Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Antimalware Docotr entfernen - OTL (https://www.trojaner-board.de/96472-antimalware-docotr-entfernen-otl.html)

Dani42 12.03.2011 13:23
Antimalware Docotr entfernen - OTL
 
Hallo ~
Irgendwie hab ich mir Antimalware Docotr eingefangen und will das Programm jetzt wieder entfernen. Einfach löschen geht ja nicht.
Ich hab mir jetzt OTL runtergeladen und bräuchte Hilfe mit den nächsten Schritten.
Wär sehr nett wenn mir jemand behilflich sein könnte.

cosinus 13.03.2011 19:28
http://www.trojaner-board.de/images/icons/icon4.gif Bitte beachten http://www.trojaner-board.de/images/icons/icon4.gif => http://www.trojaner-board.de/95173-b...es-posten.html und http://www.trojaner-board.de/69886-a...-beachten.html

Dani42 14.03.2011 15:03
ok
danke für den hinweis

Dani42 14.03.2011 16:39
Ich hab jetzt den mbam-scan gemacht. Ich post den mbam-log mal heir rein


Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 6051

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

14.03.2011 16:28:01
mbam-log-2011-03-14 (16-27-50).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 154384
Laufzeit: 2 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 3
Infizierte Registrierungsschlüssel: 31
Infizierte Registrierungswerte: 15
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 10
Infizierte Dateien: 91

Infizierte Speicherprozesse:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 2036 -> No action taken.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 3700 -> No action taken.

Infizierte Speichermodule:
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken.
c:\Users\Anna\AppData\Local\dmerler.dll (Trojan.Agent.U) -> No action taken.
c:\Users\Anna\AppData\Local\akuqesod.dll (Trojan.Agent.U) -> No action taken.

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Trojan.FakeAlert) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fdebckalias70.exe (Trojan.FakeAlert) -> Value: fdebckalias70.exe -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\DEALIO@MYBROWSERBAR.COM (PUP.Dealio) -> Value: DEALIO@MYBROWSERBAR.COM -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Alikidedu (Trojan.Agent.U) -> Value: Alikidedu -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lhemaqo (Trojan.Agent.U) -> Value: Lhemaqo -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME.MANIFEST (PUP.Dealio) -> Value: CHROME.MANIFEST -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\INSTALL.RDF (PUP.Dealio) -> Value: INSTALL.RDF -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME\LOCALE\EN-US\WIDGITOOLBARPLUGIN.PROPERTIES (PUP.Dealio) -> Value: WIDGITOOLBARPLUGIN.PROPERTIES -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\dealio toolbar (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\locale (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\IE (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\IE\4.3 (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res (PUP.Dealio) -> No action taken.

Infizierte Dateien:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> No action taken.
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> No action taken.
c:\Users\Anna\AppData\Roaming\7a1c8c3cd8c2aa8f21f011ce50ce4d51\fdebckalias70.exe (Trojan.FakeAlert) -> No action taken.
c:\program files\dealio toolbar\IE\4.3\dealiotoolbarie.dll (PUP.Dealio) -> No action taken.
c:\Windows\System32\nlsmexicons0009.exe (Trojan.StartPage) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\EAD2.tmp (Rootkit.TDSS) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\err.log16241966 (Trojan.FakeAlert) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\F6D2.tmp (Trojan.FakeAlert) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\F6D3.exe (Trojan.FakeAlert) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\FC00.tmp (Trojan.FakeAlert) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\FC30.exe (Trojan.FakeAlert) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\2B5B.tmp (Trojan.FakeAlert) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\awcemxrnos.exe (Adware.Agent) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\setup2430362368.exe (Rootkit.TDSS) -> No action taken.
c:\Users\Anna\AppData\Local\Temp\setup3158701824.exe (Rootkit.TDSS) -> No action taken.
c:\program files\mozilla firefox\extensions\dealio@mybrowserbar.com (PUP.Dealio) -> No action taken.
c:\programdata\sysreserve.ini (Malware.Trace) -> No action taken.
c:\Users\Anna\AppData\Local\dmerler.dll (Trojan.Agent.U) -> No action taken.
c:\Users\Anna\AppData\Local\akuqesod.dll (Trojan.Agent.U) -> No action taken.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\widgihelper.exe (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome.manifest (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\install.rdf (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\chevron.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\chevron.xul (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\login.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\login.xul (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\parser.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\rsstickerwidget.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\searchbox.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\searchbox.xul (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\utils.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\widgichevron.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\widgicomm.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\widgihandling.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\widgilisteners.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.xul (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\content\widgiui.js (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\searchbox.dtd (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\yahoo-search.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\amazon.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\apple.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\barnes.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\bestbuy.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\chevron.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo_hover.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\ebay.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\icon_settings.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\macys.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\newegg.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\overstock.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\search-button-hover.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\search-button.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\search-chevron-hover.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\search-chevron.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\searchbox.css (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\search_amazon.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\search_dealio.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\search_ebay.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\search_yahoo.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\splitter.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\target.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\walmart.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\FF\chrome\skin\widgitoolbarplugin.css (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\IE\4.3\config.ini (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\amazon.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\apple.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\barnes.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\bestbuy.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\dealio_logo.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\dealio_logo_hover.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\ebay.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\icon_settings.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\macys.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\newegg.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\overstock.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\search-button-hover.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\search-button.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\search-chevron-hover.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\search-chevron.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\search_amazon.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\search_dealio.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\search_ebay.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\search_yahoo.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\target.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\walmart.gif (PUP.Dealio) -> No action taken.
c:\program files\dealio toolbar\Res\widgets.xml (PUP.Dealio) -> No action taken.

cosinus 14.03.2011 18:31
Hast du die Funde nicht entfernt? Bitte nachholen.
Mach auch routinemäßig einen Vollscan mit Malwarebytes.

Dani42 15.03.2011 14:58
Hab ich gemacht. Hier is der log


Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 6051

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

15.03.2011 14:53:54
mbam-log-2011-03-15 (14-53-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 314968
Laufzeit: 41 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 3
Infizierte Registrierungsschlüssel: 31
Infizierte Registrierungswerte: 15
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 10
Infizierte Dateien: 91

Infizierte Speicherprozesse:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 2036 -> Not selected for removal.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 3700 -> Not selected for removal.

Infizierte Speichermodule:
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Delete on reboot.
c:\Users\Anna\AppData\Local\dmerler.dll (Trojan.Agent.U) -> Delete on reboot.
c:\Users\Anna\AppData\Local\akuqesod.dll (Trojan.Agent.U) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM\COMPONENTS\WIDGITOOLBARFF.DLL (Adware.WidgiToolbar) -> Value: WIDGITOOLBARFF.DLL -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fdebckalias70.exe (Trojan.FakeAlert) -> Value: fdebckalias70.exe -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\DEALIO@MYBROWSERBAR.COM (PUP.Dealio) -> Value: DEALIO@MYBROWSERBAR.COM -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Alikidedu (Trojan.Agent.U) -> Value: Alikidedu -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lhemaqo (Trojan.Agent.U) -> Value: Lhemaqo -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME.MANIFEST (PUP.Dealio) -> Value: CHROME.MANIFEST -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\INSTALL.RDF (PUP.Dealio) -> Value: INSTALL.RDF -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME\LOCALE\EN-US\WIDGITOOLBARPLUGIN.PROPERTIES (PUP.Dealio) -> Value: WIDGITOOLBARPLUGIN.PROPERTIES -> Not selected for removal.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\dealio toolbar (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\IE (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\IE\4.3 (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res (PUP.Dealio) -> Not selected for removal.

Infizierte Dateien:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal.
c:\program files\common files\Spigot\wtxpcom\components\widgitoolbarff.dll (Adware.WidgiToolbar) -> Delete on reboot.
c:\Users\Anna\AppData\Roaming\7a1c8c3cd8c2aa8f21f011ce50ce4d51\fdebckalias70.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\program files\dealio toolbar\IE\4.3\dealiotoolbarie.dll (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\widgihelper.exe (PUP.Dealio) -> Not selected for removal.
c:\Users\Anna\AppData\Local\Temp\EAD2.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\err.log16241966 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\F6D2.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\F6D3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\FC00.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\FC30.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\2B5B.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\awcemxrnos.exe (Adware.Agent) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\setup2430362368.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\Temp\setup3158701824.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
c:\Windows\System32\nlsmexicons0009.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
c:\program files\mozilla firefox\extensions\dealio@mybrowserbar.com (PUP.Dealio) -> Not selected for removal.
c:\programdata\sysreserve.ini (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Anna\AppData\Local\dmerler.dll (Trojan.Agent.U) -> Delete on reboot.
c:\Users\Anna\AppData\Local\akuqesod.dll (Trojan.Agent.U) -> Delete on reboot.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome.manifest (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\install.rdf (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\chevron.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\chevron.xul (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\login.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\login.xul (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\parser.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\rsstickerwidget.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\searchbox.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\searchbox.xul (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\utils.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgichevron.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgicomm.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgihandling.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgilisteners.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.xul (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgiui.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\searchbox.dtd (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\yahoo-search.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\amazon.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\apple.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\barnes.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\bestbuy.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\chevron.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo_hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\ebay.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\icon_settings.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\macys.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\newegg.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\overstock.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search-button-hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search-button.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search-chevron-hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search-chevron.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\searchbox.css (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search_amazon.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search_dealio.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search_ebay.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search_yahoo.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\splitter.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\target.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\walmart.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\widgitoolbarplugin.css (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\IE\4.3\config.ini (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\amazon.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\apple.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\barnes.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\bestbuy.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\dealio_logo.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\dealio_logo_hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\ebay.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\icon_settings.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\macys.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\newegg.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\overstock.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search-button-hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search-button.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search-chevron-hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search-chevron.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search_amazon.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search_dealio.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search_ebay.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search_yahoo.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\target.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\walmart.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\widgets.xml (PUP.Dealio) -> Not selected for removal.

cosinus 15.03.2011 16:17
Zitat:
Datenbank Version: 6051
Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen Vollscan machen.

Dani42 15.03.2011 17:11
Jetzt hab ich es vorher aktualisiert und gleich den Scan gemacht

Malwarebytes' Anti-Malware 1.50.1.1100
Malwarebytes

Datenbank Version: 6067

Windows 6.0.6001 Service Pack 1
Internet Explorer 8.0.6001.19019

15.03.2011 17:10:03
mbam-log-2011-03-15 (17-10-03).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 314703
Laufzeit: 39 Minute(n), 44 Sekunde(n)

Infizierte Speicherprozesse: 2
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 7
Infizierte Registrierungswerte: 13
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 10
Infizierte Dateien: 75

Infizierte Speicherprozesse:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> 288 -> Not selected for removal.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> 524 -> Not selected for removal.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Application Updater (PUP.Dealio) -> Not selected for removal.
HKEY_CLASSES_ROOT\CLSID\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D} (PUP.Dealio) -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Dealio (PUP.Dealio) -> Not selected for removal.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\APPLICATION UPDATER\APPLICATIONUPDATER.EXE (PUP.Dealio) -> Value: APPLICATIONUPDATER.EXE -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} (PUP.Dealio) -> Value: {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\DEALIO@MYBROWSERBAR.COM (PUP.Dealio) -> Value: DEALIO@MYBROWSERBAR.COM -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Lhemaqo (Trojan.Agent.U) -> Value: Lhemaqo -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Alikidedu (Trojan.Agent.U) -> Value: Alikidedu -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SearchSettings (PUP.Dealio) -> Value: SearchSettings -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE (PUP.Dealio) -> Value: SEARCHSETTINGS.EXE -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME.MANIFEST (PUP.Dealio) -> Value: CHROME.MANIFEST -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\INSTALL.RDF (PUP.Dealio) -> Value: INSTALL.RDF -> Not selected for removal.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\PROGRAM FILES\DEALIO TOOLBAR\FF\CHROME\LOCALE\EN-US\WIDGITOOLBARPLUGIN.PROPERTIES (PUP.Dealio) -> Value: WIDGITOOLBARPLUGIN.PROPERTIES -> Not selected for removal.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\dealio toolbar (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\IE (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\IE\4.3 (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res (PUP.Dealio) -> Not selected for removal.

Infizierte Dateien:
c:\program files\application updater\applicationupdater.exe (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\IE\4.3\dealiotoolbarie.dll (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\widgihelper.exe (PUP.Dealio) -> Not selected for removal.
c:\program files\mozilla firefox\extensions\dealio@mybrowserbar.com (PUP.Dealio) -> Not selected for removal.
c:\program files\common files\Spigot\search settings\searchsettings.exe (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome.manifest (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\install.rdf (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\chevron.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\chevron.xul (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\login.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\login.xul (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\parser.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\rsstickerwidget.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\searchbox.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\searchbox.xul (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\utils.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgichevron.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgicomm.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgihandling.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgilisteners.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgitoolbarplugin.xul (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\content\widgiui.js (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\searchbox.dtd (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\locale\EN-US\yahoo-search.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\amazon.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\apple.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\barnes.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\bestbuy.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\chevron.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\dealio_logo_hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\ebay.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\icon_settings.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\macys.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\newegg.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\overstock.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search-button-hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search-button.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search-chevron-hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search-chevron.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\searchbox.css (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search_amazon.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search_dealio.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search_ebay.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\search_yahoo.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\splitter.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\target.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\walmart.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\FF\chrome\skin\widgitoolbarplugin.css (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\IE\4.3\config.ini (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\amazon.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\apple.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\barnes.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\bestbuy.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\dealio_logo.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\dealio_logo_hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\ebay.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\icon_settings.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\macys.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\newegg.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\overstock.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search-button-hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search-button.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search-chevron-hover.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search-chevron.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search_amazon.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search_dealio.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search_ebay.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\search_yahoo.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\target.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\walmart.gif (PUP.Dealio) -> Not selected for removal.
c:\program files\dealio toolbar\Res\widgets.xml (PUP.Dealio) -> Not selected for removal.

cosinus 15.03.2011 21:10
Du solltest doch alle Funde entfernen, wieso machst du das nicht?

Dani42 16.03.2011 14:37
wirklich ALLES?

cosinus 16.03.2011 14:50
Ja. So steht es auch in der Anleitung.


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:25 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131