Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Trojaner Blacole mit McAffee gefunden

Trojaner Blacole mit McAffee gefunden


Plagegeister aller Art und deren Bekämpfung: Trojaner Blacole mit McAffee gefunden

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.07.2012, 20:48   #1
Matze1079
 
Trojaner Blacole mit McAffee gefunden - Standard

Trojaner Blacole mit McAffee gefunden


Hallo. Anbei das Log nach dem Löschen:
Zitat:
# AdwCleaner v1.703 - Logfile created 07/24/2012 at 21:40:54
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Matze - MATZE-PC
# Running from : C:\Users\Matze\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Matze\AppData\LocalLow\pdfforge
Folder Deleted : C:\Users\Matze\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Matze\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\ajofvare.default\Conduit
Folder Deleted : C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\ajofvare.default\ConduitCommon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\Application Updater
File Deleted : C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\ajofvare.default\searchplugins\Conduit.xml

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\pdfforge
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKLM\SOFTWARE\Application Updater
Key Deleted : HKLM\SOFTWARE\DT Soft
Key Deleted : HKLM\SOFTWARE\pdfforge
Key Deleted : HKLM\SOFTWARE\Search Settings

***** [Registre - GUID] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
[x64] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v13.0 (de)

Profile name : default
File : C:\Users\Matze\AppData\Roaming\Mozilla\Firefox\Profiles\ajofvare.default\prefs.js

Deleted : user_pref("CT2843456..clientLogIsEnabled", false);
Deleted : user_pref("CT2843456..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2843456..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2843456.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2843456.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2843456.AppTrackingLastCheckTime", "Sat Jan 07 2012 21:47:56 GMT+0100");
Deleted : user_pref("CT2843456.BrowserCompStateIsOpen_1334739430000", true);
Deleted : user_pref("CT2843456.CTID", "CT2843456");
Deleted : user_pref("CT2843456.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2843456.CurrentServerDate", "24-7-2012");
Deleted : user_pref("CT2843456.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2843456.DialogsGetterLastCheckTime", "Sun Jul 22 2012 11:17:34 GMT+0200");
Deleted : user_pref("CT2843456.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2843456.FirstServerDate", "17-1-2011");
Deleted : user_pref("CT2843456.FirstTime", true);
Deleted : user_pref("CT2843456.FirstTimeFF3", true);
Deleted : user_pref("CT2843456.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2843456.GroupingInvalidateCache", false);
Deleted : user_pref("CT2843456.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2843456.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2843456.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2843456.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2843456.HasUserGlobalKeys", true);
Deleted : user_pref("CT2843456.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2843456.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Deleted : user_pref("CT2843456.Initialize", true);
Deleted : user_pref("CT2843456.InitializeCommonPrefs", true);
Deleted : user_pref("CT2843456.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2843456.InstalledDate", "Mon Jan 17 2011 18:55:42 GMT+0100");
Deleted : user_pref("CT2843456.InvalidateCache", false);
Deleted : user_pref("CT2843456.IsAlertDBUpdated", true);
Deleted : user_pref("CT2843456.IsGrouping", false);
Deleted : user_pref("CT2843456.IsMulticommunity", false);
Deleted : user_pref("CT2843456.IsOpenThankYouPage", true);
Deleted : user_pref("CT2843456.IsOpenUninstallPage", true);
Deleted : user_pref("CT2843456.LanguagePackLastCheckTime", "Tue Jul 24 2012 21:18:38 GMT+0200");
Deleted : user_pref("CT2843456.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2843456.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2843456.LastLogin_3.12.0.7", "Wed Apr 25 2012 06:21:36 GMT+0200");
Deleted : user_pref("CT2843456.LastLogin_3.12.2.3", "Thu May 31 2012 06:20:53 GMT+0200");
Deleted : user_pref("CT2843456.LastLogin_3.13.0.6", "Mon Jul 16 2012 01:20:13 GMT+0200");
Deleted : user_pref("CT2843456.LastLogin_3.14.1.0", "Tue Jul 24 2012 21:18:39 GMT+0200");
Deleted : user_pref("CT2843456.LastLogin_3.2.5.2", "Sun Apr 10 2011 11:12:47 GMT+0200");
Deleted : user_pref("CT2843456.LastLogin_3.3.3.2", "Sun Jun 26 2011 12:49:13 GMT+0200");
Deleted : user_pref("CT2843456.LastLogin_3.5.0.12", "Wed Jul 27 2011 18:46:00 GMT+0200");
Deleted : user_pref("CT2843456.LastLogin_3.6.0.10", "Wed Sep 28 2011 12:57:56 GMT+0200");
Deleted : user_pref("CT2843456.LastLogin_3.7.0.6", "Mon Nov 07 2011 13:00:24 GMT+0100");
Deleted : user_pref("CT2843456.LastLogin_3.8.0.8", "Sun Nov 27 2011 10:36:18 GMT+0100");
Deleted : user_pref("CT2843456.LastLogin_3.8.1.0", "Mon Jan 09 2012 23:04:14 GMT+0100");
Deleted : user_pref("CT2843456.LastLogin_3.9.0.3", "Sun Jan 22 2012 20:25:21 GMT+0100");
Deleted : user_pref("CT2843456.LatestVersion", "3.14.1.0");
Deleted : user_pref("CT2843456.Locale", "de-de");
Deleted : user_pref("CT2843456.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2843456.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2843456.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2843456.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT2843456.RadioLastCheckTime", "0");
Deleted : user_pref("CT2843456.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2843456.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2843456.SearchBoxWidth", 100);
Deleted : user_pref("CT2843456.SearchEngineBeforeUnload", "Bigpoint Games DE Customized Web Search");
Deleted : user_pref("CT2843456.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2843456.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT284[...]
Deleted : user_pref("CT2843456.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2843456.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2843456.SearchInNewTabLastCheckTime", "Tue Jul 24 2012 21:18:37 GMT+0200");
Deleted : user_pref("CT2843456.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2843456.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2843456.SearchProtectorEnabled", false);
Deleted : user_pref("CT2843456.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2843456.ServiceMapLastCheckTime", "Tue Jul 24 2012 21:18:38 GMT+0200");
Deleted : user_pref("CT2843456.SettingsLastCheckTime", "Tue Jul 24 2012 21:18:37 GMT+0200");
Deleted : user_pref("CT2843456.SettingsLastUpdate", "1342353809");
Deleted : user_pref("CT2843456.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2843456.ThirdPartyComponentsLastCheck", "Sat Jan 07 2012 09:47:44 GMT+0100");
Deleted : user_pref("CT2843456.ThirdPartyComponentsLastUpdate", "1255348257");
Deleted : user_pref("CT2843456.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2843456.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2843456");
Deleted : user_pref("CT2843456.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2843456.UserID", "UN68160128843866026");
Deleted : user_pref("CT2843456.ValidationData_Search", 0);
Deleted : user_pref("CT2843456.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2843456.alertChannelId", "1235508");
Deleted : user_pref("CT2843456.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B4D4[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C474[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e.:2z527", "247E707571777278333228702A7B797B7B7E30273224262[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e.x305", "247E2A4137374434337A463B3E2B732D7A7D7C213229343F5[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e/x305", "247E2B413536327844393C29712B787C7B773027323E4C434[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e06cg5el8:", "6E6D6D706A6C72767076");
Deleted : user_pref("CT2843456.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747373767072787C767C242F4B4947[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e0x305", "247E2C403A407743383B28702A777C757D2F26313E4129554[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e1x305", "247E2D41313D403279453A3D2A722C7A77797E31283341473[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e2x305", "247E2E3542313D3D393A7B473C3F2C742E79207D322934435[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e31;cjc<=fbj#mm", "247E61393F236B257576737A2A212C6E414F444D[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e3x305", "247E2F413F3B36333F47463F7D493E412E76307E222421352[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A5[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e5x305", "247E3136422B7743383B28702A79757A772F2631434B3D495[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e6x305", "247E322C3E32323238453E7C483D402D752F7E7B2424342B3[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e7x305", "247E333D2C3F3E3F79453A3D2A722C7B7A797A31283347474[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e8x305", "247E343D3F3B35373B3F367C47472C742E7E7823322934495[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e9x305", "247E35332C3F327844393C29712B7B757979302732484C4F4[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e:x305", "247E36333B38327844393C29712B7B76797A3027324948554[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e;x305", "247E373F333F3738422F7B473C3F2C742E7E7A7A22332A354[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e<x305", "247E38343030442F463644377D493E412E7630217D2426352[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e=x305", "247E3933363F41413739357C483D402D752F207E2022342B3[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e>x305", "247E3A41363F323238387B473C3F2C742E7E20217C332A355[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e?x305", "247E3B2D2F2F334134403A3A7D494C2D752F2023207E342B3[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7e@x305", "247E3C40422B7743383B28702A7B767E782F26314E52543D2[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7eax305", "247E3D3D37387743383B28702A7B7A757E2F26314F4F544A5[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B26[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7ebx305", "247E3E393141303D33454036327E4A3F422F77317B7D23352[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7ecx305", "247E3F3D303043312E7A463B3E2B732D7B207E31283353515[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7edx305", "247E4035422A363879453A3D2A722C7D202F26315247543C4[...]
Deleted : user_pref("CT2843456.backendstorage./9b+7etx305", "247E6E2F2E3B323342357B44392B732D7A7B7B7C322934215[...]
Deleted : user_pref("CT2843456.backendstorage./9b-0?3g>d", "3E6A3D6A417072437A4548457220497D7E7E257A507B542A20[...]
Deleted : user_pref("CT2843456.backendstorage./9b-0?3g@6:5;", "");
Deleted : user_pref("CT2843456.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
Deleted : user_pref("CT2843456.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E424[...]
Deleted : user_pref("CT2843456.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
Deleted : user_pref("CT2843456.backendstorage./9b3=>@44i48?", "372C2D32697576334236334148477A213F3E484F4E4D464[...]
Deleted : user_pref("CT2843456.backendstorage./9b5ba==9cjag", "3B706D3D6A3F6F717A4345754A4B79777777227C23");
Deleted : user_pref("CT2843456.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6D706A6C72767076737777");
Deleted : user_pref("CT2843456.backendstorage./9b9643g3/9e", "6A");
Deleted : user_pref("CT2843456.backendstorage./9b<:222h64<", "393F352F3E");
Deleted : user_pref("CT2843456.backendstorage./9b=+03eh8h8j?:", "4443");
Deleted : user_pref("CT2843456.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B26514649[...]
Deleted : user_pref("CT2843456.backendstorage./9b?b0d:8aj62<h", "6D");
Deleted : user_pref("CT2843456.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");
Deleted : user_pref("CT2843456.backendstorage.shoppingapp.gk.exipres", "467269204A756C20323720323031322032303A[...]
Deleted : user_pref("CT2843456.backendstorage.shoppingapp.gk.geolocation", "6765726D616E79");
Deleted : user_pref("CT2843456.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2843456.globalFirstTimeInfoLastCheckTime", "Wed Jan 18 2012 06:17:37 GMT+0100");
Deleted : user_pref("CT2843456.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2843456.initDone", true);
Deleted : user_pref("CT2843456.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2843456.myStuffEnabled", true);
Deleted : user_pref("CT2843456.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2843456.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2843456.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2843456.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2843456.oldAppsList", "129343781516075326,129343781516387827,111,129343781516544078,129[...]
Deleted : user_pref("CT2843456.revertSettingsEnabled", true);
Deleted : user_pref("CT2843456.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2843456.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2843456.testingCtid", "");
Deleted : user_pref("CT2843456.toolbarAppMetaDataLastCheckTime", "Tue Jul 24 2012 21:18:38 GMT+0200");
Deleted : user_pref("CT2843456.toolbarContextMenuLastCheckTime", "Sun Jan 15 2012 22:38:32 GMT+0100");
Deleted : user_pref("CT2843456.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2843456/CT2843456[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1235508/1231181/DE", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2843456", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2843456",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63433363123173[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2843456&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2843456/CT2843456[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{0e3dbc69-a682-48da-84e1-82c63a5d678e}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "bigpoint_games_de");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Matze\\AppData\\Roaming\\Mozilla\\F[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.9.0.3");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://pgcff.pricegong.com/agreement/agree.html#pg_e[...]
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2843456");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{0e3dbc69-a682-48da-84e1-82c63a5d678e}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "bigpoint_games_de");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2843456");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2843456");
Deleted : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon May 02 2011 19:48:19 GMT+02[...]
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Jun 25 2011 22:25:32 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 26 2011 12:53:16 GMT+0200");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "2d8136f5-2968-4832-9e00-ce0268dc6437");
Deleted : user_pref("CommunityToolbar.globalUserId", "fba62788-9932-4808-ae83-de88c01e5d8d");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2843456");
Deleted : user_pref("CommunityToolbar.killedEngine", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Jan 20 2012 06:20:1[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Jan 22 2012 20:25:27 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Jan 22 2012 20:25:18 GMT+0100");
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "c991e038-8276-4c4c-89e1-e3d91ea29f5c");
Deleted : user_pref("CommunityToolbar.undefined", "");
Deleted : user_pref("browser.search.defaultthis.engineName", "Bigpoint Games DE Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2843456&Sea[...]
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2843456&q=&SearchSource=2[...]

*************************

AdwCleaner[R1].txt - [23032 octets] - [23/07/2012 20:44:15]
AdwCleaner[S1].txt - [23238 octets] - [24/07/2012 21:40:54]

########## EOF - C:\AdwCleaner[S1].txt - [23367 octets] ##########
Langsam machst du mir etwas Angst! Hatte gehofft alles ist ok. Aber das scheint ja nicht ganz so. Trotzdem danke für die Hilfe.

Antwort

Themen zu Trojaner Blacole mit McAffee gefunden
administrator, aufrufe, autostart, blacole, datei, dateien, downloader, escan, folge, frage, gelöscht, heuristiks/extra, heuristiks/shuriken, internet, logfile, löschen, malware, microsoft, namen, neustart, pdfforge toolbar, problem, probleme, programm, scan, sicherheit, trojaner, trojaner blacole, update, viren, windows


« BKA-Trojaner, Computer neu aufsetzen | GVU-Trojaner auf Vista 64bit »


Ähnliche Themen: Trojaner Blacole mit McAffee gefunden


  1. McAfee: Problem/Bedrohung entdeckt - JV/Blacole-FHD!C30FC45FA202(Trojaner).
    Log-Analyse und Auswertung - 05.04.2013 (9)
  2. JS/Blacole.KH.3 auf hompage vom schachverein gefunden.
    Plagegeister aller Art und deren Bekämpfung - 13.03.2013 (11)
  3. eMail mit Link, der auf php endet / schadhafte Datei gefunden (Exploit:JS/Blacole/GB)
    Log-Analyse und Auswertung - 12.02.2013 (11)
  4. JS/Blacole.KH.3 durch Antivir gefunden, malwarebytes meldet nichts
    Log-Analyse und Auswertung - 11.02.2013 (11)
  5. Mcaffee: WEBDE-DLLUPDATE1.EXE
    Plagegeister aller Art und deren Bekämpfung - 11.01.2013 (56)
  6. ich glaub ich habe einen virus(trojaner>JS/Exploit-Blacole.ht< unter anderen.)
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (5)
  7. Bedrohung: JS:Blacole-AV (Trj) von Avast gefunden
    Log-Analyse und Auswertung - 28.10.2012 (12)
  8. Bedrohung: JS:Blacole-AV (Trj) von Avast gefunden, Ingdiba z.B: gesperrt
    Log-Analyse und Auswertung - 17.10.2012 (6)
  9. Exploit-CVE2012-1723.f und Exploit-PDF!Blacole.o gefunden
    Log-Analyse und Auswertung - 02.10.2012 (11)
  10. Exploit JS Blacole!E2 gefunden - was kann ich tun?
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (12)
  11. (2x) JS/Blacole.P gefunden - was tun?
    Mülltonne - 02.07.2012 (1)
  12. JS/Blacole.P gefunden - was tun?
    Log-Analyse und Auswertung - 02.07.2012 (1)
  13. Exploit:Java/Blacole.ET in C\Users\***\AppData\Local\Temp\jar_cache... gefunden
    Log-Analyse und Auswertung - 06.04.2012 (8)
  14. Java/Exploit.Blacole.AN Trojaner ? Gelöscht, was nu Sys clr oder nicht ?
    Log-Analyse und Auswertung - 23.03.2012 (7)
  15. Diverse Trojaner gefunden? (Blacole.A u.a.) - unsicher über nächste Schritte
    Plagegeister aller Art und deren Bekämpfung - 18.01.2012 (15)
  16. McAffee deaktiviert
    Log-Analyse und Auswertung - 01.06.2010 (1)
  17. WSNPOEM - Trojaner, Konto gesperrt, McAffee gelöscht
    Plagegeister aller Art und deren Bekämpfung - 10.12.2007 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Trojaner Blacole mit McAffee gefunden - Hallo. Anbei das Log nach dem Löschen: Zitat: # AdwCleaner v1.703 - Logfile created 07/24/2012 at 21:40:54 # Updated 20/07/2012 by Xplode # Operating system : Windows 7 Home Premium - Trojaner Blacole mit McAffee gefunden...
Archiv
Du betrachtest: Trojaner Blacole mit McAffee gefunden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131