Spyware: acengine

1 innlegg i emnet

Skrevet

Noen som kjenner til ACengine ??

Kom sannsynligvis inn etter en nedlasting av Chrome fra et eller annet spyware nettsted.
Det var ikke jeg som installerte, men jeg oppdaget det hele da jeg så 5-6 mistenkelige programmer plutselig lå på skrivebordet mitt etter innlogging. På google var dessuten de 7-10 første resultatene irrelevante annonser til mistenkelige steder.
Programmene ble fjernet, men annonsene forsvant ikke. Til og med uten Chrome extensions skjedde dette...

Problemet var acengine (service), jeg er mest redd for at passord kan være på avveie.
Mine passord er ihvertfall fortsatt i god behold, men jeg er litt usikker på hva den andre brukeren har foretatt seg før jeg oppdaget dette.

-----------------------------------------------------------------------------------------------

# AdwCleaner v5.000 - Logfile created 16/08/2015 at 00:41:30
# Updated 14/08/2015 by Xplode
# Database : 2015-08-15.1 [Server]
# Operating system : Windows 10 Pro  (x64)
# Username : europ - DESKTOP-2NSKIOL
# Running from : C:\Users\europ\Downloads\adwcleaner_5.000.exe
# Option : Cleaning

***** [ Services ] *****

[-] Service Deleted : acengine
[-] Service Deleted : {348295a7-7997-44ac-a9fb-2825d318432d}Gw64

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\FastSearch
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[-] Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\acengine

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\WINDOWS\Sysnative\acengineOff.ini
[-] File Deleted : C:\WINDOWS\Sysnative\acengine64.dll
[-] File Deleted : C:\WINDOWS\SysWOW64\acengineOff.ini
[-] File Deleted : C:\WINDOWS\SysWOW64\acengine.dll

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : LaunchPreSignup

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
[-] Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.ReadOnlyManager.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.ReadOnlyManager
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.LSPLogic.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.LSPLogic
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataTableHolder.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataTableHolder
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataTableFields.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataTableFields
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataTable.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataTable
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataController.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataController
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataContainer.1
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.DataContainer
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acengine
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.WFPController
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\acengineLib.WFPController.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{029AF757-A988-4BDD-A744-A4C7BCEBB011}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[-] Key Deleted : HKLM\SOFTWARE\FastSearch

***** [ Web browsers ] *****

[-] [C:\Users\oddg0\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : conduit.search
[-] [C:\Users\oddg0\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxps://mail.google.com/mail/u/0/?shva=1#inbox","hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP00D57931-0430-4014-8445-15241CA72FC6&SSPV=

*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[C1].txt - [3283 octets] - [16/08/2015 00:41:30]
C:\AdwCleaner[S1].txt - [3106 octets] - [16/08/2015 00:38:35]
C:\AdwCleaner[S2].txt - [3169 octets] - [16/08/2015 00:40:38]

########## EOF - C:\AdwCleaner[C1].txt - [3472 octets] ##########

0

Del dette innlegget


Lenke til innlegg
Del på andre sider

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!


Start en konto

Logg inn

Har du allerede en konto? Logg inn her.


Logg inn nå

  • Hvem er aktive   0 medlemmer

    Ingen innloggede medlemmer aktive