|
cyber polizei austria hallo ich hab ein großes problem ich hab beim aurfen eine nachricht von der polizei am desktop erwischt sieht stark nach einem virus oder sonst was aus da ich aber keine ahnung von virenbekämpfung hab wäre nett wenn jand der sich auskennt erklärt wie ich das alles in ordnung bringen kann danke im voraus detektivc55 wäre nett wenn einer antworten würde:heulen: mein laptop ist seit stunden k.o. ich brauche dringend anweisungen um meinen computer zu fixen hab jede menge gelesen über otl. und etc. hab aber keine idee:singsing: bitte rettet mich aus der krise dafür wäre ich echt dankbar detektiv55 Hab bereits den Anweisungen befolgt: Report: Malwarebytes Anti-Malware (Test) 1.62.0.1300 Malwarebytes : Free anti-malware download Datenbank Version: v2012.08.29.05 Windows 7 Service Pack 1 x64 NTFS (Abgesichertenmodus/Netzwerkfähig) Internet Explorer 9.0.8112.16421 lee :: LEE-PC [Administrator] Schutz: Deaktiviert 29.08.2012 15:11:04 mbam-log-2012-08-29 (15-11-04).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 205255 Laufzeit: 4 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 16 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 4 C:\Program Files (x86)\MyWebSearch (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar\History (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Keine Aktion durchgeführt. Infizierte Dateien: 6 C:\Users\lee\Desktop\SoftonicDownloader_fuer_free-youtube-download.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Users\lee\AppData\Local\Temp\install_0_msi.exe (Trojan.PWS) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\lee\AppData\Local\Temp\1jfuweif.exe (Exploit.Drop.GS) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk (Trojan.Ransom.Gen) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Gut hab den computer neugestartet schön:taenzer:!!! der computer geht, aber wie ich in den anderen threads vernommen habe gilt: aufgeschoben ist nicht aufgehoben!:nono: Ich warte auf die Analyse der Board Experten und hoffe dass keine schweren Viren meinen Computer belastet haben. Danke im Voraus detektiv55 2) Tut mir leid dass ich hintereinander poste, aber ich hab erst spät die Anweisungen für Trojaner-Befälle befolgt. Hier ist die OLT.txt:OTL Logfile: Code: OTL logfile created on: 29.08.2012 16:25:17 - Run 2Wäre eventuell über eine Antwort erfreut!:singsing: Zitat:
|
:hallo: Fixen mit OTL Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).
Code: :OTL
Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen! |
AW Danke hab nach deinen Anweisungen gehandelt hier ist der Bericht von OTL: All processes killed ========== OTL ========== Service Akamai stopped successfully! Service Akamai deleted successfully! c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll moved successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cd90bf73-20f6-44ef-993d-bb920303bd2e} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\ deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cd90bf73-20f6-44ef-993d-bb920303bd2e} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\ not found. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{cdf97ee2-ded0-4369-835e-99dd08225fa5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cdf97ee2-ded0-4369-835e-99dd08225fa5}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{08FA20CA-5827-4BF4-8C65-EF0988471E75}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08FA20CA-5827-4BF4-8C65-EF0988471E75}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5E1DA01C-1952-440C-B1E0-D91D3805DE2E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5E1DA01C-1952-440C-B1E0-D91D3805DE2E}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{97A85195-496F-4340-A999-99A571294F34}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{97A85195-496F-4340-A999-99A571294F34}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.91\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin\ deleted successfully. Use Chrome's Settings page to change the HomePage. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{cd90bf73-20f6-44ef-993d-bb920303bd2e} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cd90bf73-20f6-44ef-993d-bb920303bd2e}\ not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{00000000-0000-0000-0000-000000000000} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-0000-0000-0000-000000000000}\ not found. Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found. 64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ deleted successfully. C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll moved successfully. 64bit-Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{32099AAC-C132-4136-9E9A-4E364A424E17} deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Babylon Client deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DivX Download Manager deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface deleted successfully. C:\Users\lee\AppData\Local\Akamai\netsession_win.exe moved successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Media Finder deleted successfully. Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\RegistryBooster deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully. Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xel exportieren\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon\ deleted successfully. 64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Nach Microsoft E&xel exportieren\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon\ not found. Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}\ not found. Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7} C:\Windows\Downloaded Program Files\gp.inf not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d232ca8-d88c-11df-b1d7-20cf30375751}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d232ca8-d88c-11df-b1d7-20cf30375751}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4d232ca8-d88c-11df-b1d7-20cf30375751}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4d232ca8-d88c-11df-b1d7-20cf30375751}\ not found. File F:\LaunchU3.exe -a not found. C:\Users\lee\ntuser.pol moved successfully. C:\ProgramData\ism_0_llatsni.pad moved successfully. C:\Users\lee\1jfuweif.exe moved successfully. ADS C:\ProgramData\Temp:6093F383 deleted successfully. ADS C:\ProgramData\Temp:2F370DA6 deleted successfully. ADS C:\ProgramData\Temp:AB689DEA deleted successfully. ADS C:\ProgramData\Temp:8CE646EE deleted successfully. ADS C:\ProgramData\Temp:517B507A deleted successfully. ADS C:\ProgramData\Temp:A724744F deleted successfully. C:\user.js moved successfully. C:\Windows\MusiccityDownload.exe moved successfully. ========== FILES ========== C:\Users\lee\AppData\Local\{B49C33A5-2B8C-4049-933D-0C20951B0EBF} moved successfully. C:\ProgramData\FullRemove.exe moved successfully. C:\ProgramData\Temp\{C59C179C-668D-49A9-B6EA-0121CCFC1243} folder moved successfully. C:\ProgramData\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41} folder moved successfully. C:\ProgramData\Temp\{40BF1E83-20EB-11D8-97C5-0009C5020658} folder moved successfully. C:\ProgramData\Temp folder moved successfully. C:\Users\lee\AppData\Local\Temp\2jfuweif.exe moved successfully. C:\Users\lee\AppData\Local\Temp\ose00000.exe moved successfully. C:\Users\lee\AppData\Local\Temp\_is20C8.exe moved successfully. C:\Users\lee\AppData\Local\Temp\_is646.exe moved successfully. C:\Users\lee\AppData\Local\Temp\_isC245.exe moved successfully. C:\Users\lee\AppData\Local\Temp\_isEDC7.exe moved successfully. C:\Users\lee\AppData\Local\Temp\_isEF8E.exe moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully. C:\Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully. File/Folder C:\Users\lee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk not found. File/Folder C:\Windows\System32\*.tmp not found. File/Folder C:\Windows\SysWOW64\*.tmp not found. < ipconfig /flushdns /c > Windows-IP-Konfiguration Der DNS-Aufl”sungscache wurde geleert. C:\Users\lee\Desktop\cmd.bat deleted successfully. C:\Users\lee\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->Flash cache emptied: 56478 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: lee ->Temp folder emptied: 1085734393 bytes ->Temporary Internet Files folder emptied: 799299742 bytes ->FireFox cache emptied: 657331742 bytes ->Google Chrome cache emptied: 6760050 bytes ->Flash cache emptied: 126314 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 631269140 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50702 bytes RecycleBin emptied: 79225752 bytes Total Files Cleaned = 3.109,00 mb OTL by OldTimer - Version 3.2.59.1 log created on 08292012_184828 Files\Folders moved on Reboot... C:\Users\lee\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Hoffe das war´s, wirklich danke!:rofl: P.S.: Kann ich die ganzen Sachen löschen, OTL., Defogger etc.? |
Nein, nix loeschen!!! Sehr gut! :daumenhoc Wie laeuft der Rechner? 1. Schritt Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.danach: 2. Schritt Downloade Dir bitte AdwCleaner auf deinen Desktop.
|
Hi hier mal das Ergebnis der Malware: Malwarebytes Anti-Malware (Test) 1.62.0.1300 www.malwarebytes.org Datenbank Version: v2012.08.29.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 lee :: LEE-PC [Administrator] Schutz: Aktiviert 30.08.2012 10:19:30 mbam-log-2012-08-30 (10-19-30).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 371068 Laufzeit: 1 Stunde(n), 27 Minute(n), 24 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 14 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Keine Aktion durchgeführt. HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 4 C:\Program Files (x86)\MyWebSearch (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar\History (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Keine Aktion durchgeführt. Infizierte Dateien: 7 C:\Program Files (x86)\Uninstall Information\ib_uninst_358\uninstall.exe (PUP.BundleInstaller.IB) -> Keine Aktion durchgeführt. C:\Program Files (x86)\Uninstall Information\ib_uninst_514\uninstall.exe (PUP.BundleInstaller.IB) -> Keine Aktion durchgeführt. C:\Users\lee\AppData\Local\My Web Search Installer.exe (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Users\lee\Desktop\SoftonicDownloader_fuer_free-youtube-download.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar\History\search3 (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\Program Files (x86)\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Keine Aktion durchgeführt. C:\_OTL\MovedFiles\08292012_184828\C_Users\lee\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\7f06f7f6-10729601 (Trojan.PWS) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Nach dem Adwcleaner kommt dieser Report: # AdwCleaner v1.801 - Logfile created 08/30/2012 at 15:31:36 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : lee - LEE-PC # Boot Mode : Normal # Running from : C:\Users\lee\Desktop\adwcleaner.exe # Option [Search] ***** [Services] ***** ***** [Files / Folders] ***** Folder Found : C:\Users\lee\AppData\Local\Babylon Folder Found : C:\Users\lee\AppData\Local\Conduit Folder Found : C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Folder Found : C:\Users\lee\AppData\Local\Ilivid Player Folder Found : C:\Users\lee\AppData\Local\OpenCandy Folder Found : C:\Users\lee\AppData\LocalLow\BabylonToolbar Folder Found : C:\Users\lee\AppData\LocalLow\Conduit Folder Found : C:\Users\lee\AppData\LocalLow\facemoods.com Folder Found : C:\Users\lee\AppData\LocalLow\FunWebProducts Folder Found : C:\Users\lee\AppData\LocalLow\MyWebSearch Folder Found : C:\Users\lee\AppData\LocalLow\PriceGong Folder Found : C:\Users\lee\AppData\LocalLow\Veoh_Web_Player Folder Found : C:\Users\lee\AppData\Roaming\Babylon Folder Found : C:\Users\lee\AppData\Roaming\Media Finder Folder Found : C:\Users\lee\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com Folder Found : C:\Users\lee\AppData\Roaming\OpenCandy Folder Found : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\CT3227975 Folder Found : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\Smartbar Folder Found : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\extensions\{cdf97ee2-ded0-4369-835e-99dd08225fa5} Folder Found : C:\ProgramData\Babylon Folder Found : C:\ProgramData\boost_interprocess Folder Found : C:\ProgramData\IBUpdaterService Folder Found : C:\ProgramData\Trymedia Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\adapter@babylontc.com Folder Found : C:\Program Files (x86)\MyWebSearch Folder Found : C:\ProgramData\Partner File Found : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\searchplugins\Conduit.xml File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml File Found : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml ***** [Registry] ***** [*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2431245[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2653012[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3227975 Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Found : HKCU\Software\AppDataLow\Software\Freecause Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch Key Found : HKCU\Software\AppDataLow\Software\PriceGong Key Found : HKCU\Software\AppDataLow\Software\SmartBar Key Found : HKCU\Software\Babylon Key Found : HKCU\Software\Cr_Installer Key Found : HKCU\Software\DataMngr Key Found : HKCU\Software\DataMngr_Toolbar Key Found : HKCU\Software\MediaFinder Key Found : HKCU\Software\MyWebSearch Key Found : HKCU\Software\Softonic Key Found : HKLM\SOFTWARE\Babylon Key Found : HKLM\SOFTWARE\BabylonToolbar Key Found : HKLM\SOFTWARE\Classes\BabyDict Key Found : HKLM\SOFTWARE\Classes\BabyGloss Key Found : HKLM\SOFTWARE\Classes\BabyOptFile Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1 Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1 Key Found : HKLM\SOFTWARE\Classes\MF Key Found : HKLM\SOFTWARE\Conduit Key Found : HKLM\SOFTWARE\DataMngr Key Found : HKLM\SOFTWARE\FocusInteractive Key Found : HKLM\SOFTWARE\Freeze.com Key Found : HKLM\SOFTWARE\Fun Web Products Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel Key Found : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Found : HKLM\SOFTWARE\MyWebSearch Key Found : HKLM\SOFTWARE\Veoh_Web_Player [x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes [x64] Key Found : HKCU\Software\AppDataLow\Software\Freecause [x64] Key Found : HKCU\Software\AppDataLow\Software\Fun Web Products [x64] Key Found : HKCU\Software\AppDataLow\Software\FunWebProducts [x64] Key Found : HKCU\Software\AppDataLow\Software\MyWebSearch [x64] Key Found : HKCU\Software\AppDataLow\Software\PriceGong [x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar [x64] Key Found : HKCU\Software\Babylon [x64] Key Found : HKCU\Software\Cr_Installer [x64] Key Found : HKCU\Software\DataMngr [x64] Key Found : HKCU\Software\DataMngr_Toolbar [x64] Key Found : HKCU\Software\MediaFinder [x64] Key Found : HKCU\Software\MyWebSearch [x64] Key Found : HKCU\Software\Softonic [x64] Key Found : HKLM\SOFTWARE\Classes\BabyDict [x64] Key Found : HKLM\SOFTWARE\Classes\BabyGloss [x64] Key Found : HKLM\SOFTWARE\Classes\BabyOptFile [x64] Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine [x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr [x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1 [x64] Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1 [x64] Key Found : HKLM\SOFTWARE\Classes\MF [x64] Key Found : HKLM\SOFTWARE\DataMngr ***** [Registre - GUID] ***** Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45e2-857D-2A368FE749E5} Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78} Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8} Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51613F26-4A56-4EC8-9AE3-4D16DF3534B1} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA37B0E3-DAEE-4313-9ECB-51DE18D03AA8} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} [x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} [x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} [x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC} [x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v14.0.1 (de) Profile name : default File : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\prefs.js Found : user_pref("CT3227975.1000082.isPlayDisplay", "true"); Found : user_pref("CT3227975.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Found : user_pref("CT3227975.CT3227975ads1", "%7B%22ads%22%3A%5B%7B%22aid%22%3A%2243677%22%2C%22title%22%3A%[...] Found : user_pref("CT3227975.CT3227975current_term", ""); Found : user_pref("CT3227975.CT3227975sdate", "19"); Found : user_pref("CT3227975.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3227975.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Found : user_pref("CT3227975.FirstTime", "true"); Found : user_pref("CT3227975.FirstTimeFF3", "true"); Found : user_pref("CT3227975.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...] Found : user_pref("CT3227975.UserID", "UN68843483739438633"); Found : user_pref("CT3227975.addressBarTakeOverEnabledInHidden", "true"); Found : user_pref("CT3227975.autoDisableScopes", -1); Found : user_pref("CT3227975.bDay_InstallDate", "19-6"); Found : user_pref("CT3227975.bDay_InstallFromToolbar", "yes"); Found : user_pref("CT3227975.browser.search.defaultthis.engineName", true); Found : user_pref("CT3227975.cbfirsttime", "Thu Jul 19 2012 12:02:56 GMT+0200"); Found : user_pref("CT3227975.defaultSearch", "true"); Found : user_pref("CT3227975.embeddedsData", "[{\"appId\":\"129837869370821819\",\"apiPermissions\":{\"cross[...] Found : user_pref("CT3227975.enableAlerts", "always"); Found : user_pref("CT3227975.enableSearchFromAddressBar", "true"); Found : user_pref("CT3227975.firstTimeDialogOpened", "true"); Found : user_pref("CT3227975.fixPageNotFoundError", "true"); Found : user_pref("CT3227975.fixPageNotFoundErrorInHidden", "true"); Found : user_pref("CT3227975.fixUrls", true); Found : user_pref("CT3227975.installId", "installbrain"); Found : user_pref("CT3227975.installType", "ConduitNSISIntegration"); Found : user_pref("CT3227975.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3227975.isNewTabEnabled", true); Found : user_pref("CT3227975.isPerformedSmartBarTransition", "true"); Found : user_pref("CT3227975.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Found : user_pref("CT3227975.keyword", true); Found : user_pref("CT3227975.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...] Found : user_pref("CT3227975.openThankYouPage", "false"); Found : user_pref("CT3227975.openUninstallPage", "true"); Found : user_pref("CT3227975.search.searchAppId", "129837869370821819"); Found : user_pref("CT3227975.search.searchCount", "0"); Found : user_pref("CT3227975.searchInNewTabEnabledInHidden", "true"); Found : user_pref("CT3227975.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3227975.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Found : user_pref("CT3227975.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Found : user_pref("CT3227975.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Found : user_pref("CT3227975.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Found : user_pref("CT3227975.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Found : user_pref("CT3227975.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Found : user_pref("CT3227975.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Found : user_pref("CT3227975.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Found : user_pref("CT3227975.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1342692162924"); Found : user_pref("CT3227975.serviceLayer_services_appTracking_lastUpdate", "1342692165624"); Found : user_pref("CT3227975.serviceLayer_services_appsMetadata_lastUpdate", "1342692162705"); Found : user_pref("CT3227975.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1342692163657"); Found : user_pref("CT3227975.serviceLayer_services_login_10.10.20.14_lastUpdate", "1344077853472"); Found : user_pref("CT3227975.serviceLayer_services_optimizer_lastUpdate", "1342692164195"); Found : user_pref("CT3227975.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1342692164220"); Found : user_pref("CT3227975.serviceLayer_services_searchAPI_lastUpdate", "1342692160582"); Found : user_pref("CT3227975.serviceLayer_services_serviceMap_lastUpdate", "1344010511323"); Found : user_pref("CT3227975.serviceLayer_services_toolbarContextMenu_lastUpdate", "1342692163522"); Found : user_pref("CT3227975.serviceLayer_services_toolbarSettings_lastUpdate", "1344077853154"); Found : user_pref("CT3227975.serviceLayer_services_translation_lastUpdate", "1344010511486"); Found : user_pref("CT3227975.settingsINI", true); Found : user_pref("CT3227975.shouldFirstTimeDialog", "false"); Found : user_pref("CT3227975.smartbar.CTID", "CT3227975"); Found : user_pref("CT3227975.smartbar.Uninstall", "0"); Found : user_pref("CT3227975.smartbar.homepage", true); Found : user_pref("CT3227975.smartbar.isHidden", true); Found : user_pref("CT3227975.smartbar.toolbarName", "appbario2 "); Found : user_pref("CT3227975.startPage", "userChanged"); Found : user_pref("CT3227975.toolbarBornServerTime", "19-7-2012"); Found : user_pref("CT3227975.toolbarCurrentServerTime", "4-8-2012"); Found : user_pref("Smartbar.ConduitHomepagesList", ""); Found : user_pref("Smartbar.ConduitSearchEngineList", "appbario2 Customized Web Search"); Found : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227975[...] Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3227975"); Found : user_pref("extensions.BabylonToolbar_i.newTab", true); Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://isearch.claro-search.com/?affID=115131&tt[...] Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227975&SearchSource=2&q=[...] -\\ Google Chrome v21.0.1180.83 File : C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Preferences Found : "description" : "Babylon Chrome OCR", Found : "128" : "babylon48.png", Found : "48" : "babylon48.png" Found : "name" : "Babylon Chrome OCR", Found : "path" : "BabylonChromePI.dll", ************************* AdwCleaner[R1].txt - [21270 octets] - [30/08/2012 15:31:36] ########## EOF - C:\AdwCleaner[R1].txt - [21399 octets] ########## |
Sehr gut! :daumenhoc
danach: Malware-Scan mit Emsisoft Anti-Malware Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm. Lade über Jetzt Updaten die aktuellen Signaturen herunter. Wähle den Freeware-Modus aus. Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers. Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten. Anleitung: http://www.trojaner-board.de/103809-...i-malware.html |
# AdwCleaner v1.801 - Logfile created 08/31/2012 at 11:04:47 # Updated 14/08/2012 by Xplode # Operating system : Windows 7 Home Premium Service Pack 1 (64 bits) # User : lee - LEE-PC # Boot Mode : Normal # Running from : C:\Users\lee\Desktop\adwcleaner.exe # Option [Delete] ***** [Services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Users\lee\AppData\Local\Babylon Folder Deleted : C:\Users\lee\AppData\Local\Conduit Folder Deleted : C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Folder Deleted : C:\Users\lee\AppData\Local\Ilivid Player Folder Deleted : C:\Users\lee\AppData\Local\OpenCandy Folder Deleted : C:\Users\lee\AppData\LocalLow\BabylonToolbar Folder Deleted : C:\Users\lee\AppData\LocalLow\Conduit Folder Deleted : C:\Users\lee\AppData\LocalLow\facemoods.com Folder Deleted : C:\Users\lee\AppData\LocalLow\FunWebProducts Folder Deleted : C:\Users\lee\AppData\LocalLow\MyWebSearch Folder Deleted : C:\Users\lee\AppData\LocalLow\PriceGong Folder Deleted : C:\Users\lee\AppData\LocalLow\Veoh_Web_Player Folder Deleted : C:\Users\lee\AppData\Roaming\Babylon Folder Deleted : C:\Users\lee\AppData\Roaming\Media Finder Folder Deleted : C:\Users\lee\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com Folder Deleted : C:\Users\lee\AppData\Roaming\OpenCandy Folder Deleted : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\CT3227975 Folder Deleted : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\Smartbar Folder Deleted : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\extensions\{cdf97ee2-ded0-4369-835e-99dd08225fa5} Folder Deleted : C:\ProgramData\Babylon Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\ProgramData\IBUpdaterService Folder Deleted : C:\ProgramData\Trymedia Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\adapter@babylontc.com Folder Deleted : C:\Program Files (x86)\MyWebSearch Folder Deleted : C:\ProgramData\Partner File Deleted : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\searchplugins\Conduit.xml File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml ***** [Registry] ***** [*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2431245[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2653012[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3227975 Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\Freecause Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\Babylon Key Deleted : HKCU\Software\Cr_Installer Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\MediaFinder Key Deleted : HKCU\Software\MyWebSearch Key Deleted : HKCU\Software\Softonic Key Deleted : HKLM\SOFTWARE\Babylon Key Deleted : HKLM\SOFTWARE\BabylonToolbar Key Deleted : HKLM\SOFTWARE\Classes\BabyDict Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1 Key Deleted : HKLM\SOFTWARE\Classes\MF Key Deleted : HKLM\SOFTWARE\Conduit Key Deleted : HKLM\SOFTWARE\DataMngr Key Deleted : HKLM\SOFTWARE\FocusInteractive Key Deleted : HKLM\SOFTWARE\Freeze.com Key Deleted : HKLM\SOFTWARE\Fun Web Products Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel Key Deleted : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Key Deleted : HKLM\SOFTWARE\MyWebSearch Key Deleted : HKLM\SOFTWARE\Veoh_Web_Player [x64] Key Deleted : HKLM\SOFTWARE\DataMngr ***** [Registre - GUID] ***** Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45e2-857D-2A368FE749E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF390AA1-1E65-4825-B8E7-BE6B47BD56B8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51613F26-4A56-4EC8-9AE3-4D16DF3534B1} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA37B0E3-DAEE-4313-9ECB-51DE18D03AA8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} [x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978} ***** [Internet Browsers] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Registry is clean. -\\ Mozilla Firefox v14.0.1 (de) Profile name : default File : C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\prefs.js C:\Users\lee\AppData\Roaming\Mozilla\Firefox\Profiles\n92vv29g.default\user.js ... Deleted ! Deleted : user_pref("CT3227975.1000082.isPlayDisplay", "true"); Deleted : user_pref("CT3227975.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Deleted : user_pref("CT3227975.CT3227975ads1", "%7B%22ads%22%3A%5B%7B%22aid%22%3A%2243677%22%2C%22title%22%3A%[...] Deleted : user_pref("CT3227975.CT3227975current_term", ""); Deleted : user_pref("CT3227975.CT3227975sdate", "19"); Deleted : user_pref("CT3227975.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3227975.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Deleted : user_pref("CT3227975.FirstTime", "true"); Deleted : user_pref("CT3227975.FirstTimeFF3", "true"); Deleted : user_pref("CT3227975.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT322[...] Deleted : user_pref("CT3227975.UserID", "UN68843483739438633"); Deleted : user_pref("CT3227975.addressBarTakeOverEnabledInHidden", "true"); Deleted : user_pref("CT3227975.autoDisableScopes", -1); Deleted : user_pref("CT3227975.bDay_InstallDate", "19-6"); Deleted : user_pref("CT3227975.bDay_InstallFromToolbar", "yes"); Deleted : user_pref("CT3227975.browser.search.defaultthis.engineName", true); Deleted : user_pref("CT3227975.cbfirsttime", "Thu Jul 19 2012 12:02:56 GMT+0200"); Deleted : user_pref("CT3227975.defaultSearch", "true"); Deleted : user_pref("CT3227975.embeddedsData", "[{\"appId\":\"129837869370821819\",\"apiPermissions\":{\"cross[...] Deleted : user_pref("CT3227975.enableAlerts", "always"); Deleted : user_pref("CT3227975.enableSearchFromAddressBar", "true"); Deleted : user_pref("CT3227975.firstTimeDialogOpened", "true"); Deleted : user_pref("CT3227975.fixPageNotFoundError", "true"); Deleted : user_pref("CT3227975.fixPageNotFoundErrorInHidden", "true"); Deleted : user_pref("CT3227975.fixUrls", true); Deleted : user_pref("CT3227975.installId", "installbrain"); Deleted : user_pref("CT3227975.installType", "ConduitNSISIntegration"); Deleted : user_pref("CT3227975.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3227975.isNewTabEnabled", true); Deleted : user_pref("CT3227975.isPerformedSmartBarTransition", "true"); Deleted : user_pref("CT3227975.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Deleted : user_pref("CT3227975.keyword", true); Deleted : user_pref("CT3227975.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...] Deleted : user_pref("CT3227975.openThankYouPage", "false"); Deleted : user_pref("CT3227975.openUninstallPage", "true"); Deleted : user_pref("CT3227975.search.searchAppId", "129837869370821819"); Deleted : user_pref("CT3227975.search.searchCount", "0"); Deleted : user_pref("CT3227975.searchInNewTabEnabledInHidden", "true"); Deleted : user_pref("CT3227975.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3227975.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Deleted : user_pref("CT3227975.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Deleted : user_pref("CT3227975.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Deleted : user_pref("CT3227975.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Deleted : user_pref("CT3227975.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Deleted : user_pref("CT3227975.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Deleted : user_pref("CT3227975.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Deleted : user_pref("CT3227975.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...] Deleted : user_pref("CT3227975.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1342692162924"); Deleted : user_pref("CT3227975.serviceLayer_services_appTracking_lastUpdate", "1342692165624"); Deleted : user_pref("CT3227975.serviceLayer_services_appsMetadata_lastUpdate", "1342692162705"); Deleted : user_pref("CT3227975.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1342692163657"); Deleted : user_pref("CT3227975.serviceLayer_services_login_10.10.20.14_lastUpdate", "1344077853472"); Deleted : user_pref("CT3227975.serviceLayer_services_optimizer_lastUpdate", "1342692164195"); Deleted : user_pref("CT3227975.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1342692164220"); Deleted : user_pref("CT3227975.serviceLayer_services_searchAPI_lastUpdate", "1342692160582"); Deleted : user_pref("CT3227975.serviceLayer_services_serviceMap_lastUpdate", "1344010511323"); Deleted : user_pref("CT3227975.serviceLayer_services_toolbarContextMenu_lastUpdate", "1342692163522"); Deleted : user_pref("CT3227975.serviceLayer_services_toolbarSettings_lastUpdate", "1344077853154"); Deleted : user_pref("CT3227975.serviceLayer_services_translation_lastUpdate", "1344010511486"); Deleted : user_pref("CT3227975.settingsINI", true); Deleted : user_pref("CT3227975.shouldFirstTimeDialog", "false"); Deleted : user_pref("CT3227975.smartbar.CTID", "CT3227975"); Deleted : user_pref("CT3227975.smartbar.Uninstall", "0"); Deleted : user_pref("CT3227975.smartbar.homepage", true); Deleted : user_pref("CT3227975.smartbar.isHidden", true); Deleted : user_pref("CT3227975.smartbar.toolbarName", "appbario2 "); Deleted : user_pref("CT3227975.startPage", "userChanged"); Deleted : user_pref("CT3227975.toolbarBornServerTime", "19-7-2012"); Deleted : user_pref("CT3227975.toolbarCurrentServerTime", "4-8-2012"); Deleted : user_pref("Smartbar.ConduitHomepagesList", ""); Deleted : user_pref("Smartbar.ConduitSearchEngineList", "appbario2 Customized Web Search"); Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227975[...] Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3227975"); Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true); Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://isearch.claro-search.com/?affID=115131&tt[...] Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3227975&SearchSource=2&q=[...] -\\ Google Chrome v21.0.1180.83 File : C:\Users\lee\AppData\Local\Google\Chrome\User Data\Default\Preferences Deleted : "description" : "Babylon Chrome OCR", Deleted : "128" : "babylon48.png", Deleted : "48" : "babylon48.png" Deleted : "name" : "Babylon Chrome OCR", Deleted : "path" : "BabylonChromePI.dll", ************************* AdwCleaner[R1].txt - [21251 octets] - [30/08/2012 15:31:36] AdwCleaner[S1].txt - [18988 octets] - [31/08/2012 11:04:47] ########## EOF - C:\AdwCleaner[S1].txt - [19117 octets] ########## Emsisoft Anti-Malware - Version 6.6 Letztes Update: 31.08.2012 11:24:23 Scan Einstellungen: Scan Methode: Detail Scan Objekte: Rootkits, Speicher, Traces, C:\, D:\ Archiv Scan: An ADS Scan: An Scan Beginn: 31.08.2012 11:25:41 c:\windows\tasks\pcconfidential.job gefunden: Trace.File.pcconfidential!E1 Key: hkey_local_machine\software\microsoft\internet explorer\extensions\{53f6fccd-9e22-4d71-86ea-6e43136192ab}\ gefunden: Trace.Registry.pcconfidential!E1 Key: hkey_local_machine\software\trymedia systems gefunden: Trace.Registry.trymedia!E1 Key: hkey_local_machine\software\trymedia systems\activemark software gefunden: Trace.Registry.trymedia!E1 C:\Users\lee\Desktop\SoftonicDownloader_fuer_free-youtube-download.exe gefunden: Riskware.Win32.SoftonicDownloader.AMN!E1 C:\Users\lee\AppData\Local\My Web Search Installer.exe gefunden: Riskware.WebToolbar.Win32.MyWebSearch!E2 Gescannt 620162 Gefunden 6 Scan Ende: 31.08.2012 12:50:00 Scan Zeit: 1:24:19 C:\Users\lee\AppData\Local\My Web Search Installer.exe Quarantäne Riskware.WebToolbar.Win32.MyWebSearch!E2 C:\Users\lee\Desktop\SoftonicDownloader_fuer_free-youtube-download.exe Quarantäne Riskware.Win32.SoftonicDownloader.AMN!E1 Key: hkey_local_machine\software\trymedia systems Quarantäne Trace.Registry.trymedia!E1 Key: hkey_local_machine\software\trymedia systems\activemark software Quarantäne Trace.Registry.trymedia!E1 Key: hkey_local_machine\software\microsoft\internet explorer\extensions\{53f6fccd-9e22-4d71-86ea-6e43136192ab}\ Quarantäne Trace.Registry.pcconfidential!E1 c:\windows\tasks\pcconfidential.job Quarantäne Trace.File.pcconfidential!E1 Quarantäne 6 |
Sehr gut! :daumenhoc Deinstalliere: Emsisoft Anti-Malware ESET Online Scanner Vorbereitung
|
Der Eset Smartinstaller dauert viel zu lange ich werde diese erst in 2 Wochen wenn ich Zeit habe laufen lassen. Hoffe dass ich auch in 2 Wochen Antworten erhalte, denn wie ich korrekt informiert bin ist mein compi noch nicht virusfrei? Danke für bisherigen Bemühungen! |
Du darfst bis dahin den PC nicht im Internet nutzen. |
Hier ist der Bericht von ESET # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-08-31 10:32:30 # local_time=2012-09-01 12:32:30 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 4935274 4935274 0 0 # compatibility_mode=5893 16776573 100 94 25094 98072330 0 0 # compatibility_mode=8192 67108863 100 0 176 176 0 0 # scanned=203443 # found=6 # cleaned=6 # scan_time=9871 C:\Program Files (x86)\Uninstall Information\ib_uninst_518\uninstall.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Uninstall Information\ib_uninst_519\uninstall.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Uninstall Information\ib_uninst_532\uninstall.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Uninstall Information\ib_uninst_567\uninstall.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\$RECYCLE.BIN\S-1-5-21-1347451006-4181001550-1844763863-1000\$RIYSXQ8\Backup Set 2010-11-21 190001\Backup Files 2010-11-21 190001\Backup files 1.zip Win32/SpeedUpMyPC application (deleted - quarantined) 00000000000000000000000000000000 C D:\$RECYCLE.BIN\S-1-5-21-1347451006-4181001550-1844763863-1000\$RN30RD5\Backup Set 2012-06-17 190003\Backup Files 2012-06-17 190003\Backup files 1.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-08-31 10:37:09 # local_time=2012-09-01 12:37:09 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 4945403 4945403 0 0 # compatibility_mode=5893 16776573 100 94 35223 98082459 0 0 # compatibility_mode=8192 67108863 100 0 10305 10305 0 0 # scanned=118 # found=0 # cleaned=0 # scan_time=20 ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-09-01 10:35:17 # local_time=2012-09-01 12:35:17 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 4984922 4984922 0 0 # compatibility_mode=5893 16776573 100 94 74742 98121978 0 0 # compatibility_mode=8192 67108863 100 0 49824 49824 0 0 # scanned=28990 # found=0 # cleaned=0 # scan_time=3589 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-09-01 11:26:57 # local_time=2012-09-01 01:26:57 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 4988585 4988585 0 0 # compatibility_mode=5893 16776573 100 94 1141 98125641 0 0 # compatibility_mode=8192 67108863 100 0 53487 53487 0 0 # scanned=28993 # found=0 # cleaned=0 # scan_time=3027 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-09-02 08:58:14 # local_time=2012-09-02 10:58:14 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 5109732 5109732 0 0 # compatibility_mode=5893 16776573 100 94 9769 98246788 0 0 # compatibility_mode=8192 67108863 100 0 174634 174634 0 0 # scanned=23068 # found=0 # cleaned=0 # scan_time=2557 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-09-07 10:20:05 # local_time=2012-09-08 12:20:05 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 5529711 5529711 0 0 # compatibility_mode=5893 16776573 100 94 79 98666767 0 0 # compatibility_mode=8192 67108863 100 0 594613 594613 0 0 # scanned=216951 # found=0 # cleaned=0 # scan_time=19488 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-08-31 10:32:30 # local_time=2012-09-01 12:32:30 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 4935274 4935274 0 0 # compatibility_mode=5893 16776573 100 94 25094 98072330 0 0 # compatibility_mode=8192 67108863 100 0 176 176 0 0 # scanned=203443 # found=6 # cleaned=6 # scan_time=9871 C:\Program Files (x86)\Uninstall Information\ib_uninst_518\uninstall.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Uninstall Information\ib_uninst_519\uninstall.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Uninstall Information\ib_uninst_532\uninstall.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Program Files (x86)\Uninstall Information\ib_uninst_567\uninstall.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\$RECYCLE.BIN\S-1-5-21-1347451006-4181001550-1844763863-1000\$RIYSXQ8\Backup Set 2010-11-21 190001\Backup Files 2010-11-21 190001\Backup files 1.zip Win32/SpeedUpMyPC application (deleted - quarantined) 00000000000000000000000000000000 C D:\$RECYCLE.BIN\S-1-5-21-1347451006-4181001550-1844763863-1000\$RN30RD5\Backup Set 2012-06-17 190003\Backup Files 2012-06-17 190003\Backup files 1.zip multiple threats (deleted - quarantined) 00000000000000000000000000000000 C ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-08-31 10:37:09 # local_time=2012-09-01 12:37:09 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 4945403 4945403 0 0 # compatibility_mode=5893 16776573 100 94 35223 98082459 0 0 # compatibility_mode=8192 67108863 100 0 10305 10305 0 0 # scanned=118 # found=0 # cleaned=0 # scan_time=20 ESETSmartInstaller@High as downloader log: all ok esets_scanner_update returned -1 esets_gle=53251 # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-09-01 10:35:17 # local_time=2012-09-01 12:35:17 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 4984922 4984922 0 0 # compatibility_mode=5893 16776573 100 94 74742 98121978 0 0 # compatibility_mode=8192 67108863 100 0 49824 49824 0 0 # scanned=28990 # found=0 # cleaned=0 # scan_time=3589 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-09-01 11:26:57 # local_time=2012-09-01 01:26:57 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 4988585 4988585 0 0 # compatibility_mode=5893 16776573 100 94 1141 98125641 0 0 # compatibility_mode=8192 67108863 100 0 53487 53487 0 0 # scanned=28993 # found=0 # cleaned=0 # scan_time=3027 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=stopped # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-09-02 08:58:14 # local_time=2012-09-02 10:58:14 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 5109732 5109732 0 0 # compatibility_mode=5893 16776573 100 94 9769 98246788 0 0 # compatibility_mode=8192 67108863 100 0 174634 174634 0 0 # scanned=23068 # found=0 # cleaned=0 # scan_time=2557 ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=f4835a212d2eda4982224d4991e1c7cd # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-09-07 10:20:05 # local_time=2012-09-08 12:20:05 (+0100, Mitteleuropäische Sommerzeit) # country="Austria" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1792 16777215 100 0 5529711 5529711 0 0 # compatibility_mode=5893 16776573 100 94 79 98666767 0 0 # compatibility_mode=8192 67108863 100 0 594613 594613 0 0 # scanned=216951 # found=0 # cleaned=0 # scan_time=19488 Hallo ich hätte ein zusätzliches Problem beim Herunterfahren werden jedes mal zwei updates automatisch durchgeführt die ewig dauern vielleicht kannst du mir helfen detektiv55 |
Welche Updates? Windows Updates? Java aktualisieren Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck Java deaktivieren Aufgrund derezeitigen Sicherheitsluecke: http://www.trojaner-board.de/122961-...ktivieren.html Danach poste mir (kopieren und einfuegen), was du hier angezeigt bekommst: PluginCheck |
Ich finde keine älteren Versionen von Java... und was bedeutet Reiter Allgemein es passiert nichts wenn ich auf das Symbol Java klicke. P.S.: Die Updates sind Windows Updates alles security updates for Windows Framework. Ich hoffe du weißt was das heißt Auf jeden Fall danke:heilig: detektiv55 Ich melde mich sogleich zurück dass mit Java ist geklärt ich habe geschafft java zu korrigieren und du brauchst der sache nicht nachgehen. detektiv55 PluginCheck Der PluginCheck hilft die größten Sicherheitslücken beim Surfen im Internet zu schliessen. Überprüft wird: Browser, Flash, Java und Adobe Reader Version. Internet Explorer 9.0 ist aktuell Flash 11,3,300,271 ist veraltet! Aktualisieren Sie bitte auf die neueste Version! Java (1,7,0,7) ist aktuell. Adobe Reader 10,0,0,0 ist veraltet! Aktualisieren Sie bitte auf die neueste Version: 10,1,3 Plugin check nach Jva deinstallation PluginCheck Der PluginCheck hilft die größten Sicherheitslücken beim Surfen im Internet zu schliessen. Überprüft wird: Browser, Flash, Java und Adobe Reader Version. Internet Explorer 9.0 ist aktuell Flash 11,3,300,271 ist veraltet! Aktualisieren Sie bitte auf die neueste Version! Java ist nicht Installiert oder nicht aktiviert. Adobe Reader 10,0,0,0 ist veraltet! Aktualisieren Sie bitte auf die neueste Version: 10,1,3 |
Sehr gut! :daumenhoc damit bist Du sauber und entlassen! :) adwCleaner entfernen
Tool-Bereinigung mit OTL Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.
Zurücksetzen der Sicherheitszonen Lasse die Sicherheitszonen wieder zurücksetzen, da diese manipuliert wurden um den Browser für weitere Angriffe zu öffnen. Gehe dabei so vor: http://www.trojaner-board.de/111805-...ecksetzen.html Systemwiederherstellungen leeren Damit der Rechner nicht mit einer infizierten Systemwiederherstellung erneut infiziert werden kann, muessen wir diese leeren. Dazu schalten wir sie einmal aus und dann wieder ein: Systemwiederherstellung deaktivieren Tutorial fuer Windows XP, Windows Vista, Windows 7 Danach wieder aktivieren. Aufräumen mit CCleaner Lasse mit CCleaner (Download) (Anleitung) Fehler in der
Lektuere zum abarbeiten: http://www.trojaner-board.de/90880-d...tallation.html http://www.trojaner-board.de/105213-...tellungen.html PluginCheck http://www.trojaner-board.de/96344-a...-rechners.html Secunia Online Software Inspector http://www.trojaner-board.de/71715-k...iendungen.html http://www.trojaner-board.de/83238-a...sschalten.html PC wird immer langsamer - was tun? |
Danke kann ich also malware und esetmartinstaller und ccleaner entfernen?! |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 16:16 Uhr. |
Copyright ©2000-2025, Trojaner-Board