Windows7: Nach Rücksprache mit der Bank, Trojaner!

Klimmbimm · 24.11.2014, 19:19

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-11-2014
Ran by Michael at 2014-11-24 18:49:40 Run:2
Running from C:\Users\Michael\Desktop
Loaded Profiles: Michael & UpdatusUser (Available profiles: Michael & Karin & UpdatusUser & DefaultAppPool)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-87533949-387844018-1791789059-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
C:\ProgramData\Windows Genuine Advantage
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\apnwidgets.ask.com
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Folder: C:\Windows\system32\CFG3368503838
EmptyTemp:
end
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-87533949-387844018-1791789059-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
C:\ProgramData\Windows Genuine Advantage => Moved successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\apnwidgets.ask.com => Key Deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\DOMStorage\ask.com => Key Deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} => Key Deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com => Key Deleted successfully.

========================= Folder: C:\Windows\system32\CFG3368503838 ========================

The path is not a directory.
EmptyTemp: => Removed 19.6 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====

Hallo Matthias,

das Programm EEK ließ trotz Administratorrechten nicht öffnen!
Soll ich mit eset weitermachen?

Gruß
Michael

Windows7: Nach Rücksprache mit der Bank, Trojaner!

Log-Analyse und Auswertung: Windows7: Nach Rücksprache mit der Bank, Trojaner!

Windows7: Nach Rücksprache mit der Bank, Trojaner!

Ähnliche Themen: Windows7: Nach Rücksprache mit der Bank, Trojaner!