ok, danke. Ich versuch es.
Seit FF-update öffnet sich bei jedem neuen Fenster eine 2. Seite "Verbindung fehlgeschlagen Beim Verbinden mit 0.0.0.1 trat ein Fehler auf".
-
verasFoxi -
19. April 2024 um 11:21 -
Erledigt
-
-
Mhh, auf der Malerwarebytes Seite hat er einen Virenscan durchgeführt, wo nichts gefunden wurde. Das ist ja der Adw cleaner, oder?
Wie 2002Andreas im vorigen Beitrag zeigt, musst du die Installationsdatei für den Adwcleaner herunterladen und an einem Ort deiner Wahl speichern und dann von dort starten. Adwcleaner macht keinen Virenscan. Malwarebytes bietet ebenfalls ein eigenes Programm Malwarebytes an. Dieses ist ein Antivirusprogramm. Früher wurde der Adwcleaner mal von einem anderen Anbieter entwickelt.
-
ok, danke für die Aufklärung
-
https://www.chip.de/downloads/AdwCleaner_58118522.html
downloaden, Scan starten, Malware in Quarantäne verschieben, fertig.
Zusätzlich:
ESET Online Scanner Download Link & How To Run A ScanESET Online Scanner is a second-opinion scanner, designed to rescue your computer from malware (viruses, trojans, rootkits, etc.) that have infected yourmalwaretips.comkompletter Suchlauf
-
Ok, es wurde sehr viel gefunden. Habe alles in Quarantäne. Wie es aussieht geht es jetzt wieder. Soll ich den ganzen Bericht hier schicken?
Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-19-2024
# Duration: 00:00:06
# OS: Windows 10 (Build 19045.4291)
# Cleaned: 78
# Failed: 0
***** [ Services ] *****No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Browser Files
Deleted C:\Program Files (x86)\VLC Plus Player
Deleted C:\Program Files\VLC Plus Player
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player
Deleted C:\Users\Angelika\AppData\Local\Temp\DMR
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Public\App Explorer
Deleted C:\Users\Tiram\AppData\Roaming\DESKTOPICONAMAZON
Deleted C:\Users\Tiram\Favorites\Links\Startfenster
Deleted C:\Users\Tiram\Favorites\Startfenster
Deleted C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Lavasoft\Web Companion***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Deleted C:\Users\Public\Desktop\VLC Plus Player.lnk
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\9615527ed32d1af375adcf00c3c36883
Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AA3FCD0-930D-4CA6-AFD3-5BFFD570D6C7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E61B1AB66C44604797AC56F6BC3B0FF
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37A47D4566095BF44A2CA19FBDFA04A9
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B90A3D3F68EADC47B40D2D572B76E62
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\638EEBF8065E4B845AD5CAB77949D6CC
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\884DF2290FDFBE9408D20E763774932B
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F60B79E6444F2DE4EAC868B34B7EDADA
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FE90F95E2F75E9143B28CD4FD9C91A78
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9
Deleted HKLM\Software\VLCPP
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\VLCPP
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player (x86)
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-19\Software\Host App Service
Deleted HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-20\Software\Host App Service
Deleted HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5890AEDF-E4A9-4257-9A12-B14303574A85}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{558E7D3D-DFF9-4CF1-A889-635A64A933B2}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5890AEDF-E4A9-4257-9A12-B14303574A85}
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Deleted Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7409ED35-2013-4F8D-9C06-61B70E807660}
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Deleted Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3406B85D-3F62-400D-81F1-7F319A8A6FA8}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F919A703-0E44-46E8-8ECA-C68C466B7CF1}
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Deleted Preinstalled.AcerQuickAccessService Folder C:\Program Files\ACER\QUICK ACCESS SERVICE
Deleted Preinstalled.AcerQuickAccessService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB25551C-74EF-4BAB-9989-891517FCF9FF}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{160B93B3-A550-42AA-8214-93B36FF15CA8}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6811906-4B44-44D6-AF7F-D30E9EDD398A}
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEIPInvitation
Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Deleted Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Deleted Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UEIPINVITATION
Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Deleted Preinstalled.UserExperienceImprovementProgramService Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM SERVICE\FRAMEWORK
Deleted Preinstalled.UserExperienceImprovementProgramService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}
Deleted Preinstalled.WildTangentGamesBundle Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WILDTANGENT GAMES
*************************[+] Delete IFEO
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset BITS
[+] Reset Windows Firewall
[+] Reset Hosts File
[+] Reset IPSec
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset TCP/IP
[+] Reset Winsock
[+] Reset Windows Installer*************************
AdwCleaner[S00].txt - [9893 octets] - [19/04/2024 20:13:41]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Soll ich den ganzen Bericht hier schicken?
Ja, wäre interessant. Klicke hier im Antworten-Fenster auf das fünfte Symbol von rechts („Code-Block einfügen“) und dann, in dem kleinen Fenster, auf die Schaltfläche Einfügen. Jetzt wird ein leerer Kasten eingefügt, in den du den Text aus deiner Logdatei einfügst.
-
Code: Malwarebytes AdwCleaner 8.4.2.0 # ------------------------------- # Build: 03-04-2024 # Database: 2024-03-04.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 04-19-2024 # Duration: 00:00:06 # OS: Windows 10 (Build 19045.4291) # Cleaned: 78 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\Browser Files Deleted C:\Program Files (x86)\VLC Plus Player Deleted C:\Program Files\VLC Plus Player Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player Deleted C:\Users\Angelika\AppData\Local\Temp\DMR Deleted C:\Users\Default\AppData\Local\Host App Service Deleted C:\Users\Public\App Explorer Deleted C:\Users\Tiram\AppData\Roaming\DESKTOPICONAMAZON Deleted C:\Users\Tiram\Favorites\Links\Startfenster Deleted C:\Users\Tiram\Favorites\Startfenster Deleted C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A} Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Lavasoft\Web Companion ***** [ Files ] ***** Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk Deleted C:\Users\Public\Desktop\VLC Plus Player.lnk Deleted C:\Windows\System32\Tasks_Migrated\App Explorer ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** Deleted C:\Windows\System32\Tasks\APP EXPLORER ***** [ Registry ] ***** Deleted HKCU\SOFTWARE\9615527ed32d1af375adcf00c3c36883 Deleted HKCU\Software\App Host Service Deleted HKCU\Software\Host App Service Deleted HKCU\Software\Lavasoft\Web Companion Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AA3FCD0-930D-4CA6-AFD3-5BFFD570D6C7} Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C Deleted HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9 Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C Deleted HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9 Deleted HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6 Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E61B1AB66C44604797AC56F6BC3B0FF Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37A47D4566095BF44A2CA19FBDFA04A9 Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B90A3D3F68EADC47B40D2D572B76E62 Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\638EEBF8065E4B845AD5CAB77949D6CC Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\884DF2290FDFBE9408D20E763774932B Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F60B79E6444F2DE4EAC868B34B7EDADA Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FE90F95E2F75E9143B28CD4FD9C91A78 Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9 Deleted HKLM\Software\VLCPP Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion Deleted HKLM\Software\Wow6432Node\VLCPP Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player (x86) Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com Deleted HKU\S-1-5-19\Software\Host App Service Deleted HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service Deleted HKU\S-1-5-20\Software\Host App Service Deleted HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries cleaned. ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Hosts File Entries ] ***** No malicious hosts file entries cleaned. ***** [ Preinstalled Software ] ***** Deleted Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5890AEDF-E4A9-4257-9A12-B14303574A85} Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{558E7D3D-DFF9-4CF1-A889-635A64A933B2} Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5890AEDF-E4A9-4257-9A12-B14303574A85} Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent Deleted Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication Deleted Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7409ED35-2013-4F8D-9C06-61B70E807660} Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT Deleted Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION Deleted Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3406B85D-3F62-400D-81F1-7F319A8A6FA8} Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F919A703-0E44-46E8-8ECA-C68C466B7CF1} Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button Deleted Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON Deleted Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS Deleted Preinstalled.AcerQuickAccessService Folder C:\Program Files\ACER\QUICK ACCESS SERVICE Deleted Preinstalled.AcerQuickAccessService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB25551C-74EF-4BAB-9989-891517FCF9FF} Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{160B93B3-A550-42AA-8214-93B36FF15CA8} Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6811906-4B44-44D6-AF7F-D30E9EDD398A} Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEIPInvitation Deleted Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService Deleted Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE Deleted Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UEIPINVITATION Deleted Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER Deleted Preinstalled.UserExperienceImprovementProgramService Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM SERVICE\FRAMEWORK Deleted Preinstalled.UserExperienceImprovementProgramService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7} Deleted Preinstalled.WildTangentGamesBundle Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WILDTANGENT GAMES ************************* [+] Delete IFEO [+] Delete Prefetch [+] Delete Tracing Keys [+] Reset BITS [+] Reset Windows Firewall [+] Reset Hosts File [+] Reset IPSec [+] Reset Chromium Policies [+] Reset IE Policies [+] Reset Proxy Settings [+] Reset TCP/IP [+] Reset Winsock [+] Reset Windows Installer ************************* AdwCleaner[S00].txt - [9893 octets] - [19/04/2024 20:13:41] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Danke für die Hilfe!
-
Ach, du hast schon gelöscht. Bitte nach einem Scan erst einmal nichts löschen.
-
oh nein, ich hab doch nur angeklickt in Quarantäne. Ist das jetzt schlimm?
-
Gehe mal links auf Logdateien. Wähle den Suchlauf aus (du dürftest ja nur einen haben) und klicke doppelt drauf. Jetzt müsste sich ein Editor-Fenster (z. B. von Notepad++) öffnen. Schaue mal dort nach, ob dort ebenfalls überall Deleted steht.
-
Ist auf dem Rechner die Software Ad-Aware Web Companion installiert?
-
sieht so aus:
alwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-19-2024
# Duration: 00:00:14
# OS: Windows 10 (Build 19045.4291)
# Scanned: 32099
# Detected: 78
***** [ Services ] *****No malicious services found.
***** [ Folders ] *****
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\Public\App Explorer
Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
PUP.Optional.Chip C:\Windows\Installer\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}
PUP.Optional.DownloadSponsor C:\Users\Angelika\AppData\Local\Temp\DMR
PUP.Optional.Legacy C:\Users\Tiram\AppData\Roaming\DESKTOPICONAMAZON
PUP.Optional.StartFenster C:\Users\Tiram\Favorites\Links\Startfenster
PUP.Optional.StartFenster C:\Users\Tiram\Favorites\Startfenster
PUP.Optional.VLCPlusPlayer.DE C:\Program Files (x86)\VLC Plus Player
PUP.Optional.VLCPlusPlayer.DE C:\Program Files\VLC Plus Player
PUP.Optional.VLCPlusPlayer.DE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VLC Plus Player
PUP.Optional.WebCompanion C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Lavasoft\Web Companion
PUP.Optional.WebsucheDE C:\Program Files (x86)\Browser Files***** [ Files ] *****
Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer
PUP.Optional.VLCPlusPlayer.DE C:\Users\Public\Desktop\VLC Plus Player.lnk***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
Adware.pokki C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Adware.pokki HKCU\Software\App Host Service
Adware.pokki HKCU\Software\Host App Service
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3AA3FCD0-930D-4CA6-AFD3-5BFFD570D6C7}
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Adware.pokki HKU\S-1-5-19\Software\Host App Service
Adware.pokki HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki HKU\S-1-5-20\Software\Host App Service
Adware.pokki HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
PUP.Adware.Heuristic HKCU\SOFTWARE\9615527ed32d1af375adcf00c3c36883
PUP.Optional.Chip HKLM\Software\Classes\Installer\Features\E49AC3054380EEC4DA29AB71FAE408A9
PUP.Optional.Chip HKLM\Software\Classes\Installer\Products\E49AC3054380EEC4DA29AB71FAE408A9
PUP.Optional.Chip HKLM\Software\Classes\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\04A063A0BBEACF54EAEF493C49D9E3F6
PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E61B1AB66C44604797AC56F6BC3B0FF
PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\37A47D4566095BF44A2CA19FBDFA04A9
PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5B90A3D3F68EADC47B40D2D572B76E62
PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\638EEBF8065E4B845AD5CAB77949D6CC
PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\884DF2290FDFBE9408D20E763774932B
PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F60B79E6444F2DE4EAC868B34B7EDADA
PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FE90F95E2F75E9143B28CD4FD9C91A78
PUP.Optional.Chip HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E49AC3054380EEC4DA29AB71FAE408A9
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.VLCPlusPlayer.DE HKLM\Software\VLCPP
PUP.Optional.VLCPlusPlayer.DE HKLM\Software\Wow6432Node\VLCPP
PUP.Optional.VLCPlusPlayer.DE HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\VLC Plus Player (x86)
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5890AEDF-E4A9-4257-9A12-B14303574A85}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{558E7D3D-DFF9-4CF1-A889-635A64A933B2}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5890AEDF-E4A9-4257-9A12-B14303574A85}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7409ED35-2013-4F8D-9C06-61B70E807660}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3406B85D-3F62-400D-81F1-7F319A8A6FA8}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F919A703-0E44-46E8-8ECA-C68C466B7CF1}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerQuickAccessService Folder C:\Program Files\ACER\QUICK ACCESS SERVICE
Preinstalled.AcerQuickAccessService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB25551C-74EF-4BAB-9989-891517FCF9FF}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{160B93B3-A550-42AA-8214-93B36FF15CA8}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6811906-4B44-44D6-AF7F-D30E9EDD398A}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UEIPInvitation
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UEIPINVITATION
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.UserExperienceImprovementProgramService Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM SERVICE\FRAMEWORK
Preinstalled.UserExperienceImprovementProgramService Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}
Preinstalled.WildTangentGamesBundle Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WILDTANGENT GAMES########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
-
Fein, nun ist der Text auch sauber formatiert. Das ist allerhand. Was das Problem dieses Threads angeht, scheinen mir diese Adware.pokki-Einträge verantwortlich zu sein. Du hast offensichtlich auch VLC Plus Player installiert. Das ist nicht das Original und ist für Malware bekannt. Das Original findest du auf videolan.org.
-
ok, super, vielen lieben Dank für die Hilfe! Dann werde ich den VCl Player deinstallieren.
Muss ich noch was machen?
-
Muss ich noch was machen?
Schaue mal auch in der Systemsteuerung von Windows unter Programme und Features, ob dort noch etwas anderes aus der Logdatei aufgeführt, z. B. dieses Web Companion. Runter damit.
-
Muss ich noch was machen?
Besteht das Problem denn noch? Denn dann könntest du machen, worauf ich in diesem Thema bereits drei Mal hingewiesen habe und bislang von jedem ignoriert wurde, der das Problem hat:
Gut wäre es, wenn einer der betroffenen Nutzer mozregression ausführen könnte:
https://mozilla.github.io/mozregression/
Letzte gute Version: Firefox 124, erste schlechte Version 125. Es wird dann Build für Build ausgeführt, nach jedem sagt man „Good“ oder „Bad“. Die letzte „Pushlog-URL“, die es gibt, wäre hilfreich.
Wenn Hilfe benötigt wird, bitte Bescheid geben. Die aktuelle Version kann von hier heruntergeladen werden:
Release 6.0.2 · mozilla/mozregressionWhat's Changed build(deps): bump taskcluster from 56.0.2 to 56.0.3 by @dependabot in #1511 build(deps): bump urllib3 from 2.0.6 to 2.0.7 by @dependabot in…github.commozregression-gui-signed.exe
-
Muss ich noch was machen?
Ein Hinweis für die Zukunft mal.
Programme bitte immer nur direkt vom Hersteller laden.
Programme immer nur benutzerdefiniert installieren, damit du genau sehen kannst, was dir evtl. zusätzlich noch installiert werden soll.
Toolbars immer abwählen!
Und bitte nie etwas von der Seite Softonic downloaden
Auch Seiten wie Chip und Co. dringend meiden
-
NEIN! Immer von der Originalseite herunterladen. Und gerade Chip will einem etwas unterjubeln. Die Originalseite ist hier von Malwarebytes.
-
Bitte prüfe auch ob noch ein "Chip Installer" oder "Chip Updater.exe"
oder irgendwas mit "Chip" im Namen vorhanden ist.
Von den Seiten chip.de oder softonic.com nichts herunterladen,
dort besteht eine große Wahrscheinlichkeit ungewollte Software untergejubelt zu bekommen.
Speravir Du hast 100% recht mit download nur von der Hersteller-Seite.
Firefox sollte auch nur von https://www.mozilla.org/de/firefox/all…desktop-release geladen werden.
-
wialin Es empfiehlt sich auch das Programm Malwarebytes zu installieren. Das ist ein umfangreiches Programm, mit dem du gelegentlich nach Malware suchen solltest.
Malwarebytes Cybersicherheit für Privatanwender und UnternehmenMalwarebytes schützt Sie vor Schadsoftware, Ransomware, bösartigen Webseiten und anderen erweiterten Online-Bedrohungen, die dazu geführt haben, dass…de.malwarebytes.comDort dann oben rechts auf den gelben Button „Kostenlos herunterladen“.
