| magnoliagata | 22.09.2012 16:07 |
hey t'john, sorry, es hat etwas gedauert, ich hatte ziemlich viel um die ohren. hier die ergebnisse des adw-cleaners: Code:
# AdwCleaner v1.703 - Logfile created 09/22/2012 at 16:57:09
# Updated 20/07/2012 by Xplode
# Operating system : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# User : karo - KARO-PC
# Running from : C:\Users\karo\Desktop\adwCleaner1703.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Users\karo\AppData\Local\APN
Folder Deleted : C:\Users\karo\AppData\Local\Temp\AskSearch
Folder Deleted : C:\Users\karo\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\karo\AppData\Roaming\pdfforge
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
File Deleted : C:\Users\karo\AppData\Roaming\Mozilla\Firefox\Profiles\0wud23lh.default\searchplugins\Askcom.xml
***** [Registry] *****
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
***** [Registre - GUID] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://de.ask.com/?l=dis&o=15996&gct=hp --> hxxp://www.google.com
-\\ Mozilla Firefox v15.0 (de)
Profile name : default
File : C:\Users\karo\AppData\Roaming\Mozilla\Firefox\Profiles\0wud23lh.default\prefs.js
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Deleted : user_pref("browser.startup.homepage", "hxxp://de.ask.com/?l=dis&o=15996&gct=hp");
-\\ Google Chrome v21.0.1180.89
File : C:\Users\karo\AppData\Local\Google\Chrome\User Data\Default\Preferences
Deleted : "icon_url": "hxxp://mystart.incredibar.com/mb174/favicon.ico",
Deleted : "keyword": "mystart.incredibar.com/mb174",
Deleted : "name": "MyStart Search",
Deleted : "search_url": "hxxp://mystart.incredibar.com/mb174/?loc=IB_DS&search={searchTerms}&a=6OyK9mIAw[...]
Deleted : "homepage": "hxxp://www.ask.com/?l=dis&o=15996cr&gct=hp",
*************************
AdwCleaner[R1].txt - [8263 octets] - [09/08/2012 03:05:49]
AdwCleaner[S1].txt - [8669 octets] - [09/08/2012 15:30:25]
AdwCleaner[R2].txt - [1531 octets] - [15/08/2012 22:55:23]
AdwCleaner[S2].txt - [2259 octets] - [22/09/2012 16:57:09]
########## EOF - C:\AdwCleaner[S2].txt - [2387 octets] ##########
und hier das ergebnis des emsisoft-scans: Code:
Emsisoft Anti-Malware - Version 7.0
Letztes Update: 22.09.2012 17:12:11
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
Riskware-Erkennung: Aus
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan Beginn: 22.09.2012 17:13:40
C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe gefunden: Trojan.Generic.7723167 (B)
C:\ProgramData\Avira\AntiVir Desktop\INFECTED\56faacca.qua -> (Quarantine-8) gefunden: Gen:Variant.Zusy.15749 (B)
C:\Users\karo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AZBK1IN1\HOSTS_Anti-Adware[1].exe gefunden: Trojan.Generic.7723167 (B)
C:\Users\karo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UTT7ZZ1K\Install_HOSTS_Anti-Adware[1].exe gefunden: Trojan.Downloader.Win32.AMN (A)
C:\Users\karo\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe gefunden: Trojan.Downloader.Win32.AMN (A)
C:\Users\karo\Downloads\Install_HOSTS_Anti-Adware.exe gefunden: Trojan.Downloader.Win32.AMN (A)
Gescannt 409659
Gefunden 6
Scan Ende: 22.09.2012 18:14:19
Scan Zeit: 1:00:39
| 