| |
| |||||||
Log-Analyse und Auswertung: Kein Internet-Zugriff nach Adware-Säuberung!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
24.07.2014, 21:34
| #1 |
| |  Kein Internet-Zugriff nach Adware-Säuberung! Gut, dann nochmal im passenden Unterforum... Hallo zusammen, ich habe seit heute ein großes Problem auf meinem Notebook. Beim Installieren von Freeware sind mir wohl einige unerwünschte Programme, hauptsächlich Adware, untergekommen (RocketTab, Omiga-Plus, Vi-View...) Außer, dass ich bei jeder Google-Suche nervige Werbungen hatte, hatte ich kinerlei Probleme. Dennoch habe ich mich dazu entschlossen, heute mal aufzuräumen. Zuerst habe ich es manuell versucht, über Systemsteuereung -> Programme deinstallieren. Einiges auch noch per Hand im Explorer gesucht und gelöscht. Daraufhin hatte ich im Firefox Probleme, viele Websites zu öffnen, es kam immer die Meldung, dass dem Sicherheitszertifikat nicht getraut wird. Also die Sache richtig angegangen, mit Sophos, und dann auch Anti-Malwarebytes drüber gegangen. Besonders letzteres hat viele Dinge entfernt... Nach dem Neustart dann das Problem: Ich kann, trotz bestehender Internetverbindung, kann ich nicht mehr aufs Internet zugreifen. Egal, ob Firefox oder IE. Firefox sagt: "Die verbindung zum Server wurde zurückgesetzt, während die Seite geladen wurde." Keine Chance...an der FIrewall liegts wohl nich, da hab ich nix geändert, und Firefox steht auch drin, dass es natürlich aufs Internet zugreifen darf... Pingtest zeigt: Keine Probleme, kann eigentlich aufs INet zugreifen...kanns irgendwie an der rausgeschmissenen Adware liegen? Ich bin überfragt :/ Code:
ATTFilter ****************** Sophos Anti-Virus Protokoll - 24.07.2014 20:16:58 **************
...
20140724 135131 Scan 'Computer scannen' gestartet.
20140724 135305 Datei "C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe" gehört zu Adware/PUA 'Generic PUA ML' (Typ Andere).
20140724 135305 Datei "C:\Windows\System32\Tasks\BrowserSafeguard Update Task" gehört zu Adware/PUA 'Generic PUA ML' (Typ Andere).
20140724 140236 Datei "C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe" gehört zu Adware/PUA 'Generic PUA ML' (Typ Andere).
20140724 140236 Datei "C:\Windows\System32\Tasks\BrowserSafeguard Update Task" gehört zu Adware/PUA 'Generic PUA ML' (Typ Andere).
20140724 140238 Datei "C:\Windows\System32\Tasks\BrowserSafeguard Update Task" wurde bereinigt.
20140724 140239 Datei "C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe" wurde bereinigt.
20140724 140239 Adware/PUA 'Generic PUA ML' wurde entfernt.
20140724 140542 Datei "C:\Users\fkrohn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MTZ3GMPV\rtinstaller[1].exe" gehört zu Adware/PUA 'Generic PUA ML' (Typ Andere).
20140724 140546 Datei "C:\Users\fkrohn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SWNPN98J\ssupsetup_binstall3[1].exe" gehört zu Adware/PUA 'Generic PUA OM' (Typ Andere).
20140724 140617 Adware/PUA 'Generic PUA ML' wurde erkannt.
20140724 140617 Adware/PUA 'Generic PUA OM' wurde erkannt.
20140724 140617 Scan 'Computer scannen' abgeschlossen.
20140724 140617 Ergebniszusammenfassung für Scan 'Computer scannen':
Gescannte Objekte: 199333
Fehler: 0
Objekte in Quarantäne: 2
Behandelte Objekte: 0
...
(18 Objekte)
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 24.07.2014 Scan Time: 16:31:42 Logfile: Log.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.24.04 Rootkit Database: v2014.07.17.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: fkrohn Scan Type: Threat Scan Result: Completed Objects Scanned: 330262 Time Elapsed: 5 min, 5 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 3 PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, 2256, Delete-on-Reboot, [d3810b98f6853204a64ce27c61a04db3] PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\wprotectmanager.exe, 2300, Delete-on-Reboot, [2a2abde61e5dea4c8268e2af11f0926e] PUP.Optional.RocketTab.A, C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe, 3828, Delete-on-Reboot, [6de74f545e1db185719054f6758b8779] Modules: 1 PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Delete-on-Reboot, [193b8d162b50211574caf8965aa75aa6], Registry Keys: 21 PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, Quarantined, [d3810b98f6853204a64ce27c61a04db3], PUP.Optional.WPM.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsProtectManger, Quarantined, [2a2abde61e5dea4c8268e2af11f0926e], PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WindowsProtectManger, Quarantined, [2a2abde61e5dea4c8268e2af11f0926e], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [ef65544fa2d953e3358f58068c76f60a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [ef65544fa2d953e3358f58068c76f60a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [ef65544fa2d953e3358f58068c76f60a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, Quarantined, [ef65544fa2d953e3358f58068c76f60a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, Quarantined, [ef65544fa2d953e3358f58068c76f60a], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [ef65544fa2d953e3358f58068c76f60a], PUP.Optional.SupTab.A, HKU\S-1-5-21-556708241-424655353-3447792364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [ef65544fa2d953e3358f58068c76f60a], PUP.Optional.SupTab.A, HKU\S-1-5-21-556708241-424655353-3447792364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, Quarantined, [ef65544fa2d953e3358f58068c76f60a], PUP.Optional.SupraSavings, HKLM\SOFTWARE\suprasavings, Quarantined, [193b5d462556c57173222d99ab57e41c], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [9bb9584bea91fa3cc3d2928039cb7888], PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\suprasavings, Quarantined, [fa5a3d66a3d857df152903dd08fad62a], PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\omiga-plusSoftware, Quarantined, [c98bf0b3136850e67293a976b450ca36], PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsProtectManger, Quarantined, [193b8122b5c6979f3b0e418bd72b3ac6], PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD, Quarantined, [f1636e354d2ed26415e3ce3e9371ab55], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [85cf6b38cfacd95d2e674bc707fd0af6], PUP.Optional.BrowserSafeGuard.A, HKU\S-1-5-21-556708241-424655353-3447792364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BrowserSafeguardInstalled, Quarantined, [ed67950e46354aec86d7814c41c148b8], PUP.Optional.SupraSavings.A, HKU\S-1-5-21-556708241-424655353-3447792364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\suprasavings, Quarantined, [ed67a102037837ff1ec45b87c33f58a8], PUP.Optional.Qone8, HKU\S-1-5-21-556708241-424655353-3447792364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Quarantined, [ec6803a089f20333355fec26bc48946c], Registry Values: 5 PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BrowserSafeguard, "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe", Quarantined, [6de74f545e1db185719054f6758b8779] PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD|sourceid, google_mp3download-songs.com|google_groovestream-display-DE-300x250-mp3download-songs-33339486203, Quarantined, [f1636e354d2ed26415e3ce3e9371ab55] PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\fkrohn\AppData\Roaming\Mozilla\Firefox\Profiles\hnzi79s9.default\extensions\faststartff@gmail.com, Quarantined, [5ff5d1d2fd7ee6509e90d056a36131cf] PUP.Optional.WPM.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WINDOWSPROTECTMANGER|ImagePath, C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -service, Quarantined, [98bc970c3546f5419307e7e8fd05936d] PUP.Optional.FastStart.A, HKU\S-1-5-21-556708241-424655353-3447792364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Quarantined, [bd97f5ae2952033383c85577f60c4bb5] Registry Data: 16 PUP.Optional.Skytech.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~2.DLL, Good: (), Bad: (C:\PROGRA~2\SupTab\SEARCH~2.DLL),Replaced,[a7ad3d66fb80d85e102e5e30ac55f20e] PUP.Optional.Skytech.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SupTab\SEARCH~1.DLL, Good: (), Bad: (C:\PROGRA~2\SupTab\SEARCH~1.DLL),Replaced,[e371376cb1ca43f3ba84266823de6e92] PUP.Optional.ISearch.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30),Replaced,[85cfe0c3225951e5a117703643c1a45c] PUP.Optional.ISearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30&q={searchTerms}),Replaced,[3b19c5de641743f3c5f54363df25946c] PUP.Optional.ISearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30),Replaced,[e074198aa9d2ab8b9029dcca10f4e917] PUP.Optional.ISearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30),Replaced,[44103d667902a98d6d4e7135c73dae52] PUP.Optional.ISearch.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30&q={searchTerms}),Replaced,[193b7f247b00b38313abe1c5887c6997] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[2133c3e0f784171fadba48698e7630d0] PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://isearch.omiga-plus.com/?type=sc&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30),Replaced,[9fb5f1b2b4c7ef476652693d3acaa759] PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30&q={searchTerms}),Replaced,[7adad6cd8af102341aa03e68669e2fd1] PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30),Replaced,[cf859013cab1340246734e5846be3dc3] PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30),Replaced,[d97b2e7594e7cf6757641d89c0440df3] PUP.Optional.ISearch.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30&q={searchTerms}, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/web/?type=ds&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30&q={searchTerms}),Replaced,[b3a1673cf18add59546a505643c1867a] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[afa53a695328ac8ac3a4545dde2604fc] PUP.Optional.ISearch.A, HKU\S-1-5-21-556708241-424655353-3447792364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30),Replaced,[fb599d0607743006e7cfdacc9371a55b] PUP.Optional.ISearch.A, HKU\S-1-5-21-556708241-424655353-3447792364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30, Good: (www.google.com), Bad: (hxxp://isearch.omiga-plus.com/?type=hp&ts=1403870062&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30),Replaced,[9cb8a4fffc7f7db9583e3175d03408f8] Folders: 37 PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard, Delete-on-Reboot, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.OpenCandy, C:\Users\fkrohn\AppData\Roaming\OpenCandy, Quarantined, [98bcabf82c4f15210bec90167989c937], PUP.Optional.OpenCandy, C:\Users\fkrohn\AppData\Roaming\OpenCandy\10DC4C0CFD5D442FA97A7B8DDC2B3C36, Quarantined, [98bcabf82c4f15210bec90167989c937], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings, Quarantined, [2430e4bf58236cca5429258982806898], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, Delete-on-Reboot, [b3a17e253c3f191df2db5a62e81a639d], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, Quarantined, [b3a17e253c3f191df2db5a62e81a639d], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, Delete-on-Reboot, [ce86f3b03b400d292d475f5e55adb050], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, Quarantined, [ce86f3b03b400d292d475f5e55adb050], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, Quarantined, [ce86f3b03b400d292d475f5e55adb050], PUP.Optional.SystemSpeedup, C:\Users\fkrohn\AppData\Roaming\systweak\ssd, Quarantined, [88ccd5cebfbc68ce39abae1110f2e11f], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, Delete-on-Reboot, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Users\fkrohn\AppData\Roaming\SupTab, Quarantined, [f95bfba8bfbc2a0c81e853727e84b14f], Files: 78 PUP.Optional.IePluginService.A, C:\ProgramData\IePluginServices\PluginService.exe, Delete-on-Reboot, [d3810b98f6853204a64ce27c61a04db3], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, Delete-on-Reboot, [193b8d162b50211574caf8965aa75aa6], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\wprotectmanager.exe, Delete-on-Reboot, [2a2abde61e5dea4c8268e2af11f0926e], PUP.Optional.RocketTab.A, C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe, Delete-on-Reboot, [6de74f545e1db185719054f6758b8779], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, Quarantined, [a7ad3d66fb80d85e102e5e30ac55f20e], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, Quarantined, [e371376cb1ca43f3ba84266823de6e92], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, Quarantined, [ef65544fa2d953e3358f58068c76f60a], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\ewebstorewrapper.dll, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\config.dat, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\makecert.exe, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\TrustedRoot.cer, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\certutil.exe, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\libnspr4.dll, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\libplc4.dll, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\libplds4.dll, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\nss3.dll, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\smime3.dll, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.BrowserSafeGuard.A, C:\Program Files (x86)\Browsersafeguard\Resources\softokn3.dll, Quarantined, [db790e957308072ff7ffa567cc386799], PUP.Optional.OpenCandy, C:\Users\fkrohn\AppData\Roaming\OpenCandy\10DC4C0CFD5D442FA97A7B8DDC2B3C36\zafwSetupWeb_131_211_000.exe, Quarantined, [98bcabf82c4f15210bec90167989c937], PUP.Optional.SupraSavings.A, C:\Program Files\suprasavings\uninstaller.exe, Quarantined, [2430e4bf58236cca5429258982806898], PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, Quarantined, [b3a17e253c3f191df2db5a62e81a639d], PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-27[13-54-43-623].log, Quarantined, [ce86f3b03b400d292d475f5e55adb050], PUP.Optional.SystemSpeedup, C:\Users\fkrohn\AppData\Roaming\systweak\ssd\SSDPTstub.exe, Quarantined, [88ccd5cebfbc68ce39abae1110f2e11f], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterfacef32.dll, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv32.dll, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv64.dll, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, Quarantined, [6aea129126550d29b7b1e9dc19e925db], PUP.Optional.ISearch.A, C:\Users\fkrohn\AppData\Roaming\Mozilla\Firefox\Profiles\pefkyspb.default-1406209110676\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "hxxp://isearch.omiga-plus.com/?type=hppp&ts=1406211344&from=adks&uid=SKXhynixXSH920XmSATAX256GB_EI44N201310404Q30");), Replaced,[2232505345363ef86eff8e53bb49a759] Physical Sectors: 0 (No malicious items detected) (end) |
Baum-Darstellung