Zurück   Trojaner-Board > Malware entfernen > Antiviren-, Firewall- und andere Schutzprogramme

Antiviren-, Firewall- und andere Schutzprogramme: Plus Network

Windows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Thema geschlossen
Alt 17.08.2015, 17:33   #1
Foebiaen
 
Plus Network - Unglücklich

Plus Network



Hallo ryder,

hier ist meine Antwort.
Ich sollte dir den Inhalt mit meiner nächsten Antwort posten:AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.000 - Logfile created 17/08/2015 at 18:01:28
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Oberacker - OBERACKER-PC
# Running from : C:\Users\Oberacker\Desktop\AdwCleaner_5.000.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[-] Service Deleted : {21491f5b-6276-4e3c-b27f-5a32e6bfda48}Gw64
[-] Service Deleted : {6dd55e9a-3d06-4d70-b5e7-05fc3e0a3d66}Gw64
[-] Service Deleted : {848705a5-8a27-403e-9b59-732d0608bcbc}Gw64
[-] Service Deleted : scfd_1_10_0_16
[-] Service Deleted : 23cb3056
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\Crossbrowse
[-] Folder Deleted : C:\Program Files (x86)\LighterModulator
[-] Folder Deleted : C:\Program Files (x86)\AnySend
[-] Folder Deleted : C:\Program Files (x86)\HighlightSearches
[-] Folder Deleted : C:\Program Files (x86)\app_setup
[-] Folder Deleted : C:\Program Files (x86)\bestadblocker
[-] Folder Deleted : C:\Program Files (x86)\PriceMinus
[-] Folder Deleted : C:\Program Files (x86)\ConnectPC
[-] Folder Deleted : C:\Program Files (x86)\Fragile Fixer
[-] Folder Deleted : C:\Program Files (x86)\Edu App
[!] Folder Not Deleted : C:\Program Files (x86)\bestadblocker
[!] Folder Not Deleted : C:\Program Files (x86)\LighterModulator
[-] Folder Deleted : C:\Program Files (x86)\Priceless
[!] Folder Not Deleted : C:\Program Files (x86)\PriceMiNus
[-] Folder Deleted : C:\ProgramData\Browser
[-] Folder Deleted : C:\ProgramData\NavRight
[-] Folder Deleted : C:\ProgramData\DesktopSearch
[!] Folder Not Deleted : C:\ProgramData\DesktopSearch
[-] Folder Deleted : C:\ProgramData\5367101447658642785
[-] Folder Deleted : C:\ProgramData\{40379965-111a-1893-4037-799651116594}
[-] Folder Deleted : C:\ProgramData\{aeb827bc-156d-4235-aeb8-827bc1569ef0}
[-] Folder Deleted : C:\ProgramData\hjnhmgnbmhbojgecldcnamhdpledgjkc
[-] Folder Deleted : C:\ProgramData\nifdeocakbfmbcipgnpeoobadgeocodl
[-] Folder Deleted : C:\ProgramData\paieeneblknmjfhcjekdccndhcnliaek
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse
[-] Folder Deleted : C:\Users\Oberacker\SupTab
[-] Folder Deleted : C:\Users\Oberacker\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Oberacker\AppData\Local\Crossbrowse
[-] Folder Deleted : C:\Users\Oberacker\AppData\Local\C055B2AD-1432623366-DD11-A9C4-8F8657D1D855
[-] Folder Deleted : C:\Users\Oberacker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Folder Deleted : C:\Users\Oberacker\AppData\LocalLow\SmartWeb
[-] Folder Deleted : C:\Users\Oberacker\AppData\Roaming\AnyProtectEx
[-] Folder Deleted : C:\Users\Oberacker\AppData\Roaming\OpenCandy
[-] Folder Deleted : C:\Users\Oberacker\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\abengine
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Oberacker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fcfenmboojpjinhpgggodefccipikbpd_0.localstorage
[-] File Deleted : C:\Users\Oberacker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\crossbrowse.lnk
[-] File Deleted : C:\Users\Oberacker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
[-] File Deleted : C:\Users\Oberacker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
[-] File Deleted : C:\Windows\Sysnative\abengine64.dll
[-] File Deleted : C:\Windows\Sysnative\abengineOff.ini
[-] File Deleted : C:\Windows\SysWOW64\abengineOff.ini
 
***** [ Shortcuts ] *****
 
[-] Shortcut Disinfected : C:\Users\Oberacker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Oberacker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : AmiUpdXp
[-] Task Deleted : APSnotifierPP1
[-] Task Deleted : APSnotifierPP2
[-] Task Deleted : APSnotifierPP3
[-] Task Deleted : Crossbrowse
[-] Task Deleted : Optimizer Pro Schedule
[-] Task Deleted : iren3006
[-] Task Deleted : LaunchPreSignup
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
[-] Task Deleted : Periodic Synchronize Task
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-1-6
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-1-7
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-10_user
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-3
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-5
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-5_user
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-6
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-7
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-1-6
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-1-7
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-10_user
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-3
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-5
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-5_user
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-6
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-7
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-1-6
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-1-7
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-10_user
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-3
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-5
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-5_user
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-6
[-] Task Deleted : 59e31bc9-32bd-45da-b88e-b1c3077f9375-7
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-1-6
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-1-7
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-10_user
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-3
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-5
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-5_user
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-6
[-] Task Deleted : 8efae85f-634a-48e7-a956-8614fbd2713b-7
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\abengine.EXE
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine
[-] Key Deleted : HKLM\SOFTWARE\Classes\CRSBRWSHTML
[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\crossbrowse.exe
[-] Value Deleted : HKLM\SOFTWARE\Classes\.htm\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.html\OpenWithProgids [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mbot_de_637]
[-] Key Deleted : HKCU\Software\a32fa5d8d99facda4e95f29eca0b566d
[-] Key Deleted : HKLM\SOFTWARE\354f0073-ee48-39d4-99d8-044aeb938c5e
[-] Key Deleted : HKLM\SOFTWARE\a01ec4dc-2868-4d29-8a97-72566705b133
[-] Key Deleted : HKLM\SOFTWARE\e1b850fc-0319-4501-93ea-3020b91f6b13
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{f6d5a24}
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaafeopjhkcolncjbedbhofpocmdbn
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1BCB34DC-BA6D-4B44-B786-4E259598A7C8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8415E549-C9A7-42AA-9CA2-1FAE7F485432}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96BB8E60-6EF9-47E0-9ED8-4AD477ECF427}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKCU\Software\AnyProtect
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\MyBestOffersToday
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKCU\Software\powerpack
[-] Key Deleted : HKCU\Software\simplytech
[-] Key Deleted : HKCU\Software\Crossbrowse
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\sidecom
[-] Key Deleted : HKCU\Software\Edu App
[-] Key Deleted : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\SmartWeb
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key Deleted : HKLM\SOFTWARE\TabNav
[-] Key Deleted : HKLM\SOFTWARE\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Edu App
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossbrowse
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{06B99631-BFA2-3B7A-F58B-D067C2BA59B7}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[!] Key Not Deleted : [x64] HKCU\Software\AnyProtect
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\MyBestOffersToday
[!] Key Not Deleted : [x64] HKCU\Software\OCS
[!] Key Not Deleted : [x64] HKCU\Software\powerpack
[!] Key Not Deleted : [x64] HKCU\Software\simplytech
[!] Key Not Deleted : [x64] HKCU\Software\Crossbrowse
[!] Key Not Deleted : [x64] HKCU\Software\YorkNewCin
[!] Key Not Deleted : [x64] HKCU\Software\sidecom
[!] Key Not Deleted : [x64] HKCU\Software\Edu App
[!] Key Not Deleted : [x64] HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-3096738606-605287095-13954992-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKU\S-1-5-21-3096738606-605287095-13954992-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-3096738606-605287095-13954992-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : HKU\S-1-5-21-3096738606-605287095-13954992-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data Restored : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
 
***** [ Web browsers ] *****
 
 
*************************
 
:: Proxy settings cleared
:: Winsock settings cleared
!! Unable to delete Internet Explorer policies
:: Chrome policies deleted
 
*************************
 
C:\AdwCleaner[C1].txt - [17987 octets] - [17/08/2015 18:01:28]
C:\AdwCleaner[S1].txt - [19853 octets] - [17/08/2015 17:57:45]
 
########## EOF - C:\AdwCleaner[C1].txt - [18115 octets] ##########
         
--- --- ---

Alt 17.08.2015, 17:46   #2
Keckrem
 
Plus Network - Standard

Plus Network



Hi,

worauf bezieht sich deine Antwort?
Link zum alten Thread, wenn es denn einen gibt?
__________________


Alt 17.08.2015, 17:54   #3
Foebiaen
 
Plus Network - Standard

Alter Link



http://www.trojaner-board.de/131451-...er-gefahr.html

attach:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.DDS Logfile:
Code:
ATTFilter
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 12.06.2014 16:04:05
System Uptime: 17.08.2015 18:07:33 (0 hours ago)
.
Motherboard: Acer            |  | BigBear2                       
Processor: Intel(R) Core(TM)2 Duo CPU     T6400  @ 2.00GHz | U2E1 | 2000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 149 GiB total, 12,371 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft-Teredo-Tunneling-Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
Class GUID: 
Description: 
Device ID: ACPI\WEC1040\4&1912E939&0
Manufacturer: 
Name: 
PNP Device ID: ACPI\WEC1040\4&1912E939&0
Service: 
.
==== System Restore Points ===================
.
RP152: 17.08.2015 14:58:35 - Geplanter Prüfpunkt
.
==== Installed Programs ======================
.
Adobe Flash Player 18 ActiveX
Adobe Flash Player 18 NPAPI
Adobe Reader 9 - Deutsch
Akamai NetSession Interface
Avira
Avira Antivirus
BlueStacks App Player
BlueStacks Notification Center
Canon MG5300 series MP Drivers
Counter-Strike: Global Offensive
Garry's Mod
Google Chrome
Google Update Helper
League of Legends
Metric Collection SDK 35
Microsoft .NET Framework 4.5.1 (DEU)
Microsoft .NET Framework 4.5.1 (Deutsch)
Microsoft .NET Framework 4.5.2
Microsoft ASP.NET MVC 4 Runtime
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007
Microsoft Office Excel MUI (German) 2007
Microsoft Office File Validation Add-In
Microsoft Office InfoPath MUI (German) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (German) 2007
Microsoft Office PowerPoint MUI (German) 2007
Microsoft Office Professional Plus 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Italian) 2007
Microsoft Office Proofing (German) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007
Microsoft Office Shared 64-bit MUI (German) 2007
Microsoft Office Shared MUI (German) 2007
Microsoft Office Word MUI (German) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Minecraft
Norton Security
NVIDIA GeForce Experience 2.4.3.22
NVIDIA GeForce Experience Service
NVIDIA Grafiktreiber 341.44
NVIDIA HD-Audiotreiber 1.3.30.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX-Systemsoftware 9.13.1220
NVIDIA ShadowPlay 2.4.3.22
NVIDIA Systemsteuerung 341.44
NVIDIA Update 2.4.3.22
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.27
Security Update for Microsoft Office 2007 suites (KB2596650) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687409) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2825645) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2837610) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB3054888) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB3054890) 32-Bit Edition 
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2863812) 32-Bit Edition 
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965208) 32-Bit Edition 
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2986254) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB3054992) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB3055051) 32-Bit Edition 
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB3055052) 32-Bit Edition 
SHIELD Streaming
SHIELD Wireless Controller Driver
Skype Click to Call
Skype™ 7.6
Steam
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2965286) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB3055023) 32-Bit Edition
WinRAR 5.21 (64-Bit)
.
==== End Of File ===========================

dds:DDS Logfile:
Code:
ATTFilter
DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17937
Run by Oberacker at 18:42:52 on 2015-08-17
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4091.2880 [GMT 2:00]
.
AV: Norton Security *Disabled/Outdated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security *Disabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Windows\system32\GWX\GWX.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\NS.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Users\Oberacker\AppData\Roaming\C055B2AD-1432615957-DD11-A9C4-8F8657D1D855\hnss3093.tmp
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\NS.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\System32\msdtc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\WUDFHost.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
uProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\coieplg.dll
uRun: [Adobe Updater] C:\Users\Oberacker\AppData\Roaming\Microsoft\explorer.exe
uRun: [a32fa5d8d99facda4e95f29eca0b566d] "C:\Windows\Microsoft.NET\Framework\v2.0.50727\RegSvcs.exe" ..
uRun: [GoogleChromeAutoLaunch_861D11224AAA9AD435564B7312EA58CD] "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
uRun: [Akamai NetSession Interface] "C:\Users\Oberacker\AppData\Local\Akamai\netsession_win.exe"
mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Avira Systray] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
StartupFolder: C:\Users\Oberacker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\a32fa5d8d99facda4e95f29eca0b566d.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Nach Microsoft E&xel exportieren - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: aeriagames.com
Trusted Zone: aeriagames.com
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{B225ADB4-D6CD-484F-84B9-7F29FFB8B8E5} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B225ADB4-D6CD-484F-84B9-7F29FFB8B8E5}\245535753484 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B225ADB4-D6CD-484F-84B9-7F29FFB8B8E5}\75C414E4D2440354436323 : DHCPNameServer = 192.168.2.1
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-mSearch Page = hxxp://www.google.com
x64-mDefault_Page_URL = hxxp://www.google.com
x64-mDefault_Search_URL = hxxp://www.google.com
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine64\22.2.0.31\coieplg.dll
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - <orphaned>
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\NSx64\1602000.01F\symds64.sys [2015-6-10 490712]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\NSx64\1602000.01F\symefa64.sys [2015-6-10 1151704]
R1 avkmgr;avkmgr;C:\Windows\System32\drivers\avkmgr.sys [2014-6-12 28600]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [2015-6-9 1588016]
R1 ccSet_NS;NS Settings Manager;C:\Windows\System32\drivers\NSx64\1602000.01F\ccsetx64.sys [2015-6-10 165080]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Security\NortonData\22.0.2.17\Definitions\IPSDefs\20140907.003\IDSviA64.sys [2015-6-9 633560]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NSx64\1602000.01F\ironx64.sys [2015-6-10 271576]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NSx64\1602000.01F\symnets.sys [2015-6-10 565464]
R2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-6-12 461672]
R2 AntiVirService;Avira Echtzeit-Scanner;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-6-12 461672]
R2 avgntflt;avgntflt;C:\Windows\System32\drivers\avgntflt.sys [2014-6-12 162528]
R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2015-7-2 218816]
R2 avnetflt;avnetflt;C:\Windows\System32\drivers\avnetflt.sys [2014-6-12 44088]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2015-6-16 145528]
R2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2015-6-16 831096]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-5-17 1152656]
R2 NS;Norton Security;C:\Program Files (x86)\Norton Security\Engine\22.2.0.31\ns.exe [2015-6-10 282528]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-7-18 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-7-18 22997648]
R2 wyjuryvy;Plate Bitmap;C:\Users\Oberacker\AppData\Roaming\C055B2AD-1432615957-DD11-A9C4-8F8657D1D855\hnss3093.tmp [2015-5-26 364032]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series - Adaptertreiber für Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-7-18 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2015-5-17 38032]
R3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864]
R3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312]
R3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864]
S2 AntiVirMailService;Avira Email-Schutz;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-4-1 887128]
S2 AntiVirWebService;Avira Browser-Schutz;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2014-6-12 1213072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 pyjuwilu;Country Code Internet Service Provider;C:\Users\Oberacker\AppData\Local\C055B2AD-1432623366-DD11-A9C4-8F8657D1D855\snsz705.tmp --> C:\Users\Oberacker\AppData\Local\C055B2AD-1432623366-DD11-A9C4-8F8657D1D855\snsz705.tmp [?]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-6-3 327296]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2015-1-22 448384]
S3 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2015-6-16 433784]
S3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2015-6-16 413304]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-8-11 114688]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WSDScan;WSD-Scanunterstützung durch UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-14 25088]
.
=============== Created Last 30 ================
.
2015-08-17 15:57:39	--------	d-----w-	C:\AdwCleaner
2015-08-17 12:55:09	75888	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4681C8E0-2870-4238-AEFD-EFCE1CBD2C69}\offreg.5012.dll
2015-08-15 03:01:01	75888	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4681C8E0-2870-4238-AEFD-EFCE1CBD2C69}\offreg.5124.dll
2015-08-14 12:45:51	75888	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4681C8E0-2870-4238-AEFD-EFCE1CBD2C69}\offreg.4984.dll
2015-08-14 11:26:48	12222168	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4681C8E0-2870-4238-AEFD-EFCE1CBD2C69}\mpengine.dll
2015-08-11 20:16:07	--------	d-----w-	C:\Users\Oberacker\.android
2015-08-11 20:01:39	124624	----a-w-	C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 20:01:38	103120	----a-w-	C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-11 19:40:25	3722752	----a-w-	C:\Windows\System32\mstscax.dll
2015-08-11 19:39:35	1648128	----a-w-	C:\Windows\System32\DWrite.dll
2015-08-11 19:37:27	52736	----a-w-	C:\Windows\System32\basesrv.dll
2015-08-11 19:29:34	82432	----a-w-	C:\Windows\SysWow64\davclnt.dll
2015-08-11 19:29:34	260096	----a-w-	C:\Windows\System32\WebClnt.dll
2015-08-11 19:29:34	206848	----a-w-	C:\Windows\SysWow64\WebClnt.dll
2015-08-11 19:29:34	102912	----a-w-	C:\Windows\System32\davclnt.dll
2015-08-11 19:29:26	2004992	----a-w-	C:\Windows\System32\msxml6.dll
2015-08-11 19:29:26	1887232	----a-w-	C:\Windows\System32\msxml3.dll
2015-08-11 19:29:26	1390592	----a-w-	C:\Windows\SysWow64\msxml6.dll
2015-08-11 19:29:26	1241088	----a-w-	C:\Windows\SysWow64\msxml3.dll
2015-08-11 19:29:25	2048	----a-w-	C:\Windows\SysWow64\msxml6r.dll
2015-08-11 19:29:25	2048	----a-w-	C:\Windows\System32\msxml6r.dll
2015-08-11 19:29:24	2048	----a-w-	C:\Windows\SysWow64\msxml3r.dll
2015-08-11 19:29:24	2048	----a-w-	C:\Windows\System32\msxml3r.dll
2015-08-11 19:24:19	193536	----a-w-	C:\Windows\System32\notepad.exe
2015-08-11 19:24:19	193536	----a-w-	C:\Windows\notepad.exe
2015-08-11 19:24:18	179712	----a-w-	C:\Windows\SysWow64\notepad.exe
2015-08-11 19:20:51	493504	----a-w-	C:\Windows\System32\mcupdate_GenuineIntel.dll
2015-08-06 15:46:41	--------	d-----w-	C:\Users\Oberacker\AppData\Local\Warframe
2015-08-06 12:07:12	--------	d-----w-	C:\ProgramData\BlueStacks
2015-08-06 12:07:12	--------	d-----w-	C:\Program Files (x86)\BlueStacks
2015-08-06 12:06:19	--------	d-----w-	C:\ProgramData\BlueStacksSetup
2015-08-06 12:06:14	--------	d-----w-	C:\Users\Oberacker\AppData\Local\Bluestacks
2015-07-31 18:52:31	--------	d-----w-	C:\Users\Oberacker\AppData\Local\CEF
2015-07-27 12:31:42	576248	----a-w-	C:\Windows\System32\drivers\NSx64\1605020.00F\symnets.sys
2015-07-27 12:31:42	24192	----a-w-	C:\Windows\System32\drivers\NSx64\1605020.00F\symelam.sys
2015-07-27 12:31:41	926448	----a-w-	C:\Windows\System32\drivers\NSx64\1605020.00F\srtsp64.sys
2015-07-27 12:31:41	50936	----a-w-	C:\Windows\System32\drivers\NSx64\1605020.00F\srtspx64.sys
2015-07-27 12:31:40	297720	----a-w-	C:\Windows\System32\drivers\NSx64\1605020.00F\ironx64.sys
2015-07-27 12:31:40	173808	----a-w-	C:\Windows\System32\drivers\NSx64\1605020.00F\ccsetx64.sys
2015-07-27 12:30:51	1620720	----a-w-	C:\Windows\System32\drivers\NSx64\1605020.00F\symefasi64.sys
2015-07-27 12:30:29	--------	d-----w-	C:\Windows\System32\drivers\NSx64\1605020.00F
2015-07-22 11:04:34	17318592	----a-w-	C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
2015-07-21 18:57:48	1917080	----a-w-	C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
2015-07-21 18:57:48	1375896	----a-w-	C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
.
==================== Find3M  ====================
.
2015-08-12 00:22:23	778440	----a-w-	C:\Windows\SysWow64\FlashPlayerApp.exe
2015-08-12 00:22:23	142536	----a-w-	C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-30 18:06:57	2565120	----a-w-	C:\Windows\System32\d3d10warp.dll
2015-07-30 18:06:57	1180160	----a-w-	C:\Windows\System32\FntCache.dll
2015-07-30 18:06:42	41984	----a-w-	C:\Windows\System32\lpk.dll
2015-07-30 18:06:39	100864	----a-w-	C:\Windows\System32\fontsub.dll
2015-07-30 18:06:35	14336	----a-w-	C:\Windows\System32\dciman32.dll
2015-07-30 18:06:34	46080	----a-w-	C:\Windows\System32\atmlib.dll
2015-07-30 17:57:30	1987584	----a-w-	C:\Windows\SysWow64\d3d10warp.dll
2015-07-30 17:57:30	1251328	----a-w-	C:\Windows\SysWow64\DWrite.dll
2015-07-30 17:57:08	70656	----a-w-	C:\Windows\SysWow64\fontsub.dll
2015-07-30 17:57:05	10240	----a-w-	C:\Windows\SysWow64\dciman32.dll
2015-07-30 17:57:02	34304	----a-w-	C:\Windows\SysWow64\atmlib.dll
2015-07-30 17:55:56	25600	----a-w-	C:\Windows\SysWow64\lpk.dll
2015-07-30 16:56:07	3208192	----a-w-	C:\Windows\System32\win32k.sys
2015-07-30 16:52:53	372736	----a-w-	C:\Windows\System32\atmfd.dll
2015-07-30 16:49:55	299520	----a-w-	C:\Windows\SysWow64\atmfd.dll
2015-07-28 20:09:44	17344	----a-w-	C:\Windows\System32\CompatTelRunner.exe
2015-07-28 20:05:53	774656	----a-w-	C:\Windows\System32\invagent.dll
2015-07-28 20:05:50	743424	----a-w-	C:\Windows\System32\generaltel.dll
2015-07-28 20:05:47	437760	----a-w-	C:\Windows\System32\devinv.dll
2015-07-28 20:05:45	1116672	----a-w-	C:\Windows\System32\appraiser.dll
2015-07-28 20:05:44	69120	----a-w-	C:\Windows\System32\acmigration.dll
2015-07-28 20:05:44	227328	----a-w-	C:\Windows\System32\aepdu.dll
2015-07-28 19:55:14	1148416	----a-w-	C:\Windows\System32\aeinv.dll
2015-07-26 14:41:40	162528	----a-w-	C:\Windows\System32\drivers\avgntflt.sys
2015-07-20 18:12:45	98304	----a-w-	C:\Windows\System32\wudriver.dll
2015-07-20 18:12:45	3154944	----a-w-	C:\Windows\System32\wucltux.dll
2015-07-20 18:12:45	192000	----a-w-	C:\Windows\System32\wuwebv.dll
2015-07-20 18:12:16	91136	----a-w-	C:\Windows\System32\WinSetupUI.dll
2015-07-20 18:12:05	12288	----a-w-	C:\Windows\System32\wu.upgrade.ps.dll
2015-07-20 18:12:02	37376	----a-w-	C:\Windows\System32\wuapp.exe
2015-07-20 17:56:49	93184	----a-w-	C:\Windows\SysWow64\wudriver.dll
2015-07-20 17:56:49	173056	----a-w-	C:\Windows\SysWow64\wuwebv.dll
2015-07-20 17:56:08	34816	----a-w-	C:\Windows\SysWow64\wuapp.exe
2015-07-16 20:54:49	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2015-07-16 20:54:33	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2015-07-16 20:37:26	66560	----a-w-	C:\Windows\System32\iesetup.dll
2015-07-16 20:36:31	48640	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2015-07-16 20:36:22	417792	----a-w-	C:\Windows\System32\html.iec
2015-07-16 20:36:21	584192	----a-w-	C:\Windows\System32\vbscript.dll
2015-07-16 20:35:40	88064	----a-w-	C:\Windows\System32\MshtmlDac.dll
2015-07-16 20:26:00	5923328	----a-w-	C:\Windows\System32\jscript9.dll
2015-07-16 20:21:50	114688	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-07-16 20:21:47	144384	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-07-16 20:21:25	814080	----a-w-	C:\Windows\System32\jscript9diag.dll
2015-07-16 20:12:23	968704	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-07-16 20:06:43	2724864	----a-w-	C:\Windows\SysWow64\mshtml.tlb
2015-07-16 20:00:07	77824	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-07-16 19:51:47	504320	----a-w-	C:\Windows\SysWow64\vbscript.dll
2015-07-16 19:51:46	62464	----a-w-	C:\Windows\SysWow64\iesetup.dll
2015-07-16 19:50:54	47616	----a-w-	C:\Windows\SysWow64\ieetwproxystub.dll
2015-07-16 19:50:38	341504	----a-w-	C:\Windows\SysWow64\html.iec
2015-07-16 19:49:37	64000	----a-w-	C:\Windows\SysWow64\MshtmlDac.dll
2015-07-16 19:39:20	115712	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
2015-07-16 19:38:51	620032	----a-w-	C:\Windows\SysWow64\jscript9diag.dll
2015-07-16 19:33:23	1359360	----a-w-	C:\Windows\System32\mshtmlmedia.dll
2015-07-16 19:32:53	2125824	----a-w-	C:\Windows\System32\inetcpl.cpl
2015-07-16 19:24:03	60416	----a-w-	C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-07-16 19:12:42	2427904	----a-w-	C:\Windows\System32\wininet.dll
2015-07-16 19:12:39	4520448	----a-w-	C:\Windows\SysWow64\jscript9.dll
2015-07-16 19:06:06	2052608	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2015-07-16 19:05:15	1155072	----a-w-	C:\Windows\SysWow64\mshtmlmedia.dll
2015-07-16 18:42:02	1951232	----a-w-	C:\Windows\SysWow64\wininet.dll
2015-07-15 18:15:12	5568960	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-07-15 18:15:11	94656	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
2015-07-15 18:15:10	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-07-15 18:15:10	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-07-15 18:12:09	1730496	----a-w-	C:\Windows\System32\ntdll.dll
2015-07-15 18:11:14	362496	----a-w-	C:\Windows\System32\wow64win.dll
2015-07-15 18:11:14	243712	----a-w-	C:\Windows\System32\wow64.dll
2015-07-15 18:11:14	13312	----a-w-	C:\Windows\System32\wow64cpu.dll
2015-07-15 18:11:13	215040	----a-w-	C:\Windows\System32\winsrv.dll
2015-07-15 18:11:01	210944	----a-w-	C:\Windows\System32\wdigest.dll
2015-07-15 18:09:57	338432	----a-w-	C:\Windows\System32\conhost.exe
2015-07-15 18:09:52	64000	----a-w-	C:\Windows\System32\auditpol.exe
2015-07-15 18:05:47	60416	----a-w-	C:\Windows\System32\msobjs.dll
2015-07-15 18:05:26	146432	----a-w-	C:\Windows\System32\msaudite.dll
2015-07-15 17:59:45	3989952	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2015-07-15 17:59:45	3934656	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2015-07-15 17:56:24	1311768	----a-w-	C:\Windows\SysWow64\ntdll.dll
2015-07-15 17:55:07	172032	----a-w-	C:\Windows\SysWow64\wdigest.dll
2015-07-15 17:55:04	65536	----a-w-	C:\Windows\SysWow64\TSpkg.dll
2015-07-15 17:55:02	43008	----a-w-	C:\Windows\SysWow64\srclient.dll
2015-07-15 17:55:00	248832	----a-w-	C:\Windows\SysWow64\schannel.dll
2015-07-15 17:55:00	22016	----a-w-	C:\Windows\SysWow64\secur32.dll
2015-07-15 17:54:56	14336	----a-w-	C:\Windows\SysWow64\ntvdm64.dll
2015-07-15 17:54:55	221184	----a-w-	C:\Windows\SysWow64\ncrypt.dll
2015-07-15 17:54:54	259584	----a-w-	C:\Windows\SysWow64\msv1_0.dll
2015-07-15 17:54:49	552960	----a-w-	C:\Windows\SysWow64\kerberos.dll
2015-07-15 17:54:43	36864	----a-w-	C:\Windows\SysWow64\cryptbase.dll
2015-07-15 17:54:43	17408	----a-w-	C:\Windows\SysWow64\credssp.dll
2015-07-15 17:54:40	44032	----a-w-	C:\Windows\apppatch\acwow64.dll
2015-07-15 17:54:22	25600	----a-w-	C:\Windows\SysWow64\setup16.exe
2015-07-15 17:53:53	50176	----a-w-	C:\Windows\SysWow64\auditpol.exe
2015-07-15 17:53:37	5120	----a-w-	C:\Windows\SysWow64\wow32.dll
2015-07-15 17:53:36	96768	----a-w-	C:\Windows\SysWow64\sspicli.dll
2015-07-15 17:53:36	665088	----a-w-	C:\Windows\SysWow64\rpcrt4.dll
2015-07-15 17:53:36	274944	----a-w-	C:\Windows\SysWow64\KernelBase.dll
2015-07-15 17:49:10	60416	----a-w-	C:\Windows\SysWow64\msobjs.dll
.
============= FINISH: 18:44:29,87 ===============
         
--- --- ---
--- --- ---
__________________

Alt 17.08.2015, 19:54   #4
Deathkid535
/// Malwareteam
 
Plus Network - Standard

Plus Network



http://www.trojaner-board.de/69886-a...-beachten.html

Durchlesen, verstehen, abarbeiten und einen neuen Thread aufmachen. Und gib einen Link hierher an.

Jeder PC ist anders, deshalb bitte nicht blind anderen Themen nachmachen, auch wenn deine Infektion ähnliche Symptome hat.

Thema geschlossen

Themen zu Plus Network
appdata, desktop, explorer, google, helper, iexplore.exe, image, internet, internet explorer, launch, logfile, microsoft, not, opera, plus network entfernen, proxy, registry, roaming, server, services, shell, software, start, system, tools, windows, winsock



Ähnliche Themen: Plus Network


  1. Lollipop Network S.L. entfernen
    Plagegeister aller Art und deren Bekämpfung - 11.03.2014 (33)
  2. Lollipop Network, S.L.
    Log-Analyse und Auswertung - 04.02.2014 (3)
  3. Lollipop Network Virus
    Plagegeister aller Art und deren Bekämpfung - 22.01.2014 (10)
  4. lollipop network sl deinstallieren?
    Log-Analyse und Auswertung - 04.01.2014 (13)
  5. Lollipop Network SL auf Windows 8
    Log-Analyse und Auswertung - 23.12.2013 (3)
  6. wssetup.exe von Perion Network Ltd.
    Log-Analyse und Auswertung - 03.07.2013 (12)
  7. Perion Network - wssetup.exe
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (7)
  8. Perion Network
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (1)
  9. wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (7)
  10. wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (11)
  11. network.explorer.exe Virus
    Plagegeister aller Art und deren Bekämpfung - 15.04.2012 (15)
  12. Aurora/ ABI network
    Log-Analyse und Auswertung - 28.08.2005 (15)
  13. A Better Internet The Abi Network
    Plagegeister aller Art und deren Bekämpfung - 26.06.2005 (1)
  14. Bullseye Network
    Plagegeister aller Art und deren Bekämpfung - 22.02.2005 (2)
  15. Bullseye Network
    Log-Analyse und Auswertung - 10.01.2005 (6)
  16. Network RFW 25
    Netzwerk und Hardware - 14.02.2003 (14)
  17. Network Quotas
    Alles rund um Mac OSX & Linux - 01.11.2002 (11)

Zum Thema Plus Network - Hallo ryder, hier ist meine Antwort. Ich sollte dir den Inhalt mit meiner nächsten Antwort posten:AdwCleaner Logfile: Code: Alles auswählen Aufklappen ATTFilter # AdwCleaner v5.000 - Logfile created 17/08/2015 at - Plus Network...
Archiv
Du betrachtest: Plus Network auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.