Trojaner-Board - GVU Trojaner mit Webcam

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - GVU Trojaner mit Webcam (https://www.trojaner-board.de/120427-gvu-trojaner-webcam.html)

GVU Trojaner mit Webcam

Guten Abend Forum,

Vor ein paar Tagen wurde mein Rechner durch diesen tollen Webcam Trojaner gesperrt und ich hab zunächst die Methode mit dem Windowsunlocker von Kaspersky probiert, um die Sperre zu beseitigen, was aber nicht geklappt hat.
Jedoch ist die Sperre, sofort nach dem ich den Computer neustartete, hängengeblieben und verschwand, also so, dass ich auf´s Internet und auf alle Programme zugreifen konnte. Ich habe mir dann sofort Malwarebytes Anti-Malware runtergeladen und ließ einen vollständigen Scan durchführen. Dieser fand 3 Dateien, die ich löschte. Desweiteren hab ich auch durch OTL meinen Computer scannen lassen. Wie sollte ich nun weiter verfahren ? Muss ich das System komplett neu raufspielen oder gibt es da Alternativen?
Mein PC ist übrigens ein Laptop von Asus A54s 64bit Windows 7

Im Anhang ist die Logdatei von Malwarebytes und die zwei Dateien die OTL erstellt hat.
Defogger hab ich auch durchlaufen lassen und auch keine Fehlermeldung bekommen, also musste ich die defogger_disabe nicht uppen?

Danke im Voraus

:hallo:

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:

Code:

:Processes

killallprocesses
 

:OTL

SRV:64bit: - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe File not found 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox 

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox 

IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT 

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local 

FF - prefs.js..browser.search.selectedEngine: "Google" 

FF - prefs.js..browser.search.useDBForOrder: true 

FF - prefs.js..browser.startup.homepage: "www.google.de" 

FF - user.js - File not found 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found 

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found 

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) 

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) 

[2012.06.29 17:06:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Octavio\AppData\Roaming\mozilla\Firefox\Profiles\rw3nxuj4.default\extensions 

[2012.05.09 18:34:00 | 000,012,014 | ---- | M] () (No name found) -- C:\USERS\OCTAVIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RW3NXUJ4.DEFAULT\EXTENSIONS\{B68DFAE5-1903-4A03-8094-C973BF7E483E}.XPI 

[2012.06.29 17:06:21 | 000,572,017 | ---- | M] () (No name found) -- C:\USERS\OCTAVIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RW3NXUJ4.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI 

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 

O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found 

O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found 

O4 - HKLM..\Run: [] File not found 

O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe () 

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 

O32 - HKLM CDRom: AutoRun - 1 
 

[2012.07.22 21:08:47 | 004,503,728 | ---- | M] () -- C:\ProgramData\kp_0loor.pad 
 
 

[2012.07.23 19:05:27 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job 

[2012.07.23 18:38:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job 

:Files
 

ipconfig /flushdns /c

:Commands

[purity]

[emptytemp]

[emptyflash]

[resethosts]

[emptyjava]

Schließe alle Programme.
Klicke auf den Fix Button.
Wenn OTL einen Neustart verlangt, bitte zulassen.
Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Okay, hier ist das, was rauskam:

Code:

All processes killed

========== PROCESSES ==========

========== OTL ==========

Error: Unable to stop service Amsp!

Unable to delete service\driver key Amsp.

File move failed. C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe scheduled to be moved on reboot.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!

Prefs.js: "Google" removed from browser.search.selectedEngine

Prefs.js: true removed from browser.search.useDBForOrder

Prefs.js: "www.google.de" removed from browser.startup.homepage

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.

C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll moved successfully.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.

File C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll not found.

C:\Users\Octavio\AppData\Roaming\mozilla\Firefox\Profiles\rw3nxuj4.default\extensions folder moved successfully.

File C:\USERS\OCTAVIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RW3NXUJ4.DEFAULT\EXTENSIONS\{B68DFAE5-1903-4A03-8094-C973BF7E483E}.XPI not found.

File C:\USERS\OCTAVIO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RW3NXUJ4.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI not found.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\IntelTBRunOnce not found.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Setwallpaper deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Wireless Console 3 deleted successfully.

C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe moved successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLinkedConnections deleted successfully.

Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveAutoRun deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.

64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

C:\ProgramData\kp_0loor.pad moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.

========== FILES ==========
 < ipconfig /flushdns /c >

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

C:\Users\Octavio\Desktop\cmd.bat deleted successfully.

C:\Users\Octavio\Desktop\cmd.txt deleted successfully.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Octavio

->Temp folder emptied: 4605507481 bytes

->Temporary Internet Files folder emptied: 94875133 bytes

->Java cache emptied: 324883 bytes

->FireFox cache emptied: 60723146 bytes

->Flash cache emptied: 8166700 bytes

 

User: Public

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 527171887 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes

RecycleBin emptied: 1443 bytes

 

Total Files Cleaned = 5.051,00 mb

 

 

[EMPTYFLASH]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Octavio

->Flash cache emptied: 0 bytes

 

User: Public

 

User: UpdatusUser

 

Total Flash Files Cleaned = 0,00 mb

 

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

 

[EMPTYJAVA]

 

User: All Users

 

User: Default

 

User: Default User

 

User: Octavio

->Java cache emptied: 0 bytes

 

User: Public

 

User: UpdatusUser

 

Total Java Files Cleaned = 0,00 mb

 

 

OTL by OldTimer - Version 3.2.54.0 log created on 07262012_200948
 

Files\Folders moved on Reboot...

C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe moved successfully.

C:\Users\Octavio\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
 

PendingFileRenameOperations files...

File C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe not found!

File C:\Users\Octavio\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
 

Registry entries deleted on Reboot...

Sehr gut! :daumenhoc

Wie laeuft der Rechner?

1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Search.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Der Rechner läuft schneller ! Danke vielmals !

Malwarebytes hat nichts gefunden und das hier sagt Adwcleaner:

Code:

# AdwCleaner v1.703 - Logfile created 07/28/2012 at 00:09:34

# Updated 20/07/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Octavio - OCTAVIO-PC

# Running from : C:\Users\Octavio\Desktop\adwcleaner.exe

# Option [Search]
 
 

***** [Services] *****
 
 

***** [Files / Folders] *****
 

Folder Found : C:\Users\Octavio\AppData\Local\Conduit

Folder Found : C:\Users\Octavio\AppData\LocalLow\Conduit

Folder Found : C:\Program Files (x86)\Conduit
 

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2849855

Key Found : HKCU\Software\Softonic

[x64] Key Found : HKCU\Software\Softonic
 

***** [Registre - GUID] *****
 

Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
 

***** [Internet Browsers] *****
 

-\\ Internet Explorer v9.0.8112.16421
 

[OK] Registry is clean.
 

-\\ Mozilla Firefox v14.0.1 (de)
 

Profile name : default 

File : C:\Users\Octavio\AppData\Roaming\Mozilla\Firefox\Profiles\rw3nxuj4.default\prefs.js
 

[OK] File is clean.
 

*************************
 

AdwCleaner[R1].txt - [1261 octets] - [28/07/2012 00:09:35]
 

########## EOF - C:\AdwCleaner[R1].txt - [1389 octets] ##########

Sehr gut! :daumenhoc

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Delete.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

danach:

Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

Alles klar,

hier ist die Logdatei von Adwcleaner:

Code:

# AdwCleaner v1.703 - Logfile created 07/28/2012 at 13:32:03

# Updated 20/07/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Octavio - OCTAVIO-PC

# Running from : C:\Users\Octavio\Desktop\adwcleaner.exe

# Option [Delete]
 
 

***** [Services] *****
 
 

***** [Files / Folders] *****
 

Folder Deleted : C:\Users\Octavio\AppData\Local\Conduit

Folder Deleted : C:\Users\Octavio\AppData\LocalLow\Conduit

Folder Deleted : C:\Program Files (x86)\Conduit
 

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2849855

Key Deleted : HKCU\Software\Softonic
 

***** [Registre - GUID] *****
 

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}
 

***** [Internet Browsers] *****
 

-\\ Internet Explorer v9.0.8112.16421
 

[OK] Registry is clean.
 

-\\ Mozilla Firefox v14.0.1 (de)
 

Profile name : default 

File : C:\Users\Octavio\AppData\Roaming\Mozilla\Firefox\Profiles\rw3nxuj4.default\prefs.js
 

[OK] File is clean.
 

*************************
 

AdwCleaner[R1].txt - [1386 octets] - [28/07/2012 00:09:35]

AdwCleaner[S1].txt - [1201 octets] - [28/07/2012 13:32:03]
 

########## EOF - C:\AdwCleaner[S1].txt - [1329 octets] ##########

Und Emisoft hat auch nichts gefunden.
hier das Logfile:

Code:

Emsisoft Anti-Malware - Version 6.6

Letztes Update: 28.07.2012 13:41:14
 

Scan Einstellungen:
 

Scan Methode: Detail Scan

Objekte: Rootkits, Speicher, Traces, C:\, D:\, Q:\

Archiv Scan: An

ADS Scan: An
 

Scan Beginn:        28.07.2012 13:45:23
 
 

Gescannt        733655

Gefunden        0
 

Scan Ende:        28.07.2012 14:30:01

Scan Zeit:        0:44:38

Sehr gut! :daumenhoc

Lasse die Funde loeschen, dann:

Deinstalliere:
Emsisoft Anti-Malware

ESET Online Scanner

Vorbereitung

Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.

Los geht's

Lade und starte Eset Smartinstaller
Haken setzen bei YES, I accept the Terms of Use.
Klick auf Start.
Haken setzen bei Remove found threads und Scan archives.
Klick auf Start.
Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Finish drücken.
Browser schließen.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
Logfile hier posten.
Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

So, das logfile von ESET:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=cc0fc59463619749b885ab037a0abced

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-07-29 08:40:11

# local_time=2012-07-29 10:40:11 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=512 16777215 100 0 18958321 18958321 0 0

# compatibility_mode=5893 16776574 66 85 23279470 95147272 0 0

# compatibility_mode=8192 67108863 100 0 71 71 0 0

# scanned=119071

# found=0

# cleaned=0

# scan_time=33789

Java aktualisieren

Deine Javaversion ist veraltet. Da einige Schaedlinge ueber Java-Exploits in das System eindringen, muss Java aktualisiert werden und alte Versionen muessen vom System entfernt werden, da die alten Versionen ein Sicherheitsrisiko darstellen. Lade JavaRa von SingularLabs herunter und entpacke es auf den Desktop. Nimm die Windows Binary. JavaRA ist geeignet fuer Windows Windows 9x, 2k, XP, Vista, 7. Vista und Windows 7-User muessen die Benuterkontensteuerung deaktivieren, Anleitung siehe unten.

Schliesse alle Browserfenster.
Doppelklicke die JavaRa.exe, um das Programm zu starten.
Die Sprache Deutsch auswaehlen und klicke "Select".
Klicke auf Weitere Funktionen, mache Haken bei Unnoetige JRE Dateien loeschen und Sun Download Manager loeschen.
Klicke auf Start und jeweils auf Ok/Ja und schliesse das Fenster "Additional Tasks" wieder.
Klicke auf aeltere Versionen loeschen, um alte Java-Versionen, die auf dem Rechner installiert sind, zu entfernen.
Klicke auf Ja wenn es verlangt wird. Wenn JavaRa fertig, erscheint eine Notiz, dass ein Logfile erstellt wurde, klicke OK.
Das Logfile wird im Editor geoeffnet, bitte speichern und spaeter hier posten.
Rechner neu starten.[/B]

Downloade nun die aktuelle Offline-Version von Java von Oracle und installiere sie. Achte darauf, eventuell angebotene Toolbars nicht mitzuinstallieren, also waehrend der Installation den Haken bei der Toolbar entfernen.

Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Hier das logfile von JavaRa

Code:

There was an error removing C:\Users\Octavio\Start Menu\Programs\Sun Download Manager 2.0 (local). The error returned was 124.
 

JavaRa 1.16 Removal Log.
 

Report follows after line.
 

------------------------------------
 

The JavaRa removal process was started on Mon Jul 30 23:54:15 2012
 

Found and removed: Applications\java.exe
 

Found and removed: Applications\javaw.exe
 

Found and removed: JavaPlugin.FamilyVersionSupport
 

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}
 

Found and removed: CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}
 

Found and removed: CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
 

Found and removed: SOFTWARE\Classes\JavaPlugin
 

Found and removed: SOFTWARE\Classes\JavaPlugin.160_32
 

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.6.0.0
 

Found and removed: SOFTWARE\JavaSoft
 

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}
 

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}
 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}
 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}
 

------------------------------------
 

Finished reporting.

Soll ich nun die Benutzerkontensteuerung wieder aktivieren?

Beim Einstellen von Java nach deiner Anleitung fehlt mir beim Punkt "Java aktualisieren" der Reiter "Aktualisierung" und kann somit nichts einstellen. Was soll ich machen?

Ja, wieder akivieren.

Ja, Update gibts hier nicht, das ist OK.

Sehr gut! :daumenhoc

damit bist Du sauber und entlassen! :)

Tool-Bereinigung mit OTL

Wir werden nun die CleanUp!-Funktion von OTL nutzen, um die meisten Programme, die wir zur Bereinigung installiert haben, wieder von Deinem System zu löschen.

Bitte lade Dir (falls noch nicht vorhanden) OTL von OldTimer herunter.
Speichere es auf Deinem Desktop.
Doppelklick auf OTL.exe um das Programm auszuführen.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Klicke auf den Button "Bereinigung"
OTL fragt eventuell nach einem Neustart.
Sollte es dies tun, so lasse dies bitte zu.

Anmerkung: Nach dem Neustart werden OTL und andere Helferprogramme, die Du im Laufe der Bereinigung heruntergeladen hast, nicht mehr vorhanden sein. Sie wurden entfernt. Es ist daher Ok, wenn diese Programme nicht mehr vorhanden sind. Sollten noch welche übrig geblieben sein, lösche sie manuell.

Zurücksetzen der Sicherheitszonen

Lasse die Sicherheitszonen wieder zurücksetzen, da diese manipuliert wurden um den Browser für weitere Angriffe zu öffnen.
Gehe dabei so vor: http://www.trojaner-board.de/111805-...ecksetzen.html

Aufräumen mit CCleaner

Lasse mit CCleaner (Download) (Anleitung) Fehler in der

Registry beheben (mehrmals, solange bis keine Fehler mehr gefunden werden) und
temporäre Dateien löschen.

Lektuere zum abarbeiten:
http://www.trojaner-board.de/90880-d...tallation.html
http://www.trojaner-board.de/105213-...tellungen.html
PluginCheck
http://www.trojaner-board.de/96344-a...-rechners.html
Secunia Online Software Inspector
http://www.trojaner-board.de/71715-k...iendungen.html
http://www.trojaner-board.de/83238-a...sschalten.html