Hier die Log-Datei:
Code:
Alles auswählen Aufklappen ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 8.0.5.0
# -------------------------------
# Build: 05-25-2020
# Database: 2020-05-26.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-08-2020
# Duration: 00:00:37
# OS: Windows 10 Home
# Cleaned: 42
# Failed: 1
***** [ Services ] *****
Deleted gramblrclient
***** [ Folders ] *****
Deleted C:\Program Files\Gramblr
Deleted C:\ProgramData\Booking.com
Deleted C:\Users\Public\Pokki
Deleted C:\Users\mandy\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}
Deleted C:\Users\mandy\AppData\Local\Temp\DMR
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Not Deleted C:\ProgramData\Gramblr
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gramblr.lnk
Deleted C:\Users\Public\Desktop\Booking.com.lnk
Deleted C:\Users\mandy\Desktop\..\Downloads\GRAMBLR INSTAGRAM UPLOAD AM PC - CHIP-INSTALLER.EXE
Deleted C:\Users\mandy\Desktop\..\Downloads\IGDESKTOP16 - CHIP-INSTALLER.EXE
Deleted C:\Users\mandy\Desktop\eBay.lnk
Deleted C:\Users\mandy\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
Deleted C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BAF34B1D-66AE-11E6-9BDA-B46D83FF110C}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\chip1click
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Gramblr
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.TOSHIBAPCHealthMonitor Folder C:\Program Files\TOSHIBA\TPHM
Deleted Preinstalled.TOSHIBAPCHealthMonitor Folder C:\ProgramData\TOSHIBA\TPHM
Deleted Preinstalled.TOSHIBAPCHealthMonitor Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TosWaitSrv
Deleted Preinstalled.TOSHIBAPCHealthMonitor Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TosWaitSrv
Deleted Preinstalled.TOSHIBAPCHealthMonitor Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B507386D-1F61-4E55-B05B-F56ACB0086B3}
Deleted Preinstalled.TOSHIBAPasswordUtility Folder C:\Program Files\TOSHIBA\PASSWORDUTILITY
Deleted Preinstalled.TOSHIBAQualityApplication Folder C:\Program Files (x86)\TOSHIBA\TOSHIBAFB
Deleted Preinstalled.TOSHIBAQualityApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{716C8275-A4A9-48CB-88C0-9829334CA3C5}
Deleted Preinstalled.TOSHIBAQualityApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{716C8275-A4A9-48CB-88C0-9829334CA3C5}
Deleted Preinstalled.TOSHIBASystemSettings Folder C:\Program Files\TOSHIBA\SYSTEM SETTING
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B040D5C9-C9AA-430A-A44E-696656012E61}
Deleted Preinstalled.TOSHIBATEMPRO Folder C:\Program Files (x86)\TOSHIBA TEMPRO
Deleted Preinstalled.TOSHIBATEMPRO Folder C:\ProgramData\TOSHIBA TEMPRO
Deleted Preinstalled.TOSHIBATEMPRO Registry HKLM\Software\Classes\CLSID\{F1999956-6CC2-4912-990F-F3E26C88D260}
Deleted Preinstalled.TOSHIBATEMPRO Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}
Deleted Preinstalled.TOSHIBAUtilities Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [5663 octets] - [08/06/2020 15:34:35]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
08.06.2020, 14:49
Baum-Darstellung