Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Plagegeister aller Art und deren Bekämpfung: Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 11.08.2012, 13:29   #1
Kanden95
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Hallo Leute, ich habe seit heute den Bundestrojaner auf meinem PC. Und ich habe wirklich null Ahnung was ich tun muss um den von meinem PC zu entfernen.

Könntet ihr mir behilflich sein? Mein PC ist gerade im abgesicherten Modus gestartet mit Netzwerk.

Freue mich auf eure Antworten.

Alt 12.08.2012, 01:22   #2
t'john
/// Helfer-Team
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache




1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

2. Schritt
Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 12.08.2012, 12:56   #3
Kanden95
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Also bevor du geschrieben hattest, habe ich gestern schon Malwarebytes laufen lassen. Nach 4,5 Stunden hatte das Programm 5 infizierte Dateien gefunden, und sie gelöscht. Seitdem kann ich wieder alles benutzen und es scheint bisher alles wieder wie normal zu laufen, mir ist nichts aufgefallen.

Anhang 40498

Die 2 Logs von OTL sind dabei, und das von Malwarebytes auch.
__________________
Alt 12.08.2012, 13:16   #4
t'john
/// Helfer-Team
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache




Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
ATTFilter
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE - HKLM\..\URLSearchHook: - No CLSID value found 
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.) 
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) 
IE - HKLM\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) 
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\URLSearchHook: - No CLSID value found 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.) 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ) 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\SearchScopes\{51A4D242-B37A-4937-B32E-9557FF2176C8}: "URL" = http://go.web.de/tb/ie_searchplugin/?su={searchTerms} 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}: "URL" = http://search.hotspotshield.com/g/results.php?c=s&q={searchTerms} 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421; 
FF - prefs.js..browser.search.update: false 
FF - prefs.js..browser.search.useDBForOrder: true 
FF - prefs.js..browser.startup.homepage: "google.de" 
FF - prefs.js..network.proxy.autoconfig_url: "file:///C:\\Users\\Arman\\AppData\\Local\\Temp\\proxtube.pac" 
FF - prefs.js..network.proxy.backup.ftp: "193.73.184.201" 
FF - prefs.js..network.proxy.backup.ftp_port: 3128 
FF - prefs.js..network.proxy.backup.socks: "193.73.184.201" 
FF - prefs.js..network.proxy.backup.socks_port: 3128 
FF - prefs.js..network.proxy.backup.ssl: "193.73.184.201" 
FF - prefs.js..network.proxy.backup.ssl_port: 3128 
FF - prefs.js..network.proxy.ftp: "77.78.3.83" 
FF - prefs.js..network.proxy.ftp_port: 9090 
FF - prefs.js..network.proxy.http: "23.22.95.3" 
FF - prefs.js..network.proxy.http_port: 8888 
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co" 
FF - prefs.js..network.proxy.share_proxy_settings: true 
FF - prefs.js..network.proxy.socks: "77.78.3.83" 
FF - prefs.js..network.proxy.socks_port: 9090 
FF - prefs.js..network.proxy.ssl: "77.78.3.83" 
FF - prefs.js..network.proxy.ssl_port: 9090 
FF - prefs.js..network.proxy.type: 0 
FF - user.js - File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found 
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found 
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found 
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) 
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found 
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found 
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found 
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found 
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll File not found 
FF - HKCU\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll File not found 
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll 
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) 
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) 
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) 
O3 - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files (x86)\Zynga\tbZyng.dll (Conduit Ltd.) 
O3 - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\Toolbar\WebBrowser: (WEB.DE Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH) 
O3 - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..\Toolbar\WebBrowser: (uTorrentBar_DE Toolbar) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.) 
O4 - HKU\S-1-5-21-50974411-419361550-3491192382-1001..\Run: [Akamai NetSession Interface] C:\Users\Arman\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc) 
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 
O7 - HKU\S-1-5-21-50974411-419361550-3491192382-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) 
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites) 
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites) 
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites) 
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) 
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites) 
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites) 
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites) 
O15 - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) 
O15 - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..Trusted Domains: freerealms.com ([]* in Trusted sites) 
O15 - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..Trusted Domains: soe.com ([]* in Trusted sites) 
O15 - HKU\S-1-5-21-50974411-419361550-3491192382-1001\..Trusted Domains: sony.com ([]* in Trusted sites) 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.1) 
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.4.1) 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) 
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O32 - HKLM CDRom: AutoRun - 1 
O33 - MountPoints2\{7492ec4f-bac3-11e1-9981-dd703940e285}\Shell - "" = AutoRun 
O33 - MountPoints2\{7492ec4f-bac3-11e1-9981-dd703940e285}\Shell\AutoRun\command - "" = J:\Launcher.exe 
O33 - MountPoints2\{dac13d43-f156-11de-8653-806e6f6e6963}\Shell - "" = AutoRun 
O33 - MountPoints2\{dac13d43-f156-11de-8653-806e6f6e6963}\Shell\AutoRun\command - "" = D:\AutoMenu.exe 
O33 - MountPoints2\{fa9278b6-4c86-11df-9066-806e6f6e6963}\Shell - "" = AutoRun 
O33 - MountPoints2\{fa9278b6-4c86-11df-9066-806e6f6e6963}\Shell\AutoRun\command - "" = I:\Borderlands.exe 

[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] 

[2012.08.11 14:51:14 | 004,503,728 | ---- | M] () -- C:\ProgramData\00etadpu.pad 

@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:05EE1EEF 
[2012.08.12 13:26:08 | 4200,595,455 | ---- | M] () -- C:\Users\Arman\Desktop\THE LAST STORY.iso 
[2012.08.12 13:26:08 | 405,012,479 | ---- | C] () -- C:\Users\Arman\Desktop\The Legend of Zelda Twilight Princess.iso 
[2012.08.12 12:00:36 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk 
[2012.08.12 12:01:09 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-50974411-419361550-3491192382-1001UA.job 
[2012.08.12 12:01:25 | 405,012,479 | ---- | C] () -- C:\Users\Arman\Desktop\The Legend of Zelda Skyward Sword.iso 
[2012.08.12 13:13:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job 
[2012.08.12 13:11:30 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job 
[2012.08.12 13:12:00 | 405,012,479 | ---- | M] () -- C:\Users\Arman\Desktop\SUPER MARIO GALAXY MORE.iso 
[2012.08.12 13:12:00 | 405,012,479 | ---- | C] () -- C:\Users\Arman\Desktop\SUPER PAPER MARIO.iso 
[2012.08.12 11:44:40 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job 
[2012.08.12 00:01:03 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-50974411-419361550-3491192382-1001Core.job 
 
[2012.07.06 01:20:50 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\USERS\ARMAN\APPDATA\Roaming\13001.016 
[2012.07.06 01:20:41 | 000,000,051 | ---- | C] () -- C:\Users\Arman\AppData\Roaming\blckdom.res 
:Files

C:\USERS\ARMAN\APPDATA\Roaming\13*
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________
Mfg, t'john
Das TB unterstützen

Alt 12.08.2012, 14:21   #5
Kanden95
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Code:
ATTFilter
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ deleted successfully.
C:\Program Files (x86)\Zynga\tbZyng.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ deleted successfully.
C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ deleted successfully.
C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{7b13ec3e-999a-4b70-b9cb-2617b8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4fe6-8A56-BBB695989046}\ not found.
File C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll not found.
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll not found.
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll moved successfully.
HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\SearchScopes\{51A4D242-B37A-4937-B32E-9557FF2176C8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{51A4D242-B37A-4937-B32E-9557FF2176C8}\ not found.
Registry key HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19}\ not found.
Registry key HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}\ not found.
HKU\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: false removed from browser.search.update
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "google.de" removed from browser.startup.homepage
Prefs.js: "file:///C:\\Users\\Arman\\AppData\\Local\\Temp\\proxtube.pac" removed from network.proxy.autoconfig_url
Prefs.js: "193.73.184.201" removed from network.proxy.backup.ftp
Prefs.js: 3128 removed from network.proxy.backup.ftp_port
Prefs.js: "193.73.184.201" removed from network.proxy.backup.socks
Prefs.js: 3128 removed from network.proxy.backup.socks_port
Prefs.js: "193.73.184.201" removed from network.proxy.backup.ssl
Prefs.js: 3128 removed from network.proxy.backup.ssl_port
Prefs.js: "77.78.3.83" removed from network.proxy.ftp
Prefs.js: 9090 removed from network.proxy.ftp_port
Prefs.js: "23.22.95.3" removed from network.proxy.http
Prefs.js: 8888 removed from network.proxy.http_port
Prefs.js: "localhost, 127.0.0.1, stealthy.co" removed from network.proxy.no_proxies_on
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "77.78.3.83" removed from network.proxy.socks
Prefs.js: 9090 removed from network.proxy.socks_port
Prefs.js: "77.78.3.83" removed from network.proxy.ssl
Prefs.js: 9090 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4\ deleted successfully.
C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@nexon.net/NxGame\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@onlive.com/OnLiveGameClientDetector,version=1.0.0\ deleted successfully.
File C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
File C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}\ deleted successfully.
C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ not found.
File C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll not found.
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7B13EC3E-999A-4B70-B9CB-2617B8323822} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7B13EC3E-999A-4B70-B9CB-2617B8323822}\ not found.
File C:\Program Files (x86)\Zynga\tbZyng.dll not found.
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C424171E-592A-415A-9EB1-DFD6D95D3530} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}\ deleted successfully.
C:\Program Files (x86)\WEB.DE Toolbar\IE\uitb.dll moved successfully.
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}\ not found.
File C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll not found.
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface deleted successfully.
C:\Users\Arman\AppData\Local\Akamai\netsession_win.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLinkedConnections deleted successfully.
Registry value HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ not found.
Registry key HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ not found.
Registry key HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com\ deleted successfully.
Registry key HKEY_USERS\S-1-5-21-50974411-419361550-3491192382-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com\ deleted successfully.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7492ec4f-bac3-11e1-9981-dd703940e285}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7492ec4f-bac3-11e1-9981-dd703940e285}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7492ec4f-bac3-11e1-9981-dd703940e285}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7492ec4f-bac3-11e1-9981-dd703940e285}\ not found.
File J:\Launcher.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dac13d43-f156-11de-8653-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dac13d43-f156-11de-8653-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dac13d43-f156-11de-8653-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dac13d43-f156-11de-8653-806e6f6e6963}\ not found.
File D:\AutoMenu.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa9278b6-4c86-11df-9066-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa9278b6-4c86-11df-9066-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{fa9278b6-4c86-11df-9066-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{fa9278b6-4c86-11df-9066-806e6f6e6963}\ not found.
File I:\Borderlands.exe not found.
C:\Windows\SysWow64\SET7623.tmp deleted successfully.
C:\Windows\SysWow64\SET93F5.tmp deleted successfully.
C:\Windows\SysWow64\SET96B5.tmp deleted successfully.
C:\Windows\SysWow64\SETA435.tmp deleted successfully.
C:\Windows\SysWow64\tmpD6FE.tmp deleted successfully.
C:\Windows\SysWow64\tmpD6FF.tmp deleted successfully.
C:\ProgramData\00etadpu.pad moved successfully.
ADS C:\ProgramData\Temp:05EE1EEF deleted successfully.
File C:\Users\Arman\Desktop\THE LAST STORY.iso not found.
File C:\Users\Arman\Desktop\The Legend of Zelda Twilight Princess.iso not found.
C:\Users\Public\Desktop\Avira Control Center.lnk moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-50974411-419361550-3491192382-1001UA.job moved successfully.
File C:\Users\Arman\Desktop\The Legend of Zelda Skyward Sword.iso not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
File C:\Users\Arman\Desktop\SUPER MARIO GALAXY MORE.iso not found.
File C:\Users\Arman\Desktop\SUPER PAPER MARIO.iso not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-50974411-419361550-3491192382-1001Core.job moved successfully.
C:\USERS\ARMAN\APPDATA\Roaming\13001.016\components folder moved successfully.
C:\USERS\ARMAN\APPDATA\Roaming\13001.016 folder moved successfully.
C:\Users\Arman\AppData\Roaming\blckdom.res moved successfully.
========== FILES ==========
File\Folder C:\USERS\ARMAN\APPDATA\Roaming\13* not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Arman\Desktop\cmd.bat deleted successfully.
C:\Users\Arman\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Arman
->Temp folder emptied: 6696677558 bytes
->Temporary Internet Files folder emptied: 301545021 bytes
->Java cache emptied: 44196599 bytes
->FireFox cache emptied: 826492137 bytes
->Google Chrome cache emptied: 9124207 bytes
->Apple Safari cache emptied: 16384 bytes
->Flash cache emptied: 3179562 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1671168 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 39667200 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 377788979 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 7.916,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Arman
->Flash cache emptied: 0 bytes
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
 
OTL by OldTimer - Version 3.2.57.0 log created on 08122012_150947

Files\Folders moved on Reboot...
C:\Users\Arman\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Windows\SysNative\SET21DD.tmp not found!

PendingFileRenameOperations files...
File C:\Users\Arman\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Windows\SysNative\SET21DD.tmp not found!

Registry entries deleted on Reboot...


Alt 12.08.2012, 14:45   #6
t'john
/// Helfer-Team
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Sehr gut!

Wie laeuft der Rechner?

1. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
--> Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache

Alt 12.08.2012, 17:22   #7
Kanden95
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Okay, das mach ich dann morgen, hab heute keine Zeit mehr.

Alt 12.08.2012, 18:38   #8
t'john
/// Helfer-Team
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Ok, mit dem PC aber nicht surfen in der Zwischenzeit.
__________________
Mfg, t'john
Das TB unterstützen

Alt 13.08.2012, 00:35   #9
Kanden95
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


So hier der Log von Malwarebytes

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.12.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Arman :: ARMAN-PC [Administrator]

Schutz: Deaktiviert

12.08.2012 20:57:29
mbam-log-2012-08-12 (20-57-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 644032
Laufzeit: 4 Stunde(n), 34 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Der Log von ADW Cleaner

Code:
ATTFilter
# AdwCleaner v1.800 - Logfile created 08/13/2012 at 01:34:11
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Arman - ARMAN-PC
# Running from : C:\Users\Arman\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Arman\AppData\Local\Conduit
Folder Found : C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Folder Found : C:\Users\Arman\AppData\Local\OpenCandy
Folder Found : C:\Users\Arman\AppData\LocalLow\Conduit
Folder Found : C:\Users\Arman\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Arman\AppData\LocalLow\uTorrentBar_DE
Folder Found : C:\Users\Arman\AppData\LocalLow\Zynga
Folder Found : C:\Users\Arman\AppData\LocalLow\Zynga
Folder Found : C:\Users\Arman\AppData\Roaming\OpenCandy
Folder Found : C:\ProgramData\Trymedia
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Found : C:\Program Files (x86)\uTorrentBar_DE
Folder Found : C:\Program Files (x86)\Zynga
Folder Found : C:\Program Files (x86)\Zynga

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2438727[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Ask.com.tmp
Key Found : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\DT Soft
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_DE Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zynga Toolbar
Key Found : HKLM\SOFTWARE\uTorrentBar_DE
Key Found : HKLM\SOFTWARE\Zynga
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
[x64] Key Found : HKCU\Software\AppDataLow\Software\PriceGong
[x64] Key Found : HKCU\Software\AppDataLow\Software\SmartBar
[x64] Key Found : HKCU\Software\AppDataLow\Toolbar
[x64] Key Found : HKCU\Software\Ask.com.tmp
[x64] Key Found : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
[x64] Key Found : HKCU\Software\Softonic

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D78086D5-D1FA-4B27-AF1F-165B0B6D7946}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C88B21E-9949-44BE-A276-607DDDC179A3}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0A4DE2A-2D2E-4F30-9A2F-83407F070DE4}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D78086D5-D1FA-4B27-AF1F-165B0B6D7946}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
[x64] Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B13EC3E-999A-4B70-B9CB-2617B8323822}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default 
File : C:\Users\Arman\AppData\Roaming\Mozilla\Firefox\Profiles\9w3gxgv3.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found :                   "default_title": "uTorrentBar_DE Community Toolbar",
Found :                "name": "uTorrentBar_DE",
Found :                "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT285164[...]
Found :          "path": "C:\\Users\\Arman\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dll",

*************************

AdwCleaner[R1].txt - [7502 octets] - [13/08/2012 01:34:11]

########## EOF - C:\AdwCleaner[R1].txt - [7630 octets] ##########

Alt 13.08.2012, 14:25   #10
t'john
/// Helfer-Team
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Sehr gut!


  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html
__________________
Mfg, t'john
Das TB unterstützen

Alt 13.08.2012, 16:40   #11
Kanden95
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Hier erstmal der Log von ADW Cleaner

Code:
ATTFilter
# AdwCleaner v1.800 - Logfile created 08/13/2012 at 17:32:03
# Updated 01/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Arman - ARMAN-PC
# Running from : C:\Users\Arman\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Arman\AppData\Local\Conduit
Folder Deleted : C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Folder Deleted : C:\Users\Arman\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Arman\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Arman\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Arman\AppData\LocalLow\uTorrentBar_DE
Folder Deleted : C:\Users\Arman\AppData\LocalLow\Zynga
Folder Deleted : C:\Users\Arman\AppData\Roaming\OpenCandy
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\Program Files (x86)\uTorrentBar_DE
Folder Deleted : C:\Program Files (x86)\Zynga

***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2851647
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Ask.com.tmp
Key Deleted : HKCU\Software\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DT Soft
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_DE Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zynga Toolbar
Key Deleted : HKLM\SOFTWARE\uTorrentBar_DE
Key Deleted : HKLM\SOFTWARE\Zynga

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D78086D5-D1FA-4B27-AF1F-165B0B6D7946}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C88B21E-9949-44BE-A276-607DDDC179A3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0A4DE2A-2D2E-4F30-9A2F-83407F070DE4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B13EC3E-999A-4B70-B9CB-2617B8323822}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D78086D5-D1FA-4B27-AF1F-165B0B6D7946}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2E61BEA4-D5C3-443E-92B7-672B0E36D5FE}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7B13EC3E-999A-4B70-B9CB-2617B8323822}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
[x64] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (de)

Profile name : default 
File : C:\Users\Arman\AppData\Roaming\Mozilla\Firefox\Profiles\9w3gxgv3.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Arman\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted :                   "default_title": "uTorrentBar_DE Community Toolbar",
Deleted :                "name": "uTorrentBar_DE",
Deleted :                "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT285164[...]
Deleted :          "path": "C:\\Users\\Arman\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\\npUnity3D32.dll",

*************************

AdwCleaner[R1].txt - [7591 octets] - [13/08/2012 01:34:11]
AdwCleaner[R2].txt - [7651 octets] - [13/08/2012 01:37:21]
AdwCleaner[R3].txt - [6803 octets] - [13/08/2012 17:31:53]
AdwCleaner[S1].txt - [5499 octets] - [13/08/2012 17:32:03]

########## EOF - C:\AdwCleaner[S1].txt - [5627 octets] ##########

Alt 13.08.2012, 16:59   #12
t'john
/// Helfer-Team
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Emsisoft Log?
__________________
Mfg, t'john
Das TB unterstützen

Alt 13.08.2012, 17:35   #13
Kanden95
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Nein der von ADW Cleaner, den man nach dem Neustart bekommt, nach dem löschen.

Alt 13.08.2012, 21:08   #14
t'john
/// Helfer-Team
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Ne, ich warte auf das Emsisoft Log
__________________
Mfg, t'john
Das TB unterstützen

Alt 13.08.2012, 23:58   #15
Kanden95
 
Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Standard

Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


Hier der Log. Sollen die Funde in Quarantäne?

Code:
ATTFilter
Emsisoft Anti-Malware - Version 6.6
Letztes Update: 13.08.2012 17:47:40

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\
Archiv Scan: An
ADS Scan: An

Scan Beginn:	13.08.2012 17:49:59

c:\program files (x86)\gamespy arcade 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\addins 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\cstrike 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\cstrike\frontline 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\halflife 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\halflife\action 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\halflife\cstrike 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\halflife\firearms 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\aq2 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\battle 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\halflife\frontline 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\halflife\gearbox 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\halflife\tfc 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\chaosdm 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\duel 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\freeze 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\gloom 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\gxmod 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\holywars 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\jail 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\kots 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\lfiredm 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\lithium2 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\lmctf 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\pball 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\q2comp 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\qpong 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\ra2 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\requiem 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\sconfig 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\wf 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\wod 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake2\tourney 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\alliance 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\beryllium 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\excessive 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\instagib 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\jailbreak 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\matchmod 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\osp 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\q3comp 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\q3f 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\q3ut2 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\requiem 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\rocketarena3 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\quake3\wfa 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\arena 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\ch 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\ctf 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\ctfb 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\ctfplus 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\dd 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\dm 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\duel 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\fr 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\mt 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\open cal 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\rpg 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\tribes\tac 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\ut 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\ut\excessive 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\ut\rocketarena 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\custom\ut\swat 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\images 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\images\icons 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\images\portraits 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\profiles 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\profiles\(default) 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_common 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_demospy 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_fplanet 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_gnews 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_gspyder 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_news 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_support 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\skins 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\sounds 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\sounds\(default) 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\sounds\classic 	gefunden: Trace.File.gamespy arcade!E1
c:\users\arman\appdata\roaming\microsoft\windows\start menu\programs\gamespy arcade 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\dat.bmp 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\4dca9208.dat 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\def_banner.gif 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\arcres.dll 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\def_banner.html 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\def_bannerbg.jpg 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\def_loading.gif 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\def_logo.jpg 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\def_news.html 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\gamespy arcade - debug.lnk 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\gamespy arcade help.url 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\gamespy arcade website.url 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\aphex.exe 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\fpupdate.exe 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\gamespy arcade.lnk 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\gamespy.com gaming's homepage.url 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\gslan.dll 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\install.log 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\gsws.dll 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\gsapak.exe 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\pw32.dll 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\readme.html 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\register gamespy arcade.url 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\rptcrash.exe 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_news\rsrc.dir 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_news\service_tab.psd 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_news\service_tab+.tga 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_support\rsrc.dir 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\services\_support\service_tab.psd 	gefunden: Trace.File.gamespy arcade!E1
c:\program files (x86)\gamespy arcade\ws_default.html 	gefunden: Trace.File.gamespy arcade!E1
Value: hkey_current_user\software\gamespy\gamespy arcade --> instdir 	gefunden: Trace.Registry.gamespy arcade!E1
Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\gamespy arcade --> displayname 	gefunden: Trace.Registry.gamespy arcade!E1
Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\gamespy arcade --> uninstallstring 	gefunden: Trace.Registry.gamespy arcade!E1
Value: hkey_current_user\software\bitlord\bitcomet\appwindow --> favsite 	gefunden: Trace.Registry.bitlord 1.1!E1
Value: hkey_current_user\software\bitlord\bitcomet\appwindow --> maximized 	gefunden: Trace.Registry.bitlord 1.1!E1
Value: hkey_current_user\software\bitlord\bitcomet\appwindow --> statusbar 	gefunden: Trace.Registry.bitlord 1.1!E1
Value: hkey_current_user\software\bitlord\bitcomet\appwindow --> toolbar 	gefunden: Trace.Registry.bitlord 1.1!E1
Value: hkey_current_user\software\infinite interactive\puzzle quest --> music 	gefunden: Trace.Registry.puzzle quest!E1
Value: hkey_current_user\software\infinite interactive\puzzle quest --> sfx 	gefunden: Trace.Registry.puzzle quest!E1
Key: hkey_local_machine\software\trymedia systems 	gefunden: Trace.Registry.trymedia!E1
Key: hkey_local_machine\software\trymedia systems\activemark software 	gefunden: Trace.Registry.trymedia!E1
C:\Users\Arman\Documents\Old Game Optimizations\FOV\viceFOV.exe 	gefunden: Win32.SuspectCrc!E2
C:\Users\Arman\Documents\Old Game Optimizations\FOV\gta3FOV.exe 	gefunden: Win32.SuspectCrc!E2
C:\Program Files (x86)\Ubisoft\Tom Clancy's Splinter Cell Conviction\src\system\SKIDROW.exe 	gefunden: Riskware.Hacktool.Skidrow!E2
C:\Program Files (x86)\Su-Bi Loader\leecher.exe 	gefunden: Virus.Win32.Heur!E2
C:\Program Files (x86)\Origin Games\Die Sims 3 Einfach tierisch Erstelle ein Tier-Demo\__Installer\Sims3CAPSetup.exe 	gefunden: Virus.Win32.Sality!E2

Gescannt	895773
Gefunden	131

Scan Ende:	14.08.2012 00:57:43
Scan Zeit:	7:07:44

Antwort
Seite 1 von 2 1 2

Themen zu Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache
abgesicherte, abgesicherten, abgesicherten modus, ahnung, anmache, antworten, bundes, bundespolizei, bundespolizei trojaner, bundestrojaner, desktop, entferne, gestartet, heute, leute, modus, sobald, sperrt, troja, trojaner, wirklich, worte


« Ukash Trojaner.. | GVU-Trojaner wohl beseitigt, Malwarebytes findet aber C:\Users\Wayne\AppData\Roaming\Awasx\suyqy.exe »

Ähnliche Themen: Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache


  1. Bundespolizei sperrt ihren Browser. PC funktioniert noch und habe ich Trojaner aufm PC?
    Plagegeister aller Art und deren Bekämpfung - 12.12.2013 (11)
  2. GVU/Bundespolizei Trojaner mit Zugriff auf Webcam sperrt Windows 7 komplett
    Log-Analyse und Auswertung - 19.07.2013 (7)
  3. GVU sperrt Desktop
    Log-Analyse und Auswertung - 08.02.2013 (22)
  4. Bundespolizei Trojaner sperrt Rechner
    Log-Analyse und Auswertung - 29.10.2012 (47)
  5. GVU (Bundespolizei) Trojaner mit Webcam sperrt Laptop
    Log-Analyse und Auswertung - 24.10.2012 (2)
  6. bundespolizei trojaner sperrt computer hilfe
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (4)
  7. Trojaner Bundespolizei sperrt PC!
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (12)
  8. Bundespolizei Trojaner sperrt den PC
    Log-Analyse und Auswertung - 26.08.2012 (13)
  9. Bundespolizei Trojaner sperrt Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (16)
  10. Virus eingefangen - sobald PC ins Internet will kommt Bundespolizei
    Plagegeister aller Art und deren Bekämpfung - 11.07.2012 (3)
  11. Bundespolizei Trojaner sperrt meinen Internetzugang!
    Log-Analyse und Auswertung - 11.07.2012 (17)
  12. GVU Trojaner sperrt das System sobald der Rechner am Internet hängt.
    Log-Analyse und Auswertung - 05.07.2012 (1)
  13. Bundespolizei-Trojaner blockiert PC, sobald Internet-Verbindung steht
    Log-Analyse und Auswertung - 14.06.2012 (5)
  14. Verschlüsselungs-Trojaner Ukash sperrt meinen Desktop
    Plagegeister aller Art und deren Bekämpfung - 11.06.2012 (3)
  15. Ukash - Bundespolizei Trojaner sperrt Rechner
    Plagegeister aller Art und deren Bekämpfung - 05.03.2012 (3)
  16. Bundespolizei Trojaner sperrt Laptop
    Plagegeister aller Art und deren Bekämpfung - 21.12.2011 (12)
  17. Desktop Icons und Taskleiste verschwinden sobald ich Dateien öffnen will
    Plagegeister aller Art und deren Bekämpfung - 28.06.2006 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache - Hallo Leute, ich habe seit heute den Bundestrojaner auf meinem PC. Und ich habe wirklich null Ahnung was ich tun muss um den von meinem PC zu entfernen. Könntet ihr - Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache...
Archiv
Du betrachtest: Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129