Beiträge von HollyX

HollyX

Danke Dir Bernd. Leider bestätigst Du nur meine schlimmste Befürchtung und ich muß in den sauren Apfel beissen.
LG Holly

HollyX

Mal schauen, ob ich alles richtig rüberbringe:

Code

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:35:55, on 13.09.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal


Running processes:
C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Users\Holly\AppData\Roaming\FlashPlayer\svchost.exe
C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
C:\windows\SysWOW64\notepad.exe
C:\Users\Holly\Desktop\MalwareScan\HiJackThis204.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: AddLyrics - {4145006D-47F8-42F2-8186-2225AAFECDD3} - (no file)
O2 - BHO: Gacela2 - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll
O2 - BHO: WEB.DE MailCheck BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll
O2 - BHO: WEB.DE Browser Configuration - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\SysWow64\ieconfig_1und1.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - mscoree.dll (file missing)
O2 - BHO: [verify-U]_Add-on - {F4552A56-119C-478E-AB3F-2C850F78B72E} - C:\Program Files (x86)\[verify-U]_AVS_IE_Add-on\[verify-U]_AVS.dll
O3 - Toolbar: PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\coIEPlg.dll
O3 - Toolbar: WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll
O3 - Toolbar: (no name) - {364ea597-e728-4ce4-bb4a-ed846ef47970} - (no file)
O3 - Toolbar: (no name) - {ba696155-d96e-4281-b467-0367a0456474} - (no file)
O4 - HKLM\..\Run: [MailCheck IE Broker] "C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-18\..\Run: []  (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: []  (User 'Default user')
O4 - Startup: WinUpdate.url
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O8 - Extra context menu item: Free YouTube Download - C:\Users\Holly\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Holly\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll
O9 - Extra 'Tools' menuitem: Über GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll
O9 - Extra button: (no name) - {92808042-fb78-4fa0-bb4f-c9a95e0e9c10} - (no file)
O9 - Extra button: @C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: webde - {8FAF0273-9CA8-4EFC-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Anvi Smart Defender Realtime Guard Service (asdsrv) - Anvisoft - C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASDSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security CBE (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\ccSvcHst.exe
O23 - Service: Office 64 Source Engine (ose64) - Unknown owner - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Service - Unknown owner - C:\windows\System32\SUPDSvc.exe (file missing)
O23 - Service: IEConfig 1und1 Edition (serviceIEConfig) - Unknown owner - C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: System Store (SystemStoreService) - Unknown owner - C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\ProgramData\TVersity\Media Server\MediaServer.exe
O23 - Service: TwonkyProxy - Unknown owner - C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
O23 - Service: TwonkyServer - PacketVideo - C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
O23 - Service: TwonkyWebDav - Unknown owner - C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)


--
End of file - 12462 bytes

Alles anzeigen

# AdwCleaner v2.114 - Datei am 13/09/2013 um 17:59:56 erstellt
# Aktualisiert am 05/03/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Holly - HOLLY-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Holly\Desktop\adwcleaner.exe
# Option [Löschen]




**** [Dienste] ****




***** [Dateien / Ordner] *****


Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search


***** [Registrierungsdatenbank] *****




***** [Internet Browser] *****


-\\ Internet Explorer v10.0.9200.16686


[OK] Die Registrierungsdatenbank ist sauber.


-\\ Mozilla Firefox v23.0.1 (de)


Datei : C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\qqxqpcgl.default-1373885513585\prefs.js


[OK] Die Datei ist sauber.


-\\ Google Chrome v28.0.1500.95


Datei : C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Preferences


[OK] Die Datei ist sauber.


*************************


AdwCleaner[R3].txt - [9982 octets] - [05/09/2013 20:18:11]
AdwCleaner[R4].txt - [1149 octets] - [13/09/2013 17:50:29]
AdwCleaner[S4].txt - [1082 octets] - [13/09/2013 17:59:56]


########## EOF - C:\AdwCleaner[S4].txt - [1142 octets] ##########

Alles anzeigen

Followed by:

Code

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.0 (09.12.2013:1)
OS: Windows 7 Home Premium x64
Ran by Holly on 13.09.2013 at 17:10:21,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








~~~ Services


Successfully stopped: [Service] mapsgalaxy_39service 
Successfully deleted: [Service] mapsgalaxy_39service 






~~~ Registry Values


Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL






~~~ Registry Keys


Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.dynamicbarbutton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.dynamicbarbutton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.feedmanager
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.feedmanager.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlmenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlmenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlpanel
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlpanel.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.multiplebutton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.multiplebutton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.pseudotransparentplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.pseudotransparentplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radio
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radio.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radiosettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radiosettings.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.scriptbutton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.scriptbutton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.settingsplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.settingsplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.skinlauncher
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.skinlauncher.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.skinlaunchersettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.skinlaunchersettings.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.thirdpartyinstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.thirdpartyinstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.urlalertbutton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.urlalertbutton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.xmlsessionplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.xmlsessionplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\hometab.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{173A5778-34BF-48A2-8A5E-6963CE922FED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1796EC91-D094-4A5F-B681-E16015D1CEAC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{26842A09-FFA8-4E2C-AE12-0C80F01C3295}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{364EA597-E728-4CE4-BB4A-ED846EF47970}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37ED966D-4D0E-4D66-9633-BEA542C92860}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4F28FA5F-7D15-4753-B4FC-D548A0F02BFB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{5E1BDCF6-DD5F-4DD3-8783-B1454AEF1830}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7D4DFAF7-F2CE-4C91-91A4-514C9612914D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9B58A6CE-B337-43D5-9C2F-8C6D92FBA094}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A083C35D-61A9-4625-BBB6-FB54E71B8527}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A35FF019-6DBE-4044-B080-6F3FA78A947F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B70E008C-967B-4104-BC7B-6F7C77DBC38D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C4A25B73-8EF5-4282-9D21-C8920DD577A1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CAE88E60-CEA5-4FCB-B611-54EA6305D8AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DB1384D8-1BDA-4C8D-A743-E9CA671FEB00}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E045DF14-BF1D-405C-A37B-A75C1551AD17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F3477E9D-D2F6-49F0-9B23-854D7958D07E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\hometab
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\mapsgalaxy_39
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\simplytech
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\mapsgalaxy_39
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\simplytech
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1233034886-2771921467-1450124296-1000\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\mapsgalaxy_39
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\driverscanner_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\hometab_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\hometab_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{421d35e3-d4bd-47a6-b6aa-d21ade07cf32}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\covus freemium gmbh
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AddLyrics_2901-8801ec1c_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AddLyrics_2901-8801ec1c_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_arcsoft-totalmedia_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_arcsoft-totalmedia_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_audiggle_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_audiggle_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_autolyrix_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_autolyrix_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_free-download-manager_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_free-download-manager_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_kinect-mouse-cursor_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_kinect-mouse-cursor_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_rar-repair-tool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_rar-repair-tool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_screen-recording-suite_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_screen-recording-suite_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_soundy-mouse_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_soundy-mouse_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_the-godfather_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_the-godfather_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AddLyrics_2901-8801ec1c_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AddLyrics_2901-8801ec1c_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_arcsoft-totalmedia_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_arcsoft-totalmedia_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_audiggle_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_audiggle_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_autolyrix_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_autolyrix_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_free-download-manager_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_free-download-manager_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_kinect-mouse-cursor_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_kinect-mouse-cursor_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_rar-repair-tool_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_rar-repair-tool_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_screen-recording-suite_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_screen-recording-suite_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_soundy-mouse_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_soundy-mouse_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_the-godfather_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_the-godfather_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba696155-d96e-4281-b467-0367a0456474}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{ba696155-d96e-4281-b467-0367a0456474}






~~~ Files


Successfully deleted: [File] "C:\Users\Holly\appdata\local\google\chrome\user data\default\bprotectorpreferences"
Successfully deleted: [File] "C:\Users\Holly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"
Successfully deleted: [File] C:\windows\syswow64\sho489.tmp
Successfully deleted: [File] "C:\windows\syswow64\wscm64.dll"






~~~ Folders


Successfully deleted: [Folder] "C:\ProgramData\browserdefender"
Successfully deleted: [Folder] "C:\Users\Holly\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Holly\appdata\local\downloadguide"
Successfully deleted: [Folder] "C:\Users\Holly\appdata\local\mapsgalaxy_39"
Successfully deleted: [Folder] "C:\Users\Holly\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Holly\appdata\locallow\iac"
Successfully deleted: [Folder] "C:\Users\Holly\appdata\locallow\mapsgalaxy_39"
Successfully deleted: [Folder] "C:\Program Files (x86)\firstrowsportapp.com"
Successfully deleted: [Folder] "C:\Program Files (x86)\mapsgalaxy_39"
Successfully deleted: [Empty Folder] C:\Users\Holly\appdata\local\{98B3C2AC-0C72-4CE0-85F1-B3E8BB3312BE}






~~~ FireFox


Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\web search.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\web search.xml"
Successfully deleted: [File] C:\Users\Holly\AppData\Roaming\mozilla\firefox\profiles\qqxqpcgl.default-1373885513585\invalidprefs.js
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\39ffxtbr@mapsgalaxy_39.com
Emptied folder: C:\Users\Holly\AppData\Roaming\mozilla\firefox\profiles\qqxqpcgl.default-1373885513585\minidumps [37 files]






~~~ Chrome


Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\kdlfddggdloaadnphbhejknhaggjaeld






~~~ Event Viewer Logs were cleared










~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.09.2013 at 17:43:26,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alles anzeigen

Code

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org


Datenbank Version: v2013.09.19.07


Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Holly :: HOLLY-PC [Administrator]


19.09.2013 21:20:33
MBAM-log-2013-09-19 (21-37-15).txt


Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 206972
Laufzeit: 16 Minute(n), 16 Sekunde(n)


Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)


Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)


Infizierte Registrierungsschlüssel: 2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3a4935b3-b7a0-4065-8ccc-0030471b33f1}_is1 (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\UNINS000.EXE (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.


Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)


Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)


Infizierte Verzeichnisse: 7
C:\Users\Holly\AppData\Roaming\dclogs (Stolen.Data) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\chrome (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\chrome (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\components (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\plugins (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.


Infizierte Dateien: 33
C:\Users\Holly\Desktop\maxthon browser setup.exe (PUP.Soft32Downloader) -> Keine Aktion durchgeführt.
C:\Users\Holly\AppData\Roaming\dclogs\2013-09-11-4.dc (Stolen.Data) -> Keine Aktion durchgeführt.
C:\Users\Holly\AppData\Roaming\dclogs\2013-09-13-6.dc (Stolen.Data) -> Keine Aktion durchgeführt.
C:\Users\Holly\AppData\Roaming\dclogs\2013-09-14-7.dc (Stolen.Data) -> Keine Aktion durchgeführt.
C:\Users\Holly\AppData\Roaming\dclogs\2013-09-15-1.dc (Stolen.Data) -> Keine Aktion durchgeführt.
C:\Users\Holly\AppData\Roaming\dclogs\2013-09-17-3.dc (Stolen.Data) -> Keine Aktion durchgeführt.
C:\Users\Holly\AppData\Roaming\dclogs\2013-09-18-4.dc (Stolen.Data) -> Keine Aktion durchgeführt.
C:\Users\Holly\AppData\Roaming\dclogs\2013-09-19-5.dc (Stolen.Data) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\Microsoft.Win32.TaskScheduler.xml (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\cinshlpr.dll (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\hometab_icon.ico (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\InstallHelper.dll (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\Interop.IWshRuntimeLibrary.dll (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\Microsoft.Win32.TaskScheduler.dll (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\ProtectedSearch.exe (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\ProtectedSearch.ico (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\STInst64.dll (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\STInst64.exe (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\System.Data.SQLite.dll (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\TaskSchedulerCreator.exe (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\TBUpdater.dll (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\ToolbarUninstall.exe (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\unins000.dat (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\unins000.exe (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\chrome.manifest (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\install.js (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\install.rdf (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\pop.htm (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\chrome\HomeTab_3869.jar (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\components\wtb_complete.js (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\HomeTab\support@HomeTab.com\plugins\npwiddit.dll (PUP.Optional.HomeTab.A) -> Keine Aktion durchgeführt.
C:\Users\Holly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage (PUP.Optional.BrowserDefender.A) -> Keine Aktion durchgeführt.


(Ende)

Alles anzeigen

Seit nun einer Woche ist die Fehlermeldung von Firefox nicht mehr aufgetaucht. Dafür bekomme ich einige Sekunden nach vollständigem Systhemstart: "Protected: Ein Element mit gleichem Schlüssel wurde bereits hinzugefügt"
Wohl irgendeine dll. doppelt, kann ich aber nicht nachvollziehen.

LG Holly

HollyX

Oh das tut mir Leid, wenn ich mit den Zitaten falsch umgehe. Ist für mich gänzlich neu in einem Forum zu kommunizieren. Nehme jeden Tipp auf und lerne gerne dazu.

Was Anonymisizer angeht war vor etwa einem Jahr einmal ibVPN installiert. Aber mein Prob könnte damit auch nix zu tun haben, da es ja erst seit nun drei Wochen auftritt.
Ich habe nun gestern Adware, Hijack, JunkRemoval,OTL, mbam laufen lassen. Wie poste ich am Besten die Logs?
THX Holly

P.S. Vielen Dank - es geht gesundheitlich voran. Ein paar Knochenbrüche.

HollyX

Zitat von Fox2Fox

MozBackup ist als Fehlerquelle bekannt. Treten gerne nach dem Wiederherstellen der gesicherten Daten auf.
Besser, da fehlerfrei ist Firesave [Blockierte Grafik: http://i39.tinypic.com/s1kgb4.png](Quelle) [Blockierte Grafik: http://i39.tinypic.com/s1kgb4.png]

Hi Fox,
auch Dir Dank für Deinen Vorschlag. Bei allen meinen Bemühungen galt MozBackup als das Maß aller Dinge. Von Firesave habe ich nirgends Infos gehabt. Werde es nutzen sobald mein Fuchs wieder sauber ist.

Gruß Holly

HollyX

Zitat von Bernd.

Könnte vieles sein - vom "GFK Internet Monitor" über "Apache Axis2" bis hin zu jsunpack und Trojanern (Java).

Schnuppe, das Protokoll wird erwünscht:
Malwarebytes' Anti-Malware (MBAM)
http://www.malwarebytes.org/
Updates laden, vollständigen Scan!
Mit Admin-Rechten ausführen
[Blockierte Grafik: http://img1.imagebanana.com/img/dq2md5e2/Gold.png] http://www.hijackthis-forum.de/tipps-tricks/2…-anleitung.html
Das Logbuch bitte hier als CODE einfügen
[Blockierte Grafik: http://i.imagebanana.com/img/jmjys25z/code_insert2.png]
AdwCleaner
[Blockierte Grafik: http://img1.imagebanana.com/img/dq2md5e2/Gold.png] http://www.bleepingcomputer.com/download/adwcleaner/
Erst suchen, dann das Logbuch hier als CODE einfügen, dann erst löschen lassen!
OTL
[Blockierte Grafik: http://img1.imagebanana.com/img/dq2md5e2/Gold.png] http://www.trojaner-board.de/85104-otl-otlogfile-oldtimer.html
Prozesse [x] Alles, [x] LOP [x] Purity, [x] Scanne alle Benutzer, [x] Standardausgabe
Mit Admin-Rechten ausführen.
Die 2 Logbücher (OTL.txt, EXTRAS.txt) bitte hier als ZIP anhängen
[Blockierte Grafik: http://i.imagebanana.com/img/1gruih8h/zip_insert.png]

Alles anzeigen

Sorry, ich war bis heute im Krankenhaus.
Werde die Dateien so schnell wie möglich senden. Danke für Deine vorläufige Hilfe.
Holly

HollyX

Zitat von Boersenfeger

..darüber hatte ich bereits spekuliert...
Wollen wir hoffen, das der Themenersteller entsprechendes nicht wieder installiert...

Sorry, aber es lag an keiner Installation. Da ich vom Zeitpunkt eines einwandfreien Betriebs bis zum Auftreten des Fehlers weder etwas installiert noch deinstalliert habe. Nicht einmal irgendwelche Updates sind gelaufen. Wäre so etwas abgelaufen, hätte ich mich nicht so gewundert.

Da ich Firefox mit allen Einstellungen dringend weiter nutzen mußte, war nun einmal meine Lösung die "radikale" der Neuinstallation. Mit MozBackup habe ich dann eine Sicherung zurückgespielt. Letzteres hatte ich vorher ohne Neuinstallation probiert, was die Fehlermeldung aber nicht verhinderte.

Was das "Vorgaukeln" eines Hosts angeht: Von so etwas verstehe ich nun so rein gar nichts :lol:

Grüße, Holly

P.S. Ich bin "Er"

HollyX

Zitat von .Hermes

Von dir bewusst vielleicht nicht. Jedoch zeigt …
eine Veränderung des Systems.
I.a.W. eine Anwendung, die jetzt als installiert auf deinem PC erwartet wird.
Keine Ahnung was das ist, jedoch solltest du dein System untersuchen, die Umgebung des Fx zuerst.
P.S. es wäre nett, wenn du in deinem Beitrag die fette Schrift in eine normale Schrift ändern würdest.

Schrift: Ok - ich habe keine Vorschau angesehen. Ich kenne aus anderen Foren das Gegenteil. Dort ist halt Fett die bessere Wahl.
Tja, Erweiterungen bzw. überhaupt eine Änderung wurde nicht vorgenommen. Adware / Hijackthis etc. zeigten keine Ergebnisse.
Ich wählte nun die Radikallösung und habe den Fuchs neu installiert. Ich bedanke mich - bei allen - für die Antworten. Es ist bei jeder etwas dabei, was ich mir für die Zukunft merken werde.

Lieben Gruß, Holly

HollyX

Moin, seit zwei Stunden recherchiere ich nun und habe nichts gefunden. Daher muß ich doch tatsächlich einen Thread eröffnen.
Seit heute erhalte ich folgende Meldung: " Firefox kann keine Verbindung zu dem Server unter localhost:9768 aufbauen".
Gefühlt hat sie zunächst keine Konsequenzen. Der Fuchs wird jedoch mit der Zeit langsamer und es erscheint in immer kürzeren Intervallen die Windows-Meldung "Keine Rückmeldung". In dieser Zeit nimmt sich Firefox die komplette CPU sowie Massiv Arbeitsspeicher. Aktuellste Version in Win 7 Home Premium; 4GB Speicher; per W-Lan im Netz (Ftritzbox 7320).
- es wurde bis zum erscheinen der Meldung nichts neues Installiert
- nichts deinstalliert
- Spy- und Malwarecheck mit mehreren Scannern negativ
- Virencheck mit Norton 360 negativ

Was könnte es damit auf sich haben?

Grüße ut Hamburg,
Holly

Edit 2002Andreas
Habe die Schrift geändert, lässt sich so besser lesen.

Beiträge von HollyX

Fehlermeldung über eine Verbindung

Fehlermeldung über eine Verbindung

Fehlermeldung über eine Verbindung

Fehlermeldung über eine Verbindung

Fehlermeldung über eine Verbindung

Fehlermeldung über eine Verbindung

Fehlermeldung über eine Verbindung

Fehlermeldung über eine Verbindung