Trojaner-Board
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Lästige Werbung beim Internet Explorer (https://www.trojaner-board.de/167792-laestige-werbung-beim-internet-explorer.html)

schrauber 12.07.2015 11:17
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {0366B356-4748-440C-9E5D-F7F4808CD534} - \sup_games_notification_service No Task File <==== ATTENTION

Task: {0BFAFBB9-4476-44BC-B388-6FBAA998713B} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-3 No Task File <==== ATTENTION

Task: {3795D49F-97B0-428A-886A-C92EB64C6C40} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-5 No Task File <==== ATTENTION

Task: {5AB37152-38BA-43EC-86FC-8AC2A07EE949} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-4 No Task File <==== ATTENTION

Task: {8E8D44DA-EA84-4DC0-950D-A90970DF8874} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-1 No Task File <==== ATTENTION

Task: {A285E65C-471A-4D8F-9EDA-7E0AD01A617D} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION

Task: {B9207C0B-71B2-441E-9785-DBAE4317E0EF} - \temp_66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION
HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.77.253
Tcpip\..\Interfaces\{E18D4E09-AD6C-4156-9375-44EDC8C95F81}: [NameServer] 192.168.120.252,192.168.120.253
Tcpip\..\Interfaces\{F7780FA9-170A-4DD6-9B49-6E97103E3F56}: [DhcpNameServer] 192.168.77.253
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Zitat:
C:\Program Files\Game til you Die\game_til_you_die_helper_service.exe
Kennst Du das?

jeejo 12.07.2015 17:20
Danke werde ich morgen machen wenn ich am Pc bin. Diese "game_til_you_die_helper_service.exe " ist mir bisher unbekannt. :-/

schrauber 13.07.2015 08:13
Dann mach den Fix und poste bitte ein frisches FRST log.

jeejo 14.07.2015 16:41
Code:
Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by Riehl at 2015-07-14 17:37:41 Run:1
Running from C:\Users\Riehl\Downloads
Loaded Profiles: Riehl & Acronis Agent User (Available Profiles: Riehl & Acronis Agent User)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Task: {0366B356-4748-440C-9E5D-F7F4808CD534} - \sup_games_notification_service No Task File <==== ATTENTION

Task: {0BFAFBB9-4476-44BC-B388-6FBAA998713B} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-3 No Task File <==== ATTENTION

Task: {3795D49F-97B0-428A-886A-C92EB64C6C40} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-5 No Task File <==== ATTENTION

Task: {5AB37152-38BA-43EC-86FC-8AC2A07EE949} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-4 No Task File <==== ATTENTION

Task: {8E8D44DA-EA84-4DC0-950D-A90970DF8874} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-1 No Task File <==== ATTENTION

Task: {A285E65C-471A-4D8F-9EDA-7E0AD01A617D} - \66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION

Task: {B9207C0B-71B2-441E-9785-DBAE4317E0EF} - \temp_66f0ed68-c883-4d32-aef0-cf1f0c66136e-2 No Task File <==== ATTENTION
HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Tcpip\Parameters: [DhcpNameServer] 192.168.77.253
Tcpip\..\Interfaces\{E18D4E09-AD6C-4156-9375-44EDC8C95F81}: [NameServer] 192.168.120.252,192.168.120.253
Tcpip\..\Interfaces\{F7780FA9-170A-4DD6-9B49-6E97103E3F56}: [DhcpNameServer] 192.168.77.253
Emptytemp:
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0366B356-4748-440C-9E5D-F7F4808CD534}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0366B356-4748-440C-9E5D-F7F4808CD534}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\sup_games_notification_service" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BFAFBB9-4476-44BC-B388-6FBAA998713B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BFAFBB9-4476-44BC-B388-6FBAA998713B}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-3" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3795D49F-97B0-428A-886A-C92EB64C6C40}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3795D49F-97B0-428A-886A-C92EB64C6C40}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-5" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AB37152-38BA-43EC-86FC-8AC2A07EE949}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AB37152-38BA-43EC-86FC-8AC2A07EE949}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-4" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E8D44DA-EA84-4DC0-950D-A90970DF8874}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E8D44DA-EA84-4DC0-950D-A90970DF8874}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-1" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A285E65C-471A-4D8F-9EDA-7E0AD01A617D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A285E65C-471A-4D8F-9EDA-7E0AD01A617D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\66f0ed68-c883-4d32-aef0-cf1f0c66136e-2" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9207C0B-71B2-441E-9785-DBAE4317E0EF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9207C0B-71B2-441E-9785-DBAE4317E0EF}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\temp_66f0ed68-c883-4d32-aef0-cf1f0c66136e-2" => key removed successfully.
"HKU\S-1-5-21-1956295977-2440402935-1114064478-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully.
HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{E18D4E09-AD6C-4156-9375-44EDC8C95F81}\\NameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{F7780FA9-170A-4DD6-9B49-6E97103E3F56}\\DhcpNameServer => value removed successfully.
EmptyTemp: => 3.5 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 17:38:11 ====

EDIT: Nachdem ich die "Gasme til you die" Geschichte entfernt habe ist bis jetzt nichts weiter gekommen...

schrauber 15.07.2015 09:44
das frische frst log bitte noch :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:30 Uhr.
Seite 2 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2026, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19