Trojaner-Board
Seite 4 von 5 « Erste 23 4 5
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   http://www_getwindowinfo/ und TBUpdater.dll nervern seit einiger Zeit, wie bekomme ich die vom Rechner? (https://www.trojaner-board.de/139724-http-www_getwindowinfo-tbupdater-dll-nervern-seit-einiger-zeit-bekomme-rechner.html)

markusg 12.08.2013 21:56
so, hängs erst mal an, hab hunger und sehs mir später an

baby-lissa 12.08.2013 22:33
der Butten unten rechts direkt antworten hat bei mir keine funktion

markusg 12.08.2013 22:37
ne nich direkt antworten, der heißt nur "antworten" aber is jetzt erst mal wurscht :-) sehs mir später an, dann werden wir schon ne lösung finden.p.s. bei direkt antworten springst du nur in das unten angezeigte Eingabefeld

baby-lissa 12.08.2013 22:45
jetzt kann ich aus outlook mail wieder nicht direkt über den link auf die Internet seite springen. das ging bis vorhin

markusg 12.08.2013 22:53
ich habs doch jetzt schon, es hängt doch weiter oben an
aber heute seh ich mir das nich mehr an.
hab hunger und dann is ende für heute

baby-lissa 12.08.2013 22:58
ich danke dir erstmal bis hier und mache mich auch ins bett.
muss um 6 hoch.

Danke

markusg 12.08.2013 23:29
Kein ding, das bekommen wir schon wieder hin.

markusg 13.08.2013 18:29
hi, kannst du mal die Systemwiederherstellung nutzen, und den neuesten Punkt, vor combofix, nutzen, wie sieht es dann aus?

baby-lissa 13.08.2013 19:02
ich habe die letzten tage offe eine system wiederherstellung gemacht, da is keine änderung getwindow und TBupdater bleiben
den rest habe ich wieder hinbekommen mit den ganzen änderungen die combfix vorgenommen hat

markusg 13.08.2013 19:52
Hi, häufige Systemwiederherstellungen sind auch eher ungünstig für das System, grade bei malware befall.
Es sind 2 Logs zu erstellen.
1.

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


neustarten.
2.
HitmanPro - Download - Filepony
Doppelklicken, Scan klicken. Log speichern und posten, bzw als XML exportieren, packen und anhängen. hitmanpro schließen

baby-lissa 13.08.2013 20:03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.4.4 (08.12.2013:1)
OS: Windows 7 Home Premium x64
Ran by Lissi1 on 13.08.2013 at 20:58:44,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\lyricstar



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\Lissi1\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Lissi1\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\Lissi1\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\eusing free registry cleaner"
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{02609373-5111-4B90-AFD7-048DEB1A6F46}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{03E0EA8E-253B-440D-B88C-68B7EACC4BA3}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{0A04C22E-6CBF-43C6-ABA6-02DEAC20BB7E}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{16448AE2-E8B0-4F48-B32A-62966ED71488}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{18E7094B-C336-4991-BF13-F91229F75C0F}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{1B8E8497-931A-4D57-A3F5-6D4189C88ADB}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{1D5E136E-47AF-461C-A4BB-45E8817CCDF3}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{27628329-BD4D-481B-89C9-837588A4BF27}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{2D21CAF1-E27F-424F-9F6A-3C2B7F8E8FE5}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{2D41A860-B623-47C2-8731-3B430AE4CF0A}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{2ED5AABC-37B3-4540-909D-29FBD29F1D22}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{36BB5711-0587-47A0-AAA0-163985EE50DD}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{38F828AB-BA1B-43C6-BD18-9797AD23DB83}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{3934A644-4783-43E5-8546-A7E5E2E99FE0}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{3A677267-0C79-41AA-974C-FD5D32D71BDC}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{3E47F9AD-8E93-463B-9185-39019E67D959}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{468453D5-42FA-45DB-96BD-B5453883F110}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{532BDFBC-7432-4825-813D-EDEFB471BEA0}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{54D97109-37AC-437A-B7FD-FEB3C83C71CA}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{5909F39D-864C-4800-84F2-06134F7456A8}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{5B53BAF3-AC66-4D09-AA90-8B326CD10E2F}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{5E8850F2-2580-42B9-AC9E-E6042DB2B730}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{667AD1F6-8812-4604-A2A3-AD2CAA52BF1E}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{672DF01E-A489-4D2E-9AE1-5F6D567475E3}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{675F4FF7-94FD-48D3-96E0-2A37CD88CD7F}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{69E757AE-996A-45B7-9E18-B7AB1B5A2FF2}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{6CE0CCFD-225C-4457-9FAB-F361BAF51AE1}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{6F21E2AD-3A39-4686-A5F0-15BFD8138730}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{77288DC9-C300-47E8-926A-F3BA8CF8E711}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{776DAD39-B110-4BB8-8E5D-C94A0562B076}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{79D351A7-86AB-4734-97E9-C42B3C381CD0}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{7A12071F-9FAB-4AA7-86D0-4489B3AC3235}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{7AEFFBA2-FD0E-43B9-AC68-1FF08B2F9EF3}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{7DAAA44A-3D30-43B7-B626-34F03F8E3CB3}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{804FC1F1-CDC1-4979-BBFD-D775F292CB10}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{81977D28-7A78-46C9-9E73-CDB86105139F}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{81C35152-3CE8-453A-BD85-C8F4E2296579}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{82CCD1D6-A3C2-4B6A-8BF1-AF713CE7385D}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{830EA2F8-F69A-49D2-9B64-F5E9790F2677}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{87BB76C1-82E0-437C-A37C-0433E34C4B33}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{880A9B20-9E10-4D93-B15B-D80B28950967}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{8B102F25-1113-48D3-9381-DA6E4B9A6BA8}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{8EF11119-F58F-43BF-BC83-8F60387DADED}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{9366A743-3BD8-4380-AE36-C99E98B79B62}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{95826115-80F8-4238-BFCE-1177E17E2FFF}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{9637470F-AE6B-4822-9194-58F37C469FC7}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{9873A470-EC12-42A5-9F56-6A62A9DEB945}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{9B7ABD7B-822A-483F-A475-D671903D64EF}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{9FEF4429-2533-4C31-8AB5-FBB1585CC41D}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{A040C1EC-0FB9-4412-9CD2-3434098464C5}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{A0C81183-369E-4919-AC2C-82AA199BCF7D}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{A2D353A1-7E51-4F51-875C-1EA0F13613DE}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{A2FDA827-159E-4898-9016-E6A1408AFA4C}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{A3086875-9814-4F33-8EC1-236AF2B094AE}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{A345F238-FDCA-4C02-9A52-88D2DA0505CB}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{A65E6B54-9310-434B-9A0A-26CE3B767B2A}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{A7BE3289-00DF-4484-9A84-2380F775A250}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{A986A8D2-8C53-43BD-BB7F-09537526B731}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{AF213750-53F5-4C27-8A1E-BAF5E2778914}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{B5779169-D1A5-4C31-BA23-B4A9123AE13D}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{B642DF27-9873-4482-A375-2B735EA9D70F}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{BA0C9FED-39A9-4AC8-A205-1C95FF5609C5}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{BA876620-B304-4EBC-9B28-B11DC4C2D703}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{BA9E8F27-38B9-4427-8160-93872581451F}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{BE6E1C0D-66D9-4C9E-8AA5-1A30BF5FDB8F}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{C3AEB925-43A5-40D4-ABAB-ADB1C94C7594}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{C4211C59-A835-48C6-96DA-2F9BB2663DFB}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{C5B9907E-F2B0-426F-A80C-169E15F37514}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{C7CC719C-2D94-4AE4-88D9-2E84AC2F934B}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{CA8566FC-AED6-4BA2-9469-943D7E84BFBA}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{CDBAD07D-AB10-4D36-A71B-456595780BCD}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{D4D01763-31D6-49D0-8FC8-9903D712EA34}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{D6A1D2E4-B865-4D69-B4E6-D803A9860973}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{DBC7E3C0-F354-401D-92E6-15B243B19887}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{DCDF58CB-0C51-4511-B596-A1080D2D4185}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{DD568614-BA5E-4E12-A84B-C59CF2C03B1F}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{DE11E9FA-552E-4879-B78D-509C2A1EC08B}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{DEEDEAF9-8B66-4AF5-AF42-1BFA525AC0A8}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{DFB01DC9-80B9-4EE5-AAC8-37E1BEDBF69A}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{E051A85D-66D4-4715-AFC6-7B7CC85D5D05}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{E669DA13-D1D7-4467-8C6E-03285C19EF68}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{E900B956-EAE5-4E8F-9FC7-2A7A38DE1A04}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{E95A0597-7764-4DA2-A260-121245F79BBA}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{EAE373F6-8DFB-4671-9E9A-041A58F96C65}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{EF25D2C6-40D8-47D4-A3C0-363D55768472}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{F0D17F3A-03DE-467E-9812-7A5D587DCC21}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{F0D51062-19A9-4E31-83FE-E0BCC7766AA0}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{F26DFEA9-156A-4CEB-B8EC-AA44320EACC8}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{F3385001-E86E-4DF6-81EC-DC40C0B41094}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{F3A2D1F1-C34E-4FAA-B303-DDE9DDF2FEDB}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{F7AF5272-E645-4906-AE3B-A2C820B821E7}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{FAF84326-4611-466D-B67A-0E297DF11DC0}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{FC13AC0B-BDBC-47F5-968F-FA6BEBDD1E5E}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{FEF9DA53-1155-4AD2-9665-0C49488BAE0F}
Successfully deleted: [Empty Folder] C:\Users\Lissi1\appdata\local\{FF9A8822-4474-4304-9014-9D112D469C43}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.08.2013 at 21:02:23,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

markusg 13.08.2013 20:15
Hitmanpro fehlt.

baby-lissa 13.08.2013 20:20
ich habe kein log bekommen von hitman

habe es als Screenshot auf eine Word doc gepackt und sende es dir als MAil

Code:
HitmanPro 3.7.7.203
www.hitmanpro.com

  Computer name . . . . : LISSI1-PC
  Windows . . . . . . . : 6.1.1.7601.X64/4
  User name . . . . . . : Lissi1-PC\Lissi1
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Trial (30 days left)

  Scan date . . . . . . : 2013-08-13 21:11:23
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 3m 32s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 9
  Traces  . . . . . . . : 119

  Objects scanned . . . : 1.968.380
  Files scanned . . . . : 38.216
  Remnants scanned  . . : 494.400 files / 1.435.764 keys

Malware _____________________________________________________________________

  C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTDT2QBV\JRT.exe -> Quarantined
      Size . . . . . . . : 1.158.722 bytes
      Age  . . . . . . . : 0.0 days (2013-08-13 20:58:26)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : BB6B57BA57C7FF4D3AA76AC5BECE1ECA885526015EA1FFE21F98262727E1D7EF
      Product  . . . . . : Junkware Removal Tool
      Publisher  . . . . : Thisisu
      Version  . . . . . : 1.0.0.1
      Source URL . . . . : hxxp://thisisudax.org/downloads/JRT.exe
    > Ikarus . . . . . . : Virus.Win32.PePatch!IK
      Fuzzy  . . . . . . : 114.0
      Forensic Cluster
        -23.7s C:\Users\Lissi1\AppData\Local\Microsoft\Internet Explorer\Recovery\Active\{470752FC-044A-11E3-BC7E-6C626D8C2B78}.dat
        -23.5s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WZMYHXGV\download-junkware_removal_tool[1].htm
        -23.4s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PX0PKE4O\css[1].css
        -23.3s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S850FDQ4\junkware_removal_tool[2].png
        -23.3s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PWV4IM6U\junkware_removal_tool2[1].jpg
        -23.3s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WZMYHXGV\aimp[1].png
        -23.3s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PX0PKE4O\junkware_removal_tool1[1].jpg
        -23.2s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S850FDQ4\junkware_removal_tool[3].png
        -23.2s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PWV4IM6U\junkware_removal_tool[1].jpg
        -22.9s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AO0IQ7C6\faviconCAE5F23M.ico
        -20.6s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WZMYHXGV\get-mirror-server[1].htm
        -20.0s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PX0PKE4O\ads[3].js
        -19.8s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\S850FDQ4\8275612509822117742[1].gif
        -19.7s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\PWV4IM6U\redir[1].htm
        -19.7s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\WZMYHXGV\iframe[1].htm
          0.0s C:\Users\Lissi1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TTDT2QBV\JRT.exe
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\APPID_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\APPID_files.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\APPPATHS.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\APPROVEDEXTENSIONS_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\ask.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\askCLSID.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\askregkey_x64.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\askregkey_x86.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\askregvalue_x64.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\askregvalue_x86.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\askservices.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\badAPPINIT.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\badFOLDERS.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\badFOLDERScom.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\badFOLDERSstart.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\badLNK.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\badvalues.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\BHO_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\BHO_name.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\browsermngr_keys.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\browsermngr_values.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\CHOICE.DAT
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\chrome.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\CHRregkey_x64.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\CHRregkey_x86.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\CHR_extensions.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\clean_shortcut.vbs
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\CLSID_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\currentmd5.txt
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\CUT.DAT
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\defaultscope.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\delfolders.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\delorphans.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\ELEVATIONPOLICY_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\erunt\
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\erunt\ERDNT.E_E
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\erunt\ERDNTDOS.LOC
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\erunt\ERDNTWIN.LOC
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\erunt\ERUNT.LOC
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\erunt\README.TXT
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\ev_clear.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\EXT.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFbrowsermngr.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFextensions.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFpluginREG.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFplugins.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFprefs.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFregkey_x64.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFregkey_x86.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFwhtlist.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFXML.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FFXPI.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\firefox.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FWCLSID.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\FWPolicy.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\get.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\IEwhtlst.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\iexplore.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\IFEO.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\INTERFACE_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\JRT.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\medfos.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\MENUEXT.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\merger.reg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\misc.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\modules.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\modules.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\moduleservices.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\NIRCMD.DAT
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\NOTIFY.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\PREAPPROVED_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\prelim.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\REGhcr.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\REGhkcu_and_hklm_allow.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\REGhkcu_and_hklm_software.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\REGhkcu_software_appdatalow.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\REGhkcu_software_microsoft.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\REGhklm_software_classes.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\runvalues.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\runvalues_x64.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\runvalues_x86.cfg
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\S1518COMPONENTS.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\searchlnk.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\SED.DAT
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\sednewline.txt
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\services.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\SETTINGS_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\SHORTCUT.DAT
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\STATS_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\TDL4.bat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\temp\
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\temp\
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\TRACING.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\TYPELIB_clsid.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\UpgradeCodes.dat
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\WGET.DAT
          0.7s C:\Users\Lissi1\AppData\Local\Temp\jrt\WOW6432NODE.dat
          5.6s C:\Users\Lissi1\AppData\Local\Temp\jrt\newmd5.txt


Potential Unwanted Programs _________________________________________________

  HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1\ (Babylon)
  HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager\ (Babylon)
  HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}\ (Babylon)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF\ (AskBar)
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E\ (AskBar)

Cookies _____________________________________________________________________

  C:\Users\Lissi1\AppData\Roaming\Microsoft\Windows\Cookies\2PW9DALU.txt
  C:\Users\Lissi1\AppData\Roaming\Microsoft\Windows\Cookies\DY0KIIN6.txt
sorry war unter temp gespeichert

markusg 13.08.2013 20:26
hast du kookies und unwanted programs auch gelöscht? bitte noch mal scannen lassen und schauen, dass alle Funde entfernt wurden.
Danach neues FRST Log

baby-lissa 13.08.2013 20:27
mit welchem programm löschen????
ich habe garnichts bisher gelöscht


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:21 Uhr.
Seite 4 von 5 « Erste 23 4 5
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131