Windows 7 Home Premium - SpyHunter 4 deinstallieren

SirRolus · 11.09.2014, 14:55

Moin,

Schritt 1:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-09-2014 01
Ran by Rolf at 2014-09-11 13:08:10 Run:1
Running from C:\Users\Rolf\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
SearchScopes: HKCU - {0B47E39E-CC7D-402E-90D9-0CB0E4441D7E} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297969&CUI=UN36078130452709221&UM=1
C:\ProgramData\iodvf4bn.fee
C:\Users\MC\Firefox_Setup_3.0.19.exe
C:\Users\Rolf\6189140.dll
C:\Users\Rolf\AppData\Roaming\skype.ini
Task: {1912D3EB-FE3A-440F-B559-1970D3A79EAB} - System32\Tasks\{FD9269D2-5D38-4BCF-A7FB-CD06F93250AF} => Firefox.exe 
Task: {3331F12C-D0B5-47DE-A5C7-7B35F7F52C0F} - System32\Tasks\{69B4B3B8-A64F-41DE-88CF-4F324DFBE922} => Firefox.exe 
Task: {51754C10-68D3-4D3D-8202-260883961A8F} - System32\Tasks\{05BDFB23-0F8C-4C5A-B2C6-DA9D84C1FA38} => Firefox.exe 
Task: {6C808585-893A-4DAF-9525-2D672D678999} - System32\Tasks\{186EC9AA-810B-4B45-BF43-ABEA5546A681} => Firefox.exe 
Task: {78540C57-559F-4A50-A976-A259650C0B27} - System32\Tasks\{33EA3D89-AE11-4A13-A70F-E690857C0E72} => Firefox.exe 
Task: {85C39D71-F034-416D-B551-8D3913292C2F} - System32\Tasks\{2818F012-A066-45E2-BC7B-2D03A36F26E1} => Firefox.exe 
Task: {9E6D862B-3ED0-4B4E-A7B3-661CDB376278} - System32\Tasks\{1AB5D059-0D47-48B2-9055-02C565622DAA} => Firefox.exe 
Task: {BC6FA306-5B20-4E8C-BD17-D0F9B624E8B3} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {E3F8AD3F-EEED-4EB3-B187-2C6BBE3B462D} - System32\Tasks\4584 => Wscript.exe C:\Users\Rolf\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {F1B2581F-873F-4EAD-8E55-691BE65143DE} - System32\Tasks\{FF23ABBD-B04B-4EB4-8839-D959D9A1B31B} => Firefox.exe 
C:\Windows\pss\ctfmon.lnk.Startup
C:\Windows\pss\runctf.lnk.Startup
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Rolf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ctfmon.lnk
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Rolf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^runctf.lnk
EmptyTemp:
end
         
*****************

Processes closed successfully.
HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B47E39E-CC7D-402E-90D9-0CB0E4441D7E}" => Key deleted successfully.
"HKCR\CLSID\{0B47E39E-CC7D-402E-90D9-0CB0E4441D7E}" => Key not found.
C:\ProgramData\iodvf4bn.fee => Moved successfully.
C:\Users\MC\Firefox_Setup_3.0.19.exe => Moved successfully.
C:\Users\Rolf\6189140.dll => Moved successfully.
C:\Users\Rolf\AppData\Roaming\skype.ini => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1912D3EB-FE3A-440F-B559-1970D3A79EAB}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1912D3EB-FE3A-440F-B559-1970D3A79EAB}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FD9269D2-5D38-4BCF-A7FB-CD06F93250AF} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FD9269D2-5D38-4BCF-A7FB-CD06F93250AF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3331F12C-D0B5-47DE-A5C7-7B35F7F52C0F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3331F12C-D0B5-47DE-A5C7-7B35F7F52C0F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{69B4B3B8-A64F-41DE-88CF-4F324DFBE922} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{69B4B3B8-A64F-41DE-88CF-4F324DFBE922}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51754C10-68D3-4D3D-8202-260883961A8F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51754C10-68D3-4D3D-8202-260883961A8F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{05BDFB23-0F8C-4C5A-B2C6-DA9D84C1FA38} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{05BDFB23-0F8C-4C5A-B2C6-DA9D84C1FA38}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C808585-893A-4DAF-9525-2D672D678999}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C808585-893A-4DAF-9525-2D672D678999}" => Key deleted successfully.
C:\Windows\System32\Tasks\{186EC9AA-810B-4B45-BF43-ABEA5546A681} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{186EC9AA-810B-4B45-BF43-ABEA5546A681}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78540C57-559F-4A50-A976-A259650C0B27}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78540C57-559F-4A50-A976-A259650C0B27}" => Key deleted successfully.
C:\Windows\System32\Tasks\{33EA3D89-AE11-4A13-A70F-E690857C0E72} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{33EA3D89-AE11-4A13-A70F-E690857C0E72}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{85C39D71-F034-416D-B551-8D3913292C2F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85C39D71-F034-416D-B551-8D3913292C2F}" => Key deleted successfully.
C:\Windows\System32\Tasks\{2818F012-A066-45E2-BC7B-2D03A36F26E1} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2818F012-A066-45E2-BC7B-2D03A36F26E1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E6D862B-3ED0-4B4E-A7B3-661CDB376278}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E6D862B-3ED0-4B4E-A7B3-661CDB376278}" => Key deleted successfully.
C:\Windows\System32\Tasks\{1AB5D059-0D47-48B2-9055-02C565622DAA} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1AB5D059-0D47-48B2-9055-02C565622DAA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC6FA306-5B20-4E8C-BD17-D0F9B624E8B3}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC6FA306-5B20-4E8C-BD17-D0F9B624E8B3}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3F8AD3F-EEED-4EB3-B187-2C6BBE3B462D}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3F8AD3F-EEED-4EB3-B187-2C6BBE3B462D}" => Key deleted successfully.
C:\Windows\System32\Tasks\4584 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\4584" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F1B2581F-873F-4EAD-8E55-691BE65143DE}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1B2581F-873F-4EAD-8E55-691BE65143DE}" => Key deleted successfully.
C:\Windows\System32\Tasks\{FF23ABBD-B04B-4EB4-8839-D959D9A1B31B} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FF23ABBD-B04B-4EB4-8839-D959D9A1B31B}" => Key deleted successfully.
C:\Windows\pss\ctfmon.lnk.Startup => Moved successfully.
C:\Windows\pss\runctf.lnk.Startup => Moved successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Rolf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ctfmon.lnk => Key Deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Rolf^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^runctf.lnk => Key Deleted successfully.
EmptyTemp: => Removed 975.2 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

Zu Schritt 2 habe ich folgende Frage:

Geht das ganze auch Offline? Ich habe Manschetten 3 Stunden ohne Firewall online zu sein.

tschau sirrolus

Windows 7 Home Premium - SpyHunter 4 deinstallieren

Log-Analyse und Auswertung: Windows 7 Home Premium - SpyHunter 4 deinstallieren

Windows 7 Home Premium - SpyHunter 4 deinstallieren

Ähnliche Themen: Windows 7 Home Premium - SpyHunter 4 deinstallieren