ADW_SUITSEAR
WebToolbar.Win64.SearchSuite.e (Kaspersky)
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
Malware-Typ:
Adware
Zerstrerisch?:
Nein
Verschlsselt?:
In the wild::
Ja
Überblick
Löscht Dateien, so dass Programme und Anwendungen nicht ordnungsgemäß ausgeführt werden.
Technische Details
Installation
Erstellt die folgenden Ordner:
- %System Root%\DOCUME~1
- %System Root%\DOCUME~1\Wilbert
- %User Profile%\LOCALS~1
- %User Temp%\nsk7.tmp
- %User Temp%\nsk7
- %User Profile%\Application Data\systemk
- %User Temp%\nsk7\nsa17.tmp
- %Program Files%\Settings Manager
- %Program Files%\Settings Manager\systemk
- %Program Files%\Settings Manager\systemk\x64
- %User Temp%\nss80.tmp
- %User Temp%\nss80
- %Program Files%\Linkey
- %User Temp%\nss80\nsu8E.tmp
- %System Root%\Documents and Settings\Wilbert
- %Application Data%\Linkey
- %Application Data%\Linkey\IEExtension
- %User Temp%\nstA9.tmp
- %User Temp%\nstA9
- %Program Files%\LinkeyDeals
(Hinweis: %System Root% ist der Stammordner, normalerweise C:\. Dort befindet sich auch das Betriebssystem.. %User Profile% ist der Ordner für Benutzerprofile des aktuellen Benutzers, normalerweise C:\Windows\Profile\{Benutzername} unter Windows 98 und ME, C:\WINNT\Profile\{Benutzername} unter Windows NT und C:\Dokumente und Einstellungen\{Benutzername} unter Windows 2000, XP und Server 2003.. %User Temp% ist der Ordner 'Temp' des aktuellen Benutzers, normalerweise C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Temp unter Windows 2000, XP und Server 2003.. %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.. %Application Data% ist der Ordner 'Anwendungsdaten' für den aktuellen Benutzer, normalerweise C:\Windows\Profile\{Benutzername}\Anwendungsdaten unter Windows 98 und ME, C:\WINNT\Profile\{Benutzername}\Anwendungsdaten unter Windows NT und C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Anwendungsdaten unter Windows 2000, XP und Server 2003.)
Autostart-Technik
Fügt folgende Registrierungseinträge hinzu, um bei jedem Systemstart automatisch ausgeführt zu werden.
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Run
Linkey Deals = "%Program Files%\LinkeyDeals\msilnk.exe "
Registriert sich als BHO, damit die Ausführung bei jedem Aufruf von Internet Explorer automatisch gewährleistet ist. Dazu werden die folgenden Registrierungsschlüssel hinzugefügt:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Ändert die folgenden Registrierungseinträge, um bei jedem Systemstart automatisch ausgeführt zu werden:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Winlogon
AutoRestartShell = "1"
(Note: The default value data of the said registry entry is 1.)
Andere Systemänderungen
Löscht die folgenden Dateien:
- %User Temp%\nsa1.tmp
- %User Temp%\nsk7.tmp
- %User Temp%\nsi7E.tmp
- %User Temp%\nss80.tmp
- %User Temp%\nsyA5.tmp
- %User Temp%\nstA9.tmp
- %User Profile%\systemk\coordinator.cfg.bak
- %User Profile%\systemk\S-1-5-21-1645522239-1292428093-682003330-1003.cfg.bak
(Hinweis: %User Temp% ist der Ordner 'Temp' des aktuellen Benutzers, normalerweise C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Temp unter Windows 2000, XP und Server 2003.. %User Profile% ist der Ordner für Benutzerprofile des aktuellen Benutzers, normalerweise C:\Windows\Profile\{Benutzername} unter Windows 98 und ME, C:\WINNT\Profile\{Benutzername} unter Windows NT und C:\Dokumente und Einstellungen\{Benutzername} unter Windows 2000, XP und Server 2003.)
Fügt die folgenden Registrierungsschlüssel hinzu:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
bprotect.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
browserprotect.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
browserdefender.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
bitguard.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
snapdo.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
browsersafeguard.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
bpsvc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
protectedsearch.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
stinst32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
stinst64.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchprotection.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
utiljumpflip.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
dprotectsvc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchprotector.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchsettings.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchsettings64.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
jumpflip
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
volaro
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
vonteera
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchinstaller.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
websteroids.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
websteroidsservice.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
umbrella.exe
HKEY_LOCAL_MACHINE\Software\SystemK\
General
HKEY_CURRENT_USER\Software\SystemK\
General
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Search
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Control\Session Manager\AppCertDlls
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Approved Extensions
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
HKEY_CURRENT_USER\SOFTWARE\Linkey
HKEY_LOCAL_MACHINE\SOFTWARE\Linkey
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
HKEY_LOCAL_MACHINE\SOFTWARE\LinkeyDeals
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\iedll.dll
HKEY_CLASSES_ROOT\Linkey.Linkey
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Linkey.Linkey\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\Implemented Categories
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\Implemented Categories\
{59FB2056-D625-48D0-A944-1A85B5AB2640}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}\1.0\
FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}\1.0\
0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}\1.0\
0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}\1.0\
HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}\TypeLib
HKEY_CLASSES_ROOT\SettingsManagerIEHelper.DNSGuard.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SettingsManagerIEHelper.DNSGuard.1\CLSID
HKEY_CLASSES_ROOT\SettingsManagerIEHelper.DNSGuard
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SettingsManagerIEHelper.DNSGuard\CLSID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
SettingsManagerIEHelper.DNSGuard\CurVer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}\ProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}\VersionIndependentProgID
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}\Programmable
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}\InprocServer32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}\1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}\1.0\
FLAGS
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}\1.0\
0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}\1.0\
0\win32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}\1.0\
HELPDIR
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}\ProxyStubClsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}\ProxyStubClsid32
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}\TypeLib
HKEY_CURRENT_USER\SOFTWARE\Microsoft\
Windows\CurrentVersion\App Paths\
chrome.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\App Paths\
chrome.exe
Fügt die folgenden Registrierungseinträge hinzu:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
bprotect.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
browserprotect.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
browserdefender.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
bitguard.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
snapdo.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
browsersafeguard.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
bpsvc.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
protectedsearch.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
stinst32.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
stinst64.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchprotection.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
utiljumpflip.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
dprotectsvc.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchprotector.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchsettings.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchsettings64.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
jumpflip
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
volaro
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
vonteera
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
searchinstaller.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
websteroids.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
websteroidsservice.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
umbrella.exe
debugger = "tasklist.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
use_secondary_url = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
iver = "5.0.0.13001"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
pver = "5.0.0.13001"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK
Version = "5.0.0.13001"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
appid = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
home = "%Program Files%\Settings Manager"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
ln = "en"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
sysid = "427"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
clid = "{3CA2CF07-8A58-4472-ACB9-B3DA14A19DB0}"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
osver = "5.1"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
ostype = "win32"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
osl = "en-US"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
itime = "2014-07-04"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
ptype = "n"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
kisid = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
kapid = "0"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
uid = "3202250780584472"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
uc = "398"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
kbn = "13001"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
guid = "{EB25CAE0-E5F3-E993-3950-E055FE755242}"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
os_user_type = "Admin"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
ie_search_set = "1"
HKEY_CURRENT_USER\Software\SystemK\
General
ie_search_set = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK
browser = " ie ff cr"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
ie_ds_supported = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
ie_hp_supported = "1"
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Search Bar = "http://www.{BLOCKED}t-search.net?sid=427&aid=0&itype=n&ver=13001&tm=398&src=ds&p="
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Search
SearchAssistant = "{random characters}"
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Use Search Asst = "no"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\
Control\Session Manager\AppCertDlls
x86 = "%Program Files%\Settings Manager\systemk\sysapcrt.dll"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Main
FrameAuto = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Toolbar
10 = "10"
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Approved Extensions
{54739D49-AC03-4C57-9264-C5195596B3A1} = "{random values}"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Flags = "4"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
aw = "No"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
sitime = "1404466048"
HKEY_CURRENT_USER\Software\Linkey
instdir = "%Application Data%\Linkey"
HKEY_CURRENT_USER\Software\Linkey
extraUninstaller = "%Program Files%\Settings Manager\systemk\Uninstall.exe /browser=all"
HKEY_CURRENT_USER\Software\Linkey
browsers = "chrome,ff,ie"
HKEY_CURRENT_USER\Software\Linkey
norestart = "Yes"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Windows
LoadAppInit_DLLs = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Linkey
ie_jsurl = "http://app.{BLOCKED}project.com/popup/IE/background.js"
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Approved Extensions
{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} = "{random values}"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Ext\
Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Flags = "4"
HKEY_CURRENT_USER\Software\Linkey
iver = "0.0.0.469"
HKEY_CURRENT_USER\Software\Linkey
pver = "0.0.0.469"
HKEY_CURRENT_USER\Software\Linkey
appid = "0"
HKEY_CURRENT_USER\Software\Linkey
home = "%Application Data%\Linkey"
HKEY_CURRENT_USER\Software\Linkey
ln = "en"
HKEY_CURRENT_USER\Software\Linkey
sysid = "300"
HKEY_CURRENT_USER\Software\Linkey
clid = "{F3D13913-EDE2-4D57-91C6-8BE508FACF58}"
HKEY_CURRENT_USER\Software\Linkey
itime = "1404466033"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
NoModify = "1"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
NoRepair = "1"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
DisplayName = "Linkey"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
InstallLocation = "%Application Data%\Linkey"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
DisplayVersion = "0.0.0.469"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
UninstallString = "%Application Data%\Linkey\uninstall.exe "
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
DisplayIcon = "%Application Data%\Linkey\uninstall.exe"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
Publisher = "Aztec Media Inc"
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Uninstall\
Linkey
Traffic_type = "n"
HKEY_LOCAL_MACHINE\SOFTWARE\LinkeyDeals
browser = "ie,ff,chrome,"
HKEY_LOCAL_MACHINE\SOFTWARE\LinkeyDeals
company = "Linkey Deals"
HKEY_LOCAL_MACHINE\SOFTWARE\LinkeyDeals
distributed = "Linkey Deals"
HKEY_LOCAL_MACHINE\SOFTWARE\LinkeyDeals
UninstallString = "%Program Files%\LinkeyDeals\LinkeyDealsUninst.exe /browser=all"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
AppID\iedll.dll
AppID = "{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\InprocServer32
ThreadingModel = "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\
Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
NoExplorer = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}\TypeLib
Version = "1.0"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}\InprocServer32
ThreadingModel = "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}\InprocServer32
ThreadingModel = "Apartment"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}\TypeLib
Version = "1.0"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
srn0 = "SystemkService"
HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\
General
srn1 = "F06DEFF2-5B9C-490D-910F-35D3A9119622"
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\
Control\Session Manager\AppCertDlls
x64 = "%Program Files%\settings manager\systemk\x64\sysapcrt.dll"
Ändert die folgenden Registrierungseinträge:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Internet Explorer\Search
SearchAssistant = "{random characters}"
(Note: The default value data of the said registry entry is http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm.)
HKEY_CURRENT_USER\Software\Microsoft\
Internet Explorer\Main
Start Page = "http://www.{BLOCKED}t-search.net?sid=427&aid=0&itype=n&ver=13001&tm=398&src=hmp"
(Note: The default value data of the said registry entry is http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome.)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Windows
AppInit_DLLs = "%Application Data%\Linkey\IEEXTE~1\iedll.dll "
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Tracing\
Microsoft\Imapi
LogSessionName = "stdout"
(Note: The default value data of the said registry entry is {random values}.)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Tracing\
Microsoft\Imapi
Active = "1"
(Note: The default value data of the said registry entry is 1.)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Tracing\
Microsoft\Imapi
ControlFlags = "1"
(Note: The default value data of the said registry entry is 1.)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Tracing\
Microsoft\Imapi\ImapiSvc
Guid = "8107d8e9-e323-49f5-bba2-abc35c243dca"
(Note: The default value data of the said registry entry is 8107d8e9-e323-49f5-bba2-abc35c243dca.)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Tracing\
Microsoft\Imapi\ImapiSvc
BitNames = "{random characters}"
(Note: The default value data of the said registry entry is ImapiDebugError ImapiDebugWarning ImapiDebugTrace ImapiDebugInfo ImapiDebugX ImapiDebugSort.)
Löscht die folgenden Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\SystemK
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
SystemkService.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Image File Execution Options\
systemku.exe
Einschleusungsroutine
Schleust die folgenden Dateien ein:
- %User Temp%\nsf3.tmp
- %User Temp%\nsk7.tmp\System.dll
- %User Temp%\nsk7.tmp\UserInfo.dll
- %User Temp%\nsk7\Helper.dll
- %User Temp%\nsk7\Starter.exe
- %User Temp%\nsk7.tmp\registry.dll
- %User Temp%\nsk7\nsa17.tmp\pack.exe
- %User Temp%\nsk7\nsa17.tmp\mediabar.exe
- %User Temp%\nsk7\tbicon.exe
- %User Temp%\nsk7.tmp\nsExec.dll
- %Program Files%\Settings Manager\systemk\Uninstall.exe
- %Program Files%\Settings Manager\systemk\favicon.ico
- %Program Files%\Settings Manager\systemk\systemkmgrc2.cfg
- %Program Files%\Settings Manager\systemk\x64\systemkmgrc2.cfg
- %Program Files%\Settings Manager\systemk\Internet Explorer Settings Update.exe
- %Program Files%\Settings Manager\systemk\x64\Internet Explorer Settings Update.exe
- %Program Files%\Settings Manager\systemk\Internet Explorer Settings.exe
- %Program Files%\Settings Manager\systemk\x64\Internet Explorer Settings.exe
- %Program Files%\Settings Manager\systemk\SystemkService.exe
- %Program Files%\Settings Manager\systemk\systemku.exe
- %Program Files%\Settings Manager\systemk\sysapcrt.dll
- %Program Files%\Settings Manager\systemk\x64\sysapcrt.dll
- %Program Files%\Settings Manager\systemk\syskldr.dll
- %Program Files%\Settings Manager\systemk\x64\syskldr.dll
- %Program Files%\Settings Manager\systemk\syskldr_u.dll
- %Program Files%\Settings Manager\systemk\x64\syskldr_u.dll
- %Program Files%\Settings Manager\systemk\systemk.dll
- %Program Files%\Settings Manager\systemk\x64\systemk.dll
- %Program Files%\Settings Manager\systemk\systemkbho.dll
- %Program Files%\Settings Manager\systemk\x64\systemkbho.dll
- %User Temp%\nsk7\nsa17.tmp\SettingsManagerMediaBar.exe
- %User Temp%\nss80.tmp\System.dll
- %User Temp%\nss80\Helper.dll
- %User Temp%\nss80\Uninstall.exe
- %User Temp%\nss80.tmp\registry.dll
- %Program Files%\Linkey\log.log
- %User Temp%\nss80.tmp\nsArray.dll
- %User Temp%\nss80\nsu8E.tmp\pack.exe
- %User Temp%\nss80.tmp\nsExec.dll
- %User Temp%\nss80.tmp\MoreInfo.dll
- %User Temp%\nss80\config.xml
- %User Temp%\nss80.tmp\nsisXML.dll
- %Application Data%\Linkey\LinkeyDeals.exe
- %Application Data%\Linkey\IEExtension\iedll.dll
- %Application Data%\Linkey\IEExtension\iedll64.dll
- %User Temp%\nsnA7.tmp
- %User Temp%\nstA9\insthlp.dll
- %User Temp%\nstA9.tmp\System.dll
- %Program Files%\LinkeyDeals\msilnk.dll
- %Program Files%\LinkeyDeals\msilnk64.dll
- %Program Files%\LinkeyDeals\msilnk64.exe
- %Program Files%\LinkeyDeals\msilnk.exe
- %Program Files%\LinkeyDeals\insthlp.dll
- %Program Files%\LinkeyDeals\LinkeyDealsUninst.exe
- %User Profile%\systemk\general.cfg
- %User Profile%\systemk\S-1-5-21-1645522239-1292428093-682003330-1003.cfg
- %User Profile%\systemk\coordinator.cfg
- %Temp%\hvjmq55z.TMP
(Hinweis: %User Temp% ist der Ordner 'Temp' des aktuellen Benutzers, normalerweise C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Temp unter Windows 2000, XP und Server 2003.. %Program Files%ist der Standardordner 'Programme', normalerweise C:\Programme.. %Application Data% ist der Ordner 'Anwendungsdaten' für den aktuellen Benutzer, normalerweise C:\Windows\Profile\{Benutzername}\Anwendungsdaten unter Windows 98 und ME, C:\WINNT\Profile\{Benutzername}\Anwendungsdaten unter Windows NT und C:\Dokumente und Einstellungen\{Benutzername}\Lokale Einstellungen\Anwendungsdaten unter Windows 2000, XP und Server 2003.. %User Profile% ist der Ordner für Benutzerprofile des aktuellen Benutzers, normalerweise C:\Windows\Profile\{Benutzername} unter Windows 98 und ME, C:\WINNT\Profile\{Benutzername} unter Windows NT und C:\Dokumente und Einstellungen\{Benutzername} unter Windows 2000, XP und Server 2003.. %Temp% ist der Windows Ordner für temporäre Dateien, normalerweise C:\Windows\Temp oder C:\WINNT\Temp.)
Lösungen
Step 1
Für Windows ME und XP Benutzer: Stellen Sie vor einer Suche sicher, dass die Systemwiederherstellung deaktiviert ist, damit der gesamte Computer durchsucht werden kann.
Step 2
Dateien, die als ADW_SUITSEAR entdeckt wurden, über die Startdiskette oder die Wiederherstellungskonsole erkennen und löschen
Step 3
Schließen Sie alle geöffneten Browser-Fenster
Step 4
Diesen Registrierungsschlüssel löschen
Wichtig: Eine nicht ordnungsgemäße Bearbeitung der Windows Registrierung kann zu einer dauerhaften Fehlfunktion des Systems führen. Führen Sie diesen Schritt nur durch, wenn Sie mit der Vorgehensweise vertraut sind oder wenn Sie Ihren Systemadministrator um Unterstützung bitten können. Lesen Sie ansonsten zuerst diesen Microsoft Artikel, bevor Sie die Registrierung Ihres Computers ändern.
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- bprotect.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- browserprotect.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- browserdefender.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- bitguard.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- snapdo.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- browsersafeguard.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- bpsvc.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- protectedsearch.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- stinst32.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- stinst64.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- searchprotection.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- utiljumpflip.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- dprotectsvc.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- searchprotector.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- searchsettings.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- searchsettings64.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- jumpflip
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- volaro
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- vonteera
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- searchinstaller.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- websteroids.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- websteroidsservice.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
- umbrella.exe
- In HKEY_LOCAL_MACHINE\Software\SystemK
- General
- In HKEY_CURRENT_USER\Software\SystemK
- General
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
- Search
- In HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
- AppCertDlls
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer
- Approved Extensions
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings
- {54739D49-AC03-4C57-9264-C5195596B3A1}
- In HKEY_CURRENT_USER\SOFTWARE
- Linkey
- In HKEY_LOCAL_MACHINE\SOFTWARE
- Linkey
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings
- {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall
- Linkey
- In HKEY_LOCAL_MACHINE\SOFTWARE
- LinkeyDeals
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID
- {6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID
- iedll.dll
- In HKEY_CLASSES_ROOT
- Linkey.Linkey
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Linkey.Linkey
- CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
- {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
- ProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
- VersionIndependentProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
- Programmable
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
- InprocServer32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
- Implemented Categories
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\Implemented Categories
- {59FB2056-D625-48D0-A944-1A85B5AB2640}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
- {726E90BE-DC22-4965-B215-E0784DC26F47}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
- 1.0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}\1.0
- FLAGS
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}\1.0
- 0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}\1.0\0
- win32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}\1.0
- HELPDIR
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
- {4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
- ProxyStubClsid
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
- ProxyStubClsid32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
- TypeLib
- In HKEY_CLASSES_ROOT
- SettingsManagerIEHelper.DNSGuard.1
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1
- CLSID
- In HKEY_CLASSES_ROOT
- SettingsManagerIEHelper.DNSGuard
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
- CLSID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
- CurVer
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
- {54739D49-AC03-4C57-9264-C5195596B3A1}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
- ProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
- VersionIndependentProgID
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
- Programmable
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
- InprocServer32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
- {E1842850-FB16-4471-B327-7343FBAED55C}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
- Programmable
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
- InprocServer32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
- {93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}
- 1.0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}\1.0
- FLAGS
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}\1.0
- 0
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}\1.0\0
- win32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}\1.0
- HELPDIR
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
- {AA760BA8-5862-4BC5-9263-4452CBC0B264}
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
- ProxyStubClsid
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
- ProxyStubClsid32
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
- TypeLib
- In HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths
- chrome.exe
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths
- chrome.exe
Step 5
Diesen Registrierungswert löschen
Wichtig: Eine nicht ordnungsgemäße Bearbeitung der Windows Registrierung kann zu einer dauerhaften Fehlfunktion des Systems führen. Führen Sie diesen Schritt nur durch, wenn Sie mit der Vorgehensweise vertraut sind oder wenn Sie Ihren Systemadministrator um Unterstützung bitten können. Lesen Sie ansonsten zuerst diesen Microsoft Artikel, bevor Sie die Registrierung Ihres Computers ändern.
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
- Linkey Deals = "%Program Files%\LinkeyDeals\msilnk.exe "
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
- debugger = "tasklist.exe"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- use_secondary_url = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- iver = "5.0.0.13001"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- pver = "5.0.0.13001"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK
- Version = "5.0.0.13001"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- appid = "0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- home = "%Program Files%\Settings Manager"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- ln = "en"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- sysid = "427"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- clid = "{3CA2CF07-8A58-4472-ACB9-B3DA14A19DB0}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- osver = "5.1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- ostype = "win32"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- osl = "en-US"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- itime = "2014-07-04"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- ptype = "n"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- kisid = "0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- kapid = "0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- uid = "3202250780584472"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- uc = "398"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- kbn = "13001"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- guid = "{EB25CAE0-E5F3-E993-3950-E055FE755242}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- os_user_type = "Admin"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- ie_search_set = "1"
- In HKEY_CURRENT_USER\Software\SystemK\General
- ie_search_set = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK
- browser = " ie ff cr"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- ie_ds_supported = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- ie_hp_supported = "1"
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- Search Bar = "http://www.{BLOCKED}t-search.net?sid=427&aid=0&itype=n&ver=13001&tm=398&src=ds&p="
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search
- SearchAssistant = "{random characters}"
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- Use Search Asst = "no"
- In HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls
- x86 = "%Program Files%\Settings Manager\systemk\sysapcrt.dll"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
- FrameAuto = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar
- 10 = "10"
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Approved Extensions
- {54739D49-AC03-4C57-9264-C5195596B3A1} = "{random values}"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
- Flags = "4"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- aw = "No"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- sitime = "1404466048"
- In HKEY_CURRENT_USER\Software\Linkey
- instdir = "%Application Data%\Linkey"
- In HKEY_CURRENT_USER\Software\Linkey
- extraUninstaller = "%Program Files%\Settings Manager\systemk\Uninstall.exe /browser=all"
- In HKEY_CURRENT_USER\Software\Linkey
- browsers = "chrome,ff,ie"
- In HKEY_CURRENT_USER\Software\Linkey
- norestart = "Yes"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
- LoadAppInit_DLLs = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Linkey
- ie_jsurl = "http://app.{BLOCKED}project.com/popup/IE/background.js"
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Approved Extensions
- {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} = "{random values}"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
- Flags = "4"
- In HKEY_CURRENT_USER\Software\Linkey
- iver = "0.0.0.469"
- In HKEY_CURRENT_USER\Software\Linkey
- pver = "0.0.0.469"
- In HKEY_CURRENT_USER\Software\Linkey
- appid = "0"
- In HKEY_CURRENT_USER\Software\Linkey
- home = "%Application Data%\Linkey"
- In HKEY_CURRENT_USER\Software\Linkey
- ln = "en"
- In HKEY_CURRENT_USER\Software\Linkey
- sysid = "300"
- In HKEY_CURRENT_USER\Software\Linkey
- clid = "{F3D13913-EDE2-4D57-91C6-8BE508FACF58}"
- In HKEY_CURRENT_USER\Software\Linkey
- itime = "1404466033"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
- NoModify = "1"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
- NoRepair = "1"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
- DisplayName = "Linkey"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
- InstallLocation = "%Application Data%\Linkey"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
- DisplayVersion = "0.0.0.469"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
- UninstallString = "%Application Data%\Linkey\uninstall.exe "
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
- DisplayIcon = "%Application Data%\Linkey\uninstall.exe"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
- Publisher = "Aztec Media Inc"
- In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
- Traffic_type = "n"
- In HKEY_LOCAL_MACHINE\SOFTWARE\LinkeyDeals
- browser = "ie,ff,chrome,"
- In HKEY_LOCAL_MACHINE\SOFTWARE\LinkeyDeals
- company = "Linkey Deals"
- In HKEY_LOCAL_MACHINE\SOFTWARE\LinkeyDeals
- distributed = "Linkey Deals"
- In HKEY_LOCAL_MACHINE\SOFTWARE\LinkeyDeals
- UninstallString = "%Program Files%\LinkeyDeals\LinkeyDealsUninst.exe /browser=all"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\iedll.dll
- AppID = "{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\InprocServer32
- ThreadingModel = "Apartment"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
- NoExplorer = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}\TypeLib
- Version = "1.0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}\InprocServer32
- ThreadingModel = "Apartment"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}\InprocServer32
- ThreadingModel = "Apartment"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}\TypeLib
- Version = "1.0"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- srn0 = "SystemkService"
- In HKEY_LOCAL_MACHINE\SOFTWARE\SystemK\General
- srn1 = "F06DEFF2-5B9C-490D-910F-35D3A9119622"
- In HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls
- x64 = "%Program Files%\settings manager\systemk\x64\sysapcrt.dll"
Step 6
Diesen geänderten Registrierungswert wiederherstellen
Wichtig: Eine nicht ordnungsgemäße Bearbeitung der Windows Registrierung kann zu einer dauerhaften Fehlfunktion des Systems führen. Führen Sie diesen Schritt nur durch, wenn Sie mit der Vorgehensweise vertraut sind oder wenn Sie Ihren Systemadministrator um Unterstützung bitten können. Lesen Sie ansonsten zuerst diesen Microsoft Artikel, bevor Sie die Registrierung Ihres Computers ändern.
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search
- From: SearchAssistant = "{random characters}"
To: SearchAssistant = ""http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm""
- From: SearchAssistant = "{random characters}"
- In HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
- From: Start Page = "http://www.{BLOCKED}t-search.net?sid=427&aid=0&itype=n&ver=13001&tm=398&src=hmp"
To: Start Page = ""http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome""
- From: Start Page = "http://www.{BLOCKED}t-search.net?sid=427&aid=0&itype=n&ver=13001&tm=398&src=hmp"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
- AppInit_DLLs = "%Application Data%\Linkey\IEEXTE~1\iedll.dll "
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\Imapi
- From: LogSessionName = "stdout"
To: LogSessionName = ""{random values}""
- From: LogSessionName = "stdout"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\Imapi
- From: Active = "1"
To: Active = ""1""
- From: Active = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\Imapi
- From: ControlFlags = "1"
To: ControlFlags = ""1""
- From: ControlFlags = "1"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\Imapi\ImapiSvc
- From: Guid = "8107d8e9-e323-49f5-bba2-abc35c243dca"
To: Guid = ""8107d8e9-e323-49f5-bba2-abc35c243dca""
- From: Guid = "8107d8e9-e323-49f5-bba2-abc35c243dca"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Tracing\Microsoft\Imapi\ImapiSvc
- From: BitNames = "{random characters}"
To: BitNames = "" ImapiDebugError ImapiDebugWarning ImapiDebugTrace ImapiDebugInfo ImapiDebugX ImapiDebugSort""
- From: BitNames = "{random characters}"
- In HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
- From: AutoRestartShell = "1"
To: AutoRestartShell = ""1""
- From: AutoRestartShell = "1"
Step 7
Diese Dateien suchen und löschen
- %User Temp%\nsf3.tmp
- %User Temp%\nsk7.tmp\System.dll
- %User Temp%\nsk7.tmp\UserInfo.dll
- %User Temp%\nsk7\Helper.dll
- %User Temp%\nsk7\Starter.exe
- %User Temp%\nsk7.tmp\registry.dll
- %User Temp%\nsk7\nsa17.tmp\pack.exe
- %User Temp%\nsk7\nsa17.tmp\mediabar.exe
- %User Temp%\nsk7\tbicon.exe
- %User Temp%\nsk7.tmp\nsExec.dll
- %Program Files%\Settings Manager\systemk\Uninstall.exe
- %Program Files%\Settings Manager\systemk\favicon.ico
- %Program Files%\Settings Manager\systemk\systemkmgrc2.cfg
- %Program Files%\Settings Manager\systemk\x64\systemkmgrc2.cfg
- %Program Files%\Settings Manager\systemk\Internet Explorer Settings Update.exe
- %Program Files%\Settings Manager\systemk\x64\Internet Explorer Settings Update.exe
- %Program Files%\Settings Manager\systemk\Internet Explorer Settings.exe
- %Program Files%\Settings Manager\systemk\x64\Internet Explorer Settings.exe
- %Program Files%\Settings Manager\systemk\SystemkService.exe
- %Program Files%\Settings Manager\systemk\systemku.exe
- %Program Files%\Settings Manager\systemk\sysapcrt.dll
- %Program Files%\Settings Manager\systemk\x64\sysapcrt.dll
- %Program Files%\Settings Manager\systemk\syskldr.dll
- %Program Files%\Settings Manager\systemk\x64\syskldr.dll
- %Program Files%\Settings Manager\systemk\syskldr_u.dll
- %Program Files%\Settings Manager\systemk\x64\syskldr_u.dll
- %Program Files%\Settings Manager\systemk\systemk.dll
- %Program Files%\Settings Manager\systemk\x64\systemk.dll
- %Program Files%\Settings Manager\systemk\systemkbho.dll
- %Program Files%\Settings Manager\systemk\x64\systemkbho.dll
- %User Temp%\nsk7\nsa17.tmp\SettingsManagerMediaBar.exe
- %User Temp%\nss80.tmp\System.dll
- %User Temp%\nss80\Helper.dll
- %User Temp%\nss80\Uninstall.exe
- %User Temp%\nss80.tmp\registry.dll
- %Program Files%\Linkey\log.log
- %User Temp%\nss80.tmp\nsArray.dll
- %User Temp%\nss80\nsu8E.tmp\pack.exe
- %User Temp%\nss80.tmp\nsExec.dll
- %User Temp%\nss80.tmp\MoreInfo.dll
- %User Temp%\nss80\config.xml
- %User Temp%\nss80.tmp\nsisXML.dll
- %Application Data%\Linkey\LinkeyDeals.exe
- %Application Data%\Linkey\IEExtension\iedll.dll
- %Application Data%\Linkey\IEExtension\iedll64.dll
- %User Temp%\nsnA7.tmp
- %User Temp%\nstA9\insthlp.dll
- %User Temp%\nstA9.tmp\System.dll
- %Program Files%\LinkeyDeals\msilnk.dll
- %Program Files%\LinkeyDeals\msilnk64.dll
- %Program Files%\LinkeyDeals\msilnk64.exe
- %Program Files%\LinkeyDeals\msilnk.exe
- %Program Files%\LinkeyDeals\insthlp.dll
- %Program Files%\LinkeyDeals\LinkeyDealsUninst.exe
- %User Profile%\systemk\general.cfg
- %User Profile%\systemk\S-1-5-21-1645522239-1292428093-682003330-1003.cfg
- %User Profile%\systemk\coordinator.cfg
- %Temp%\hvjmq55z.TMP
Step 8
Diese Ordner suchen und löschen
- %System Root%\DOCUME~1
- %System Root%\DOCUME~1\Wilbert
- %User Profile%\LOCALS~1
- %User Temp%\nsk7.tmp
- %User Temp%\nsk7
- %User Profile%\Application Data\systemk
- %User Temp%\nsk7\nsa17.tmp
- %Program Files%\Settings Manager
- %Program Files%\Settings Manager\systemk
- %Program Files%\Settings Manager\systemk\x64
- %User Temp%\nss80.tmp
- %User Temp%\nss80
- %Program Files%\Linkey
- %User Temp%\nss80\nsu8E.tmp
- %System Root%\Documents and Settings\Wilbert
- %Application Data%\Linkey
- %Application Data%\Linkey\IEExtension
- %User Temp%\nstA9.tmp
- %User Temp%\nstA9
- %Program Files%\LinkeyDeals
Step 9
Durchsuchen Sie Ihren Computer mit Ihrem Trend Micro Produkt, und löschen Sie Dateien, die als ADW_SUITSEAR entdeckt werden. Falls die entdeckten Dateien bereits von Ihrem Trend Micro Produkt gesäubert, gelöscht oder in Quarantäne verschoben wurden, sind keine weiteren Schritte erforderlich. Dateien in Quarantäne können einfach gelöscht werden. Auf dieser Knowledge-Base-Seite finden Sie weitere Informationen.
Nehmen Sie an unserer Umfrage teil