFence
Deleted C:\Users\Gotte\AppData\Roaming\DESKTOPICONAMAZON
Deleted C:\Program Files (x86)\VLC UPDATER
Deleted C:\Users\Gotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC UPDATER
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

Deleted C:\Users\Gotte\AppData\Roaming\Mozilla\Firefox\Profiles\cs25at6k.default\searchplugins\bing-lavasoft.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-18\Software\ByteFence
Deleted HKU\.DEFAULT\Software\ByteFence
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted HKCU\Software\csastats
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|VLC Updater
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|VLC Updater
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Updater
Deleted HKCU\Software\AM|VLC Updater
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Deleted FromDocToPDF
Deleted fijhlnmmmgflacagjecncpmpnhjieggk
Deleted oadboiipflhobonjjffjbfekfjcgkhco
Deleted musicNet Search
Deleted FromDocToPDF

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3941 octets] - [21/01/2019 23:29:43]
AdwCleaner[S01].txt - [4002 octets] - [21/01/2019 23:30:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########


# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-21-2019
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 31
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****



Deleted C:\ProgramData\ByteFence
Deleted C:\Users\Gotte\AppData\Roaming\DESKTOPICONAMAZON
Deleted C:\Program Files (x86)\VLC UPDATER
Deleted C:\Users\Gotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC UPDATER
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

Deleted C:\Users\Gotte\AppData\Roaming\Mozilla\Firefox\Profiles\cs25at6k.default\searchplugins\bing-lavasoft.xml

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-18\Software\ByteFence
Deleted HKU\.DEFAULT\Software\ByteFence
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted HKCU\Software\csastats
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|VLC Updater
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|VLC Updater
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Updater
Deleted HKCU\Software\AM|VLC Updater
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Deleted FromDocToPDF
Deleted fijhlnmmmgflacagjecncpmpnhjieggk
Deleted oadboiipflhobonjjffjbfekfjcgkhco
Deleted musicNet Search
Deleted FromDocToPDF

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3941 octets] - [21/01/2019 23:29:43]
AdwCleaner[S01].txt - [4002 octets] - [21/01/2019 23:30:51]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-21-2019
# Duration: 00:00:08
# OS: Windows 10 Pro
# Scanned: 32304
# Detected: 31


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.ByteFence C:\ProgramData\ByteFence
PUP.Optional.Legacy C:\Users\Gotte\AppData\Roaming\DESKTOPICONAMAZON
PUP.Optional.VLCUpdaterDE C:\Program Files (x86)\VLC UPDATER
PUP.Optional.VLCUpdaterDE C:\Users\Gotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC UPDATER
PUP.Optional.WebCompanion C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion

***** [ Files ] *****

PUP.Optional.Legacy C:\Users\Gotte\AppData\Roaming\Mozilla\Firefox\Profiles\cs25at6k.default\searchplugins\bing-lavasoft.xml

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.ByteFence HKU\S-1-5-18\Software\ByteFence
PUP.Optional.ByteFence HKU\.DEFAULT\Software\ByteFence
PUP.Optional.ByteFence HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
PUP.Optional.ByteFence HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.ProductSetup.A HKCU\Software\PRODUCTSETUP
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
PUP.Optional.SearchManager HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
PUP.Optional.VLCUpdaterDE HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|VLC Updater
PUP.Optional.VLCUpdaterDE HKCU\Software\Microsoft\Windows\CurrentVersion\Run|VLC Updater
PUP.Optional.VLCUpdaterDE HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VLC Updater
PUP.Optional.VLCUpdaterDE HKCU\Software\AM|VLC Updater
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Adware.Mindspark FromDocToPDF
PUP.Optional.CrossRider fijhlnmmmgflacagjecncpmpnhjieggk
PUP.Optional.Legacy oadboiipflhobonjjffjbfekfjcgkhco
PUP.Optional.MediaNetNow musicNet Search
PUP.Optional.MindSpark FromDocToPDF

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [3941 octets] - [21/01/2019 23:29:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########



:dankeschoen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)