| |
| |||||||
Log-Analyse und Auswertung: Router wird mit Anfragen überschwemmtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
25.08.2012, 16:52
| #5 |
| |  Router wird mit Anfragen überschwemmt Kurze Frage: Darf ich utorrent wieder ausm OTL Ordner herausholen oder muss ich das da lassen und es neu installieren? mbam log: Code:
ATTFilter Datenbank Version: v2012.08.25.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Andi :: ANDI-ACERNEU [Administrator]
25.08.2012 16:38:59
mbam-log-2012-08-25 (16-38-59).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 372224
Laufzeit: 1 Stunde(n), 5 Minute(n), 39 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 1
HKCR\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|URL (Hijack.SearchPage) -> Bösartig: (hxxp://findgala.com/?&uid=8032&q={searchTerms}) Gut: (hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}) -> Erfolgreich ersetzt und in Quarantäne gestellt.
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 2
C:\Dokumente und Einstellungen\Andi.ANDRUUU\Desktop\SoftonicDownloader_fuer_notebook-batteryinfo.exe (PUP.OfferBundler.ST) -> Keine Aktion durchgeführt.
C:\Downloads\Finished\Ahead.Nero-7.11.10.0.ALL.German.incl.Keygen\Keygen\Nero 7 - Keygen.exe (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
adwcleaner log: Code:
ATTFilter # AdwCleaner v1.801 - Logfile created 08/25/2012 at 17:48:32
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Andi - ANDI-ACERNEU
# Boot Mode : Normal
# Running from : C:\Users\Andi\Desktop\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
Folder Found : C:\Users\Andi\AppData\LocalLow\Vuze_Remote
Folder Found : C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\9lfqnrpj.default\Conduit
Folder Found : C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\9lfqnrpj.default\ConduitEngine
Folder Found : C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\9lfqnrpj.default\extensions\engine@conduit.com
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Folder Found : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Folder Found : C:\ProgramData\Partner
File Found : C:\Users\Andi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
***** [Registry] *****
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
[x64] Key Found : HKCU\Software\Conduit
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
***** [Registre - GUID] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v14.0.1 (de)
Profile name : default
File : C:\Users\Andi\AppData\Roaming\Mozilla\Firefox\Profiles\9lfqnrpj.default\prefs.js
Found : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2504091.CTID", "CT2504091");
Found : user_pref("CT2504091.CurrentServerDate", "4-3-2011");
Found : user_pref("CT2504091.DialogsAlignMode", "LTR");
Found : user_pref("CT2504091.DownloadReferralCookieData", "");
Found : user_pref("CT2504091.EMailNotifierPollDate", "Fri Mar 04 2011 09:12:29 GMT+0100");
Found : user_pref("CT2504091.FeedLastCount129079840422964131", 0);
Found : user_pref("CT2504091.FeedPollDate128891351169457140", "Fri Mar 04 2011 13:37:26 GMT+0100");
Found : user_pref("CT2504091.FeedPollDate129079840422964131", "Fri Mar 04 2011 08:37:26 GMT+0100");
Found : user_pref("CT2504091.FeedTTL128891351169457140", 40);
Found : user_pref("CT2504091.FirstServerDate", "4-3-2011");
Found : user_pref("CT2504091.FirstTime", true);
Found : user_pref("CT2504091.FirstTimeFF3", true);
Found : user_pref("CT2504091.FirstTimeSettingsDone", true);
Found : user_pref("CT2504091.FixPageNotFoundErrors", true);
Found : user_pref("CT2504091.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2504091.Initialize", true);
Found : user_pref("CT2504091.InitializeCommonPrefs", true);
Found : user_pref("CT2504091.InstallationAndCookieDataSentCount", 1);
Found : user_pref("CT2504091.InstallationType", "UnknownIntegration");
Found : user_pref("CT2504091.InstalledDate", "Fri Mar 04 2011 08:37:26 GMT+0100");
Found : user_pref("CT2504091.IsGrouping", false);
Found : user_pref("CT2504091.IsMulticommunity", false);
Found : user_pref("CT2504091.IsOpenThankYouPage", false);
Found : user_pref("CT2504091.IsOpenUninstallPage", false);
Found : user_pref("CT2504091.LanguagePackLastCheckTime", "Fri Mar 04 2011 08:37:33 GMT+0100");
Found : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2504091.LastLogin_2.7.2.0", "Fri Mar 04 2011 08:37:28 GMT+0100");
Found : user_pref("CT2504091.LatestVersion", "2.7.2.0");
Found : user_pref("CT2504091.Locale", "en-us");
Found : user_pref("CT2504091.LoginCache", 4);
Found : user_pref("CT2504091.MCDetectTooltipHeight", "83");
Found : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2504091.MCDetectTooltipWidth", "295");
Found : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2504091.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]
Found : user_pref("CT2504091.SearchInNewTabEnabled", true);
Found : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Fri Mar 04 2011 08:37:29 GMT+0100");
Found : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2504091.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2504091.SettingsLastCheckTime", "Fri Mar 04 2011 08:37:24 GMT+0100");
Found : user_pref("CT2504091.SettingsLastUpdate", "1297858754");
Found : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Fri Mar 04 2011 08:37:24 GMT+0100");
Found : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2504091.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID");
Found : user_pref("CT2504091.UserID", "UN81108713770543217");
Found : user_pref("CT2504091.alertChannelId", "897164");
Found : user_pref("CT2504091.clientLogIsEnabled", false);
Found : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2504091.myStuffEnabled", true);
Found : user_pref("CT2504091.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/CH", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.EngineHiddenByUser", true);
Found : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.IsEngineShown", false);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2504091,ConduitEngine");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
Found : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Jun 26 2011 22:32:22 GMT+02[...]
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 30 2011 10:55:44 GMT+0200");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Jun 30 2011 11:54:31 GMT+0200");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "8b10a09b-889e-4cae-a894-9ce6d5b9a91e");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jun 22 2011 03:07:36 GMT+0200");
Found : user_pref("ConduitEngine.CTID", "ConduitEngine");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Thu Mar 24 2011 01:23:55 GMT+0100");
Found : user_pref("ConduitEngine.FirstServerDate", "03/24/2011 03");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Thu Mar 24 2011 01:23:55 GMT+0100");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Mar 24 2011 01:23:55 GMT+0100");
Found : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Mar 24 2011 01:23:55 GMT+0100");
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Mar 24 2011 01:23:54 GMT+0100");
Found : user_pref("ConduitEngine.UserID", "UN17210247708644077");
Found : user_pref("ConduitEngine.componentAlertEnabled", false);
Found : user_pref("ConduitEngine.engineLocale", "de");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Mar 24 2011 01:23:55 GMT+0100");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Mar 24 2011 01:23:55 GMT+0100");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("ConduitEngine.usagesFlag", 2);
*************************
AdwCleaner[R1].txt - [11031 octets] - [25/08/2012 17:48:32]
########## EOF - C:\AdwCleaner[R1].txt - [11160 octets] ##########
|
| Themen zu Router wird mit Anfragen überschwemmt |
| besser, brauch, code, entfernt, frage, fragen, infos, installiert, internet, laggen, laggt, log, ms security essentials, nichts, notebook, problem, router, scan, scanner, security, seite, seiten, system, trojaner-board, verändert, virenscanner, virus, wirklich, überflutet |
Baum-Darstellung