|
Vermutlich von einem Virus oder Trojana betroffen Hallo an alle, ich hoffe ich bekomme hier hilfe. Ich habe eine "schwindlige" Datei heruntergeladen, als ich diese öffnen wollte passierte nichts. Jetzt vermute ich dass diese EXE ein Virus oder ein Trojaner war. AntiVir und Anti Maleware hat nichts gefunden. Hier die Daten von HijackThis v2.0.4: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:39:47, on 16.08.2012 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16447) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\windows\SysWOW64\RunDll32.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Users\Sandro\Downloads\chatroulette_generator_rapidshare.exe C:\torrent.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Users\Sandro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sandro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sandro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sandro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sandro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sandro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sandro\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Sandro\Downloads\HiJackThis204 (1).exe C:\Users\Sandro\Downloads\HiJackThis204.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM/4 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM/4 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) R3 - URLSearchHook: (no name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: loadtbs - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Sandro\AppData\Roaming\loadtbs\toolbar.dll O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Google Update] "C:\Users\Sandro\AppData\Local\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [iPhone PC Suite] C:\Program Files (x86)\NetDragon\91 Mobile\iPhone\iPhone PC Suite.exe /start O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST') O4 - Startup: Logitech Touch Mouse Server.lnk = Sandro\Desktop\Touch Mouse\Logitech Touch Mouse Server\iTouch-Server-Win.exe O4 - Global Startup: Bluetooth.lnk = ? O4 - Global Startup: FILSHtray.lnk = C:\Program Files (x86)\FILSHtray\FILSHtray.exe O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Sandro\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: hxxp://*.mcafee.com (HKLM) O15 - Trusted Zone: hxxp://betavscan.mcafeeasap.com (HKLM) O15 - Trusted Zone: hxxp://vs.mcafeeasap.com (HKLM) O15 - Trusted Zone: hxxp://www.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: hxxp://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: hxxp://betavscan.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: hxxp://vs.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: hxxp://www.mcafeeasap.com (HKLM) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing) O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 13026 bytes Bitte um kurze Info ob hier etwas ungewöhliches dabei ist. Vielen Dank im voraus. |
hi was für eine datei: lade sie hoch. Trojaner-Board Upload Channel und sende mir den download link als private nachicht |
Habs hochgeladen aber keinen Link bekommen ? |
ja habs gesehen, danke wollte den link, von dem du es geladen hast, als private nachicht |
Sry find ich nicht mehr Und ? schon was gefunden ? glg |
ja, wer sich angebliche generatoren für rapit share etc läd muss sich ja echt nicht wundern... zumindest war das dein plan, laut dateiname malwarebytes: Downloade Dir bitte Malwarebytes
|
Nichts gefunden Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.16.10 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 Sandro :: SANDRO-HP [Administrator] Schutz: Deaktiviert 16.08.2012 21:25:18 mbam-log-2012-08-16 (21-25-18).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 352623 Laufzeit: 1 Stunde(n), 51 Minute(n), 49 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
download: Download AdwCleaner 1.801 Free - Adware and toolbar remover - Softpedia Programm starten und Search wählen Anschließend Logfile posten |
# AdwCleaner v1.801 - Logfile created 08/17/2012 at 23:04:44 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Home Premium (64 bits) # User : Sandro - SANDRO-HP # Boot Mode : Normal # Running from : C:\Users\Sandro\Downloads\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\Sandro\AppData\Local\Babylon Folder Found : C:\Users\Sandro\AppData\Local\Conduit Folder Found : C:\Users\Sandro\AppData\Local\Temp\BabylonToolbar Folder Found : C:\Users\Sandro\AppData\LocalLow\BabylonToolbar Folder Found : C:\Users\Sandro\AppData\LocalLow\boost_interprocess Folder Found : C:\Users\Sandro\AppData\LocalLow\Conduit Folder Found : C:\Users\Sandro\AppData\LocalLow\facemoods.com Folder Found : C:\Users\Sandro\AppData\Roaming\Babylon Folder Found : C:\Users\Sandro\AppData\Roaming\loadtbs Folder Found : C:\ProgramData\Babylon Folder Found : C:\Program Files (x86)\Conduit File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml File Found : C:\user.js ***** [Registry] ***** [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2319825 Key Found : HKCU\Software\AppDataLow\Software\Conduit Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\Conduit Key Found : HKCU\Software\Softonic Key Found : HKLM\SOFTWARE\Babylon Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1 Key Found : HKLM\SOFTWARE\Conduit [x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit [x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar [x64] Key Found : HKCU\Software\Conduit [x64] Key Found : HKCU\Software\Softonic [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr [x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1 ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}] [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} [x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}] ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4 -\\ Google Chrome v21.0.1180.79 File : C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Preferences Found : "homepage": "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=48&sspv=CHSB18", Found : "path": "plugins/ConduitChromeApiPlugin.dll", Found : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT231[...] Found : "homepage": "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=48&sspv=CHSB18", ************************* AdwCleaner[R1].txt - [6029 octets] - [17/08/2012 23:04:44] ########## EOF - C:\AdwCleaner[R1].txt - [6157 octets] ########## |
Und ? Was meinst du ? LG |
hi bitte jetzt delete wählen. und neues log posten. |
Nach dem deleten wurde der Laptop automatisch neugestartet, danach kam diese LOG-Datei # AdwCleaner v1.801 - Logfile created 08/21/2012 at 21:01:17 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Home Premium (64 bits) # User : Sandro - SANDRO-HP # Boot Mode : Normal # Running from : C:\Users\Sandro\Downloads\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\Sandro\AppData\Local\Babylon Folder Deleted : C:\Users\Sandro\AppData\Local\Conduit Folder Deleted : C:\Users\Sandro\AppData\Local\Temp\BabylonToolbar Folder Deleted : C:\Users\Sandro\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Sandro\AppData\LocalLow\boost_interprocess Folder Deleted : C:\Users\Sandro\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Sandro\AppData\LocalLow\facemoods.com Folder Deleted : C:\Users\Sandro\AppData\Roaming\Babylon Folder Deleted : C:\Users\Sandro\AppData\Roaming\loadtbs Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\Program Files (x86)\Conduit File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml File Deleted : C:\user.js ***** [Registry] ***** [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2319825 Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1 Key Deleted : HKLM\SOFTWARE\Conduit ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}] [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825 --> hxxp://www.google.com Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4 --> hxxp://www.google.com -\\ Google Chrome v21.0.1180.79 File : C:\Users\Sandro\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted : "homepage": "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=48&sspv=CHSB18", Deleted : "path": "plugins/ConduitChromeApiPlugin.dll", Deleted : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT231[...] Deleted : "homepage": "hxxp://search.conduit.com/?ctid=CT2319825&SearchSource=48&sspv=CHSB18", ************************* AdwCleaner[R1].txt - [6118 octets] - [17/08/2012 23:04:44] AdwCleaner[S1].txt - [4666 octets] - [21/08/2012 21:01:17] ########## EOF - C:\AdwCleaner[S1].txt - [4794 octets] ########## |
gut, lade den CCleaner standard: CCleaner Download - CCleaner 3.21.1767 falls der CCleaner bereits instaliert, überspringen. instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten. |
Hier die Liste : PS: Ich kenne die wenigsten Programme deshalb habe ich keine gekennzeichnet. 7-Zip 9.20 05.11.2011 Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 23.03.2011 6,00MB 10.2.153.1 Apple Application Support Apple Inc. 03.01.2012 61,1MB 2.1.6 Apple Mobile Device Support Apple Inc. 03.01.2012 24,4MB 4.0.0.97 Apple Software Update Apple Inc. 30.06.2011 2,25MB 2.1.3.127 ATI Catalyst Install Manager ATI Technologies, Inc. 01.12.2010 22,3MB 3.0.778.0 Avira AntiVir Personal - Free Antivirus Avira GmbH 14.02.2012 69,3MB 10.2.0.707 AviSynth 2.5 30.06.2011 BitTornado 0.3.18 John Hoffman 01.07.2012 0.3.18 Bonjour Apple Inc. 12.10.2011 2,00MB 3.0.0.10 Broadcom 2070 Bluetooth 3.0 Broadcom Corporation 01.12.2010 183MB 6.3.0.6300 Broadcom 802.11 Wireless LAN Adapter Broadcom Corporation 02.12.2010 5.60.350.6 CCleaner Piriform 22.08.2012 3.22 Corel Office Corel Corporation 30.04.2012 131MB 5.0.108.971 DivX-Setup DivX, LLC 27.12.2011 2.6.1.3 Easy2Convert PCD to JPG 1.2 Easy2Convert Software 07.08.2012 3,77MB 1.2 FILSHtray FILSH Media GmbH 21.06.2012 15,3MB 0.12 Free Video to iPhone Converter version 3.2.19.602 DVDVideoSoft Limited. 30.06.2011 30,0MB Free YouTube to MP3 Converter version 3.11.24.608 DVDVideoSoft Ltd. 21.06.2012 90,1MB 3.11.24.608 Google Chrome Google Inc. 22.03.2011 21.0.1180.83 HP Advisor Hewlett-Packard 08.09.2010 53,9MB 3.4.10262.3295 HP Documentation Hewlett-Packard 08.09.2010 883MB 1.5.1.0 HP ESU for Microsoft Windows 7 Hewlett-Packard Company 12.10.2011 15,0MB 1.1.8.1 HP HotKey Support Hewlett-Packard Company 30.03.2011 11,6MB 4.0.3.1 HP Setup Hewlett-Packard Company 08.09.2010 8.2.4130.3367 HP SoftPaq Download Manager Hewlett-Packard Company 08.09.2010 14,3MB 3.0.5.0 HP Software Framework Hewlett-Packard Company 08.09.2010 2,37MB 4.0.51.1 HP Software Setup Hewlett-Packard Company 08.09.2010 11,7MB 7.0.1.6 HP Support Assistant Hewlett-Packard Company 19.01.2012 78,4MB 6.1.12.1 HP Webcam Roxio 30.03.2011 9,76MB 1.0.25.0 HP Webcam Driver Realtek Semiconductor Corp. 01.12.2010 6.1.7600.0049 HP Wireless Assistant Hewlett-Packard 08.09.2010 5,59MB 4.0.6.0 iCloud Apple Inc. 03.01.2012 31,1MB 1.0.2.17 IDT Audio IDT 09.11.2011 1.0.6300.0 Infix 4.29 Iceni Technology 09.06.2011 57,2MB iTunes Apple Inc. 03.01.2012 170MB 10.5.2.11 Java(TM) 6 Update 30 Oracle 08.06.2011 97,0MB 6.0.300 Java(TM) 7 Update 5 Oracle 11.07.2012 99,3MB 7.0.50 JavaFX 2.1.1 Oracle Corporation 11.07.2012 20,8MB 2.1.1 LightScribe System Software LightScribe 08.09.2010 23,3MB 1.18.12.1 loadtbs-3.0 07.08.2012 Logitech Touch Mouse Server 1.0 Logitech Inc. 07.07.2011 1.0 Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 16.08.2012 18,7MB 1.62.0.1300 Microsoft .NET Framework 4 Client Profile Microsoft Corporation 24.03.2011 38,8MB 4.0.30319 Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 24.03.2011 2,93MB 4.0.30319 Microsoft .NET Framework 4 Extended Microsoft Corporation 21.06.2012 51,9MB 4.0.30319 Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 21.06.2012 10,6MB 4.0.30319 Microsoft Silverlight Microsoft Corporation 12.05.2012 120MB 4.1.10329.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 27.04.2011 260KB 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 08.09.2010 708KB 8.0.61000 Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 30.04.2011 580KB 8.0.51011 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 30.04.2011 790KB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 30.04.2011 598KB 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 08.09.2010 788KB 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 01.12.2010 788KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 24.06.2011 788KB 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 23.03.2011 596KB 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 24.06.2011 600KB 9.0.30729.6161 MKVtoolnix 4.6.0 Moritz Bunkus 13.04.2011 4.6.0 Optimizer Pro v3.0 PC Utilities Pro 07.08.2012 3.0 PDF Complete Special Edition PDF Complete, Inc 02.12.2010 3.5.117 qBittorrent 2.9.7 01.07.2012 QuickTime Apple Inc. 10.08.2011 73,0MB 7.70.80.34 RAD Video Tools 20.06.2012 Realtek Ethernet Controller All-In-One Windows Driver Realtek 08.09.2010 1.12.0011 Skype™ 4.2 Skype Technologies S.A. 01.12.2010 31,7MB 4.2.163 Synaptics Pointing Device Driver Synaptics Incorporated 08.09.2010 15.0.10.0 Veetle TV Veetle, Inc 14.12.2011 0.9.18 VLC media player 1.1.8 VideoLAN 25.03.2011 1.1.8 Windows 7 Default Setting Hewlett-Packard Company 08.09.2010 32,0KB 1.0.1.7 Windows Live ID Sign-in Assistant Microsoft Corporation 08.09.2010 10,0MB 6.500.3165.0 WinRAR 4.00 (32-Bit) win.rar GmbH 22.03.2011 4.00.0 |
Und ist was auffälliges dabei ? lg |
bitte beschrifte die programme, danke |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 12:01 Uhr. |
Copyright ©2000-2025, Trojaner-Board