|
Facebook Spam Virus Hey! Als ich vorhin auf Facebook gegangen bin kam von meinen Kollegen eine Nachricht mit einem Link, wo drauf stand, wer das sei... Ich dachte es sei ein Bild und habe draufgeklickt. Daraufhin habe ich festgestellt, dass es sich um einen Virus handelt, der immer alle Nachrichten an alle meine Kontakte weiterschickt. Ich habe keine Ahnung, was ich nun tun soll! Bitte um schnelle Hilfe! lg |
:hallo: 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten. 2. Schritt Systemscan mit OTL (bebilderte Anleitung) |
OTL Logfile: Code: OTL logfile created on: 19.08.2012 23:18:54 - Run 1OTL Logfile: Code: OTL Extras logfile created on: 19.08.2012 23:18:54 - Run 1 |
Bitte das Malwarebytes Logfile posten! (Reiter Logberichte) |
Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.19.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 8.0.7601.17514 Felix :: PC [Administrator] Schutz: Aktiviert 19.08.2012 22:26:26 mbam-log-2012-08-19 (22-26-26).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|G:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 364225 Laufzeit: 46 Minute(n), 56 Sekunde(n) Infizierte Speicherprozesse: 1 C:\Users\Felix\M-10-6897-8685-3464\winmgr.exe (Trojan.MWF.Gen) -> 1900 -> Löschen bei Neustart. Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 32 HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Keine Aktion durchgeführt. HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Keine Aktion durchgeführt. HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> Keine Aktion durchgeführt. HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> Keine Aktion durchgeführt. HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VLC classic (Trojan.FakeVLC) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 3 HKCU\Software\InstalledBrowserExtensions\215 Apps|2258 (PUP.CrossFire.SA) -> Daten: I Want This -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Microsoft Windows Manager (Trojan.MWF.Gen) -> Daten: C:\Users\Felix\M-10-6897-8685-3464\winmgr.exe -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Daten: 215 Apps -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 3 C:\Program Files (x86)\I Want This (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Felix\AppData\Local\I Want This (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Felix\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 12 C:\Program Files (x86)\I Want This\I Want This.dll (PUP.GamePlayLab) -> Keine Aktion durchgeführt. C:\Program Files (x86)\I Want This\I Want This.dll (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\I Want This\I Want This.exe (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\I Want This\I Want ThisGui.exe (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\I Want This\Uninstall.exe (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Vlcclassic\Uninstall.exe (Trojan.FakeVLC) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Felix\AppData\Local\Temp\is357113909\IWantThis_IC_V3_ROW.exe (Adware.GamePlayLabs) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\I Want This\I Want This.ini (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\I Want This\I Want This.ico (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Felix\M-10-6897-8685-3464\winmgr.exe (Trojan.MWF.Gen) -> Löschen bei Neustart. C:\Users\Felix\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code: :OTL
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! |
All processes killed ========== OTL ========== No active process named winmgr.exe was found! Service Application Updater stopped successfully! Service Application Updater deleted successfully! C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe moved successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! HKU\S-1-5-21-3426883385-14315924-2874069908-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\BrowserMngr Start Page| /E : value set successfully! HKU\S-1-5-21-3426883385-14315924-2874069908-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry value HKEY_USERS\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}\ deleted successfully. c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll moved successfully. Registry value HKEY_USERS\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{3cb073f3-be3c-4e8f-942d-8a747b54486f} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3cb073f3-be3c-4e8f-942d-8a747b54486f}\ deleted successfully. C:\Program Files (x86)\asktoolbar4\asktoolbar4X.dll moved successfully. Registry value HKEY_USERS\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E634228A-03CF-4BC8-B0AB-668257F1FD8C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully. File C:\Program Files (x86)\FreeRIP Toolbar\IE\5.0\freeripToolbarIE.dll not found. HKEY_USERS\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Internet Explorer\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}\ not found. Registry key HKEY_USERS\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F4AF372B-0A3A-4A96-814D-242EF20DA848}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F4AF372B-0A3A-4A96-814D-242EF20DA848}\ not found. HKU\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! HKU\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1 Prefs.js: "hxxp://search.babylon.com/?affID=110819&tt=bandext_3312_2&babsrc=HP_ss&mntrId=58f9ab58000000000000000854a04cb5" removed from browser.startup.homepage Prefs.js: "Yahoo" removed from browser.search.defaultenginename Prefs.js: "Yahoo" removed from browser.search.selectedEngine Prefs.js: "hxxp://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=386496&ilc=12&p=" removed from keyword.URL Prefs.js: "chr-greentree_ff&type=386496&ilc=12" removed from browser.search.param.yahoo-fr Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b64982b1-d112-42b5-b1e4-d3867c4533f8}\ not found. C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content folder moved successfully. C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components folder moved successfully. C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension folder moved successfully. Use Chrome's Settings page to change the HomePage. C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0 folder moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}\ deleted successfully. C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3cb073f3-be3c-4e8f-942d-8a747b54486f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3cb073f3-be3c-4e8f-942d-8a747b54486f}\ not found. File C:\Program Files (x86)\asktoolbar4\asktoolbar4X.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ deleted successfully. C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll moved successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ not found. File C:\Program Files (x86)\FreeRIP Toolbar\IE\5.0\freeripToolbarIE.dll not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{3cb073f3-be3c-4e8f-942d-8a747b54486f} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3cb073f3-be3c-4e8f-942d-8a747b54486f}\ not found. File C:\Program Files (x86)\asktoolbar4\asktoolbar4X.dll not found. Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E634228A-03CF-4BC8-B0AB-668257F1FD8C} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E634228A-03CF-4BC8-B0AB-668257F1FD8C}\ not found. File C:\Program Files (x86)\FreeRIP Toolbar\IE\5.0\freeripToolbarIE.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5.5ServiceManager deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Babylon Client deleted successfully. C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings deleted successfully. C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-3426883385-14315924-2874069908-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon\ deleted successfully. File C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll not found. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon\ deleted successfully. File C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon\ not found. File C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon\ not found. File C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found. File C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found. File C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! File C:\Users\Felix\Desktop\DownloadAcceleratorSetup.exe not found. C:\Windows\SysWOW64\ISSRemoveSP.exe moved successfully. C:\Users\Felix\AppData\Roaming\BabylonToolbar\Shared folder moved successfully. C:\Users\Felix\AppData\Roaming\BabylonToolbar\IE folder moved successfully. C:\Users\Felix\AppData\Roaming\BabylonToolbar\FF folder moved successfully. C:\Users\Felix\AppData\Roaming\BabylonToolbar\CR folder moved successfully. C:\Users\Felix\AppData\Roaming\BabylonToolbar folder moved successfully. C:\user.js moved successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32768 bytes ->Flash cache emptied: 0 bytes User: Felix ->Temp folder emptied: 320088753 bytes ->Temporary Internet Files folder emptied: 113641663 bytes ->FireFox cache emptied: 114836107 bytes ->Google Chrome cache emptied: 41471316 bytes ->Opera cache emptied: 20731954 bytes ->Flash cache emptied: 98932 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 360886435 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes RecycleBin emptied: 102004347 bytes Total Files Cleaned = 1.024,00 mb OTL by OldTimer - Version 3.2.58.1 log created on 08192012_235847 Files\Folders moved on Reboot... C:\Users\Felix\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Registry delete failed. HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D0F4A166-B8D4-48b8-9D63-80849FE137CB} scheduled to be deleted on reboot. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0F4A166-B8D4-48b8-9D63-80849FE137CB}\ not found. Und was soll ich nun tun? |
Downloade Dir bitte AdwCleaner auf deinen Desktop.
|
# AdwCleaner v1.801 - Logfile created 08/20/2012 at 00:26:43 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Felix - PC # Boot Mode : Normal # Running from : C:\Users\Felix\Desktop\adwcleaner.exe # Option [Search] ***** [Services] ***** Found : Browser Manager ***** [Files / Folders] ***** Folder Found : C:\Users\Felix\AppData\Local\Babylon Folder Found : C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0 Folder Found : C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Folder Found : C:\Users\Felix\AppData\LocalLow\BabylonToolbar Folder Found : C:\Users\Felix\AppData\LocalLow\Search Settings Folder Found : C:\Users\Felix\AppData\Roaming\Ask.com Folder Found : C:\Users\Felix\AppData\Roaming\Babylon Folder Found : C:\Users\Felix\AppData\Roaming\OpenCandy Folder Found : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Folder Found : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\crossriderapp2258@crossrider.com Folder Found : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\ffxtlbr@babylon.com Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\Browser Manager Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Folder Found : C:\Program Files\Babylon Folder Found : C:\Program Files (x86)\Application Updater Folder Found : C:\Program Files (x86)\Babylon Folder Found : C:\Program Files (x86)\BabylonToolbar Folder Found : C:\Program Files (x86)\DealPly Folder Found : C:\Program Files (x86)\Common Files\spigot File Found : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\adapter@babylontc.com.xpi File Found : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\ocr@babylon.com.xpi File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\ask.xml File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml ***** [Registry] ***** Key Found : HKCU\Software\APN DTX Key Found : HKCU\Software\AppDataLow\Software\I Want This Key Found : HKCU\Software\AppDataLow\Software\Search Settings Key Found : HKCU\Software\Ask.com.tmp Key Found : HKCU\Software\Babylon Key Found : HKCU\Software\BabylonToolbar Key Found : HKCU\Software\Cr_Installer Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\DataMngr_Toolbar Key Found : HKCU\Software\DealPly Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Found : HKCU\Software\InstalledBrowserExtensions Key Found : HKCU\Software\Search Settings Key Found : HKLM\SOFTWARE\Application Updater Key Found : HKLM\SOFTWARE\Babylon Key Found : HKLM\SOFTWARE\BabylonToolbar Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Found : HKLM\SOFTWARE\Classes\b Key Found : HKLM\SOFTWARE\Classes\BabyDict Key Found : HKLM\SOFTWARE\Classes\BabyGloss Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Key Found : HKLM\SOFTWARE\Classes\BabyOptFile Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Key Found : HKLM\SOFTWARE\DataMngr Key Found : HKLM\SOFTWARE\DealPly Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Key Found : HKLM\SOFTWARE\Search Settings Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] [x64] Key Found : HKCU\Software\APN DTX [x64] Key Found : HKCU\Software\AppDataLow\Software\I Want This [x64] Key Found : HKCU\Software\AppDataLow\Software\Search Settings [x64] Key Found : HKCU\Software\Ask.com.tmp [x64] Key Found : HKCU\Software\Babylon [x64] Key Found : HKCU\Software\BabylonToolbar [x64] Key Found : HKCU\Software\Cr_Installer [x64] Key Found : HKCU\Software\DataMngr [x64] Key Found : HKCU\Software\DataMngr_Toolbar [x64] Key Found : HKCU\Software\DealPly [x64] Key Found : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje [x64] Key Found : HKCU\Software\InstalledBrowserExtensions [x64] Key Found : HKCU\Software\Search Settings [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE [x64] Key Found : HKLM\SOFTWARE\Classes\b [x64] Key Found : HKLM\SOFTWARE\Classes\BabyDict [x64] Key Found : HKLM\SOFTWARE\Classes\BabyGloss [x64] Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd [x64] Key Found : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 [x64] Key Found : HKLM\SOFTWARE\Classes\BabyOptFile [x64] Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore [x64] Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 [x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane [x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 [x64] Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 [x64] Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc [x64] Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 [x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe [x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45e2-857D-2A368FE749E5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Found : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Found : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Found : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} [x64] Key Found : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} [x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} ***** [Internet Browsers] ***** -\\ Internet Explorer v8.0.7601.17514 [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=110819&tt=bandext_3312_2&babsrc=NT_ss&mntrId=58f9ab58000000000000000854a04cb5 -\\ Mozilla Firefox v11.0 (de) Profile name : default File : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\prefs.js Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=110819&tt=bandext_3312_2&babsrc=NT[...] Found : user_pref("extensions.BabylonToolbar.admin", false); Found : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar.babExt", ""); Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=110819&tt=bandext_3312_2"); Found : user_pref("extensions.BabylonToolbar.bbDpng", 19); Found : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Found : user_pref("extensions.BabylonToolbar.dfltSrch", true); Found : user_pref("extensions.BabylonToolbar.excTlbr", false); Found : user_pref("extensions.BabylonToolbar.hmpg", true); Found : user_pref("extensions.BabylonToolbar.id", "58f9ab58000000000000000854a04cb5"); Found : user_pref("extensions.BabylonToolbar.instlDay", "15389"); Found : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=110819&tt=bandex[...] Found : user_pref("extensions.BabylonToolbar.lastDP", 19); Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.4.622:16:00"); Found : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "11.0"); Found : user_pref("extensions.BabylonToolbar.newTab", true); Found : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP"); Found : user_pref("extensions.BabylonToolbar.noFFXTlbr", false); Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar.propectorlck", 83967395); Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 1); Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar.ptch_0717", true); Found : user_pref("extensions.BabylonToolbar.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q="); Found : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.4.622:16:00"); Found : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar_i.babExt", ""); Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=bandext_3312_2"); Found : user_pref("extensions.BabylonToolbar_i.hardId", "58f9ab58000000000000000854a04cb5"); Found : user_pref("extensions.BabylonToolbar_i.id", "58f9ab58000000000000000854a04cb5"); Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15389"); Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.622:16:00"); Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Found : user_pref("extensions.crossriderapp2258.adsOldValue", -1); Found : user_pref("extensions.enabledAddons", "adapter@babylontc.com:1.0.0.1,crossriderapp2258@crossrider.co[...] -\\ Google Chrome v21.0.1180.79 File : C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Preferences Found : "description": "Babylon tool translates texts from within your Google Chrome in a sin[...] Found : "128": "babylon48.png", Found : "48": "babylon48.png" Found : "name": "Babylon Translator", Found : "path": "BabylonChromePI.dll", Found : "update_url": "hxxp://img.babylon.com/ext/chrome/update/update.xml", Found : "homepage": "hxxp://search.babylon.com/?affID=110819&tt=bandext_3312_2&babsrc=HP_ss&mntrId=58f9ab[...] Found : "session": {"restore_on_startup": 4, "urls_to_restore_on_startup": [ "hxxp://search.babylon.com/?[...] -\\ Opera v11.50.1074.0 File : C:\Users\Felix\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [19293 octets] - [20/08/2012 00:26:43] ########## EOF - C:\AdwCleaner[R1].txt - [19422 octets] ########## |
Sehr gut! :daumenhoc
danach: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
# AdwCleaner v1.801 - Logfile created 08/20/2012 at 00:44:19 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : Felix - PC # Boot Mode : Normal # Running from : C:\Users\Felix\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** Stopped & Deleted : Browser Manager ***** [Files / Folders] ***** Folder Deleted : C:\Users\Felix\AppData\Local\Babylon Folder Deleted : C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_mpfapcdfbbledbojijcbcclmlieaoogk_0 Folder Deleted : C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Folder Deleted : C:\Users\Felix\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\Felix\AppData\LocalLow\Search Settings Folder Deleted : C:\Users\Felix\AppData\Roaming\Ask.com Folder Deleted : C:\Users\Felix\AppData\Roaming\Babylon Folder Deleted : C:\Users\Felix\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Folder Deleted : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\crossriderapp2258@crossrider.com Folder Deleted : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\ffxtlbr@babylon.com Folder Deleted : C:\ProgramData\Babylon Deleted on reboot : C:\ProgramData\Browser Manager Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Folder Deleted : C:\Program Files\Babylon Folder Deleted : C:\Program Files (x86)\Application Updater Folder Deleted : C:\Program Files (x86)\Babylon Folder Deleted : C:\Program Files (x86)\BabylonToolbar Folder Deleted : C:\Program Files (x86)\DealPly Folder Deleted : C:\Program Files (x86)\Common Files\spigot File Deleted : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\adapter@babylontc.com.xpi File Deleted : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\extensions\ocr@babylon.com.xpi File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\ask.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml ***** [Registry] ***** Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\AppDataLow\Software\I Want This Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings Key Deleted : HKCU\Software\Ask.com.tmp Key Deleted : HKCU\Software\Babylon Key Deleted : HKCU\Software\BabylonToolbar Key Deleted : HKCU\Software\Cr_Installer Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DealPly Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\Search Settings Key Deleted : HKLM\SOFTWARE\Application Updater Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\BabylonToolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\b Key Deleted : HKLM\SOFTWARE\Classes\BabyDict Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1 Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1 Key Deleted : HKLM\SOFTWARE\DataMngr Key Deleted : HKLM\SOFTWARE\DealPly Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Key Deleted : HKLM\SOFTWARE\Search Settings Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45e2-857D-2A368FE749E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542} Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}] [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997} [x64] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} [x64] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} [x64] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} [x64] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} ***** [Internet Browsers] ***** -\\ Internet Explorer v8.0.7601.17514 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=110819&tt=bandext_3312_2&babsrc=NT_ss&mntrId=58f9ab58000000000000000854a04cb5 --> hxxp://www.google.com -\\ Mozilla Firefox v11.0 (de) Profile name : default File : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\prefs.js C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\smvvpp0h.default\user.js ... Deleted ! Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=110819&tt=bandext_3312_2&babsrc=NT[...] Deleted : user_pref("extensions.BabylonToolbar.admin", false); Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=110819&tt=bandext_3312_2"); Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 19); Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true); Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false); Deleted : user_pref("extensions.BabylonToolbar.hmpg", true); Deleted : user_pref("extensions.BabylonToolbar.id", "58f9ab58000000000000000854a04cb5"); Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15389"); Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?affID=110819&tt=bandex[...] Deleted : user_pref("extensions.BabylonToolbar.lastDP", 19); Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.4.622:16:00"); Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "11.0"); Deleted : user_pref("extensions.BabylonToolbar.newTab", true); Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_FFUP"); Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false); Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 83967395); Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 1); Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true); Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none"); Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q="); Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.4.622:16:00"); Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar_i.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=bandext_3312_2"); Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "58f9ab58000000000000000854a04cb5"); Deleted : user_pref("extensions.BabylonToolbar_i.id", "58f9ab58000000000000000854a04cb5"); Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15389"); Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.4.622:16:00"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); Deleted : user_pref("extensions.crossriderapp2258.adsOldValue", -1); Deleted : user_pref("extensions.enabledAddons", "adapter@babylontc.com:1.0.0.1,crossriderapp2258@crossrider.co[...] -\\ Google Chrome v21.0.1180.79 File : C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted : "description": "Babylon tool translates texts from within your Google Chrome in a sin[...] Deleted : "128": "babylon48.png", Deleted : "48": "babylon48.png" Deleted : "name": "Babylon Translator", Deleted : "path": "BabylonChromePI.dll", Deleted : "update_url": "hxxp://img.babylon.com/ext/chrome/update/update.xml", Deleted : "homepage": "hxxp://search.babylon.com/?affID=110819&tt=bandext_3312_2&babsrc=HP_ss&mntrId=58f9ab[...] Deleted : "session": {"restore_on_startup": 4, "urls_to_restore_on_startup": [ "hxxp://search.babylon.com/?[...] -\\ Opera v11.50.1074.0 File : C:\Users\Felix\AppData\Roaming\Opera\Opera\operaprefs.ini [OK] File is clean. ************************* AdwCleaner[R1].txt - [19294 octets] - [20/08/2012 00:26:43] AdwCleaner[S1].txt - [284 octets] - [20/08/2012 00:43:37] AdwCleaner[S2].txt - [16818 octets] - [20/08/2012 00:44:19] ########## EOF - C:\AdwCleaner[S2].txt - [16947 octets] ########## |
Emsisoft Log? |
Dauert noch ca. 10mins :glaskugel: Aber iwie hat er schon wieder Viren gefunden :stirn: |
10 Minuten :D |
Fehlende Rückmeldung Gibt es Probleme beim Abarbeiten obiger Anleitung? Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen. Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema. http://www.trojaner-board.de/69886-a...-beachten.html Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist. |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 15:23 Uhr. |
Copyright ©2000-2025, Trojaner-Board