PUP.Optional.Astromenda.A, ~Updater.A und ~FramedDisplay.A sind nicht zu löschen Hallo liebes Trojaner-Team,
monatelang dank Malwarebytes Anti-Malware und Hitman Pro und Avast und Co sauber, dann ein falscher Download-Klick und alles ist im Chaos versunken.
Obwohl Malewarebytes alles in Quarantäne stellt, zeigt jeder neue Durchlauf die alten Fehlerquellen erneut an. Ich brauche wohl eure bewährte Hilfe, den Rechner wieder clean zu bekommen.
Unten das letzte Protokoll von Malwarebytes Anti-Malware zur Info.
MfG
Böni Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 21.10.2014
Suchlauf-Zeit: 11:08:48
Logdatei: malware_protokoll_14_10_21_1.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.10.21.03
Rootkit Datenbank: v2014.10.20.01
Lizenz: Premium
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Aktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: XXX
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 514951
Verstrichene Zeit: 34 Min, 12 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 1
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\updateFramedDisplay.exe, 500, , [0d4ac55257252e08ff217b4c38c958a8]
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 21
PUP.Optional.FramedDisplay.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Framed Display, , [0d4ac55257252e08ff217b4c38c958a8],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{05b5ef3f-4c6a-426e-b77e-48ebb3e721f1}, , [50071dfa344896a0be61ecdb51b02bd5],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{a6ceb2de-65f7-46fe-89da-446dd487f293}, , [50071dfa344896a0be61ecdb51b02bd5],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5B81129C-6563-411B-A509-6BBB01EC25FF}, , [50071dfa344896a0be61ecdb51b02bd5],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5B81129C-6563-411B-A509-6BBB01EC25FF}, , [50071dfa344896a0be61ecdb51b02bd5],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{a6ceb2de-65f7-46fe-89da-446dd487f293}, , [50071dfa344896a0be61ecdb51b02bd5],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{05B5EF3F-4C6A-426E-B77E-48EBB3E721F1}, , [50071dfa344896a0be61ecdb51b02bd5],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Framed Display, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.InstallCore.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLCORE\WSE_Astromenda, , [c98ed542ec9096a022245ebec2416f91],
PUP.Optional.Astromenda.A, HKU\S-1-5-21-3047158342-991607282-2163248425-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wse_astromenda, , [0156d4430b71280e4105dd478b78649c],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3047158342-991607282-2163248425-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [e96e8592e795290d01ecbb9856add729],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3047158342-991607282-2163248425-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [61f6cf48bfbde84eba860862020234cc],
PUP.Optional.Astromenda, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WSE_Astromenda, , [da7d080fd8a472c46ec55cb542c1926e],
Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3047158342-991607282-2163248425-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1K1J1N2U0R1O1F, , [61f6cf48bfbde84eba860862020234cc]
Registrierungsdaten: 1
PUP.Optional.Astromenda.A, HKU\S-1-5-21-3047158342-991607282-2163248425-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://astromenda.com/?f=1&a=ast_ggfc_14_43_ff&cd=2XzuyEtN2Y1L1Qzu0DtDtByBzzzzyCzzyB0DtCyDyByByE0EtN0D0Tzu0StCtDtBtAtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0B0FzztBtCzy0CtGyEyEtB0AtGyByC0EtCtGzytB0DyEtGtCzy0AyE0C0Czy0AyC0DtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0FyBtCyEzzzztAtGtD0DyEyDtGyEtAtB0EtGzyyDzy0AtGtByC0DyCyBzytByB0B0EzyyD2Q&cr=1953599297&ir=, Gut: (www.google.com), Schlecht: (hxxp://astromenda.com/?f=1&a=ast_ggfc_14_43_ff&cd=2XzuyEtN2Y1L1Qzu0DtDtByBzzzzyCzzyB0DtCyDyByByE0EtN0D0Tzu0StCtDtBtAtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0B0FzztBtCzy0CtGyEyEtB0AtGyByC0EtCtGzytB0DyEtGtCzy0AyE0C0Czy0AyC0DtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0FyBtCyEzzzztAtGtD0DyEyDtGyEtAtB0EtGzyyDzy0AtGtByC0DyCyBzytByB0B0EzyyD2Q&cr=1953599297&ir=),,[4314d93ed3a93ef896aa1e0a1de826da]
Ordner: 13
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\plugins, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\TEMP, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.Updater.A, C:\Users\Bernd\AppData\Roaming\DigitalSites\UpdateProc, , [cd8a59becfad092d912e2be00201748c],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda, , [da7d080fd8a472c46ec55cb542c1926e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\bh, , [da7d080fd8a472c46ec55cb542c1926e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS, , [da7d080fd8a472c46ec55cb542c1926e],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\WSE_Astromenda, , [bc9b0f08502cc96dc6860011986b4eb2],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\WSE_Astromenda\icons_3.2.1.5, , [bc9b0f08502cc96dc6860011986b4eb2],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\WSE_Astromenda\UpdateProc, , [bc9b0f08502cc96dc6860011986b4eb2],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs, , [a9ae0a0dfd7ff73f0693071115ee44bc],
Dateien: 60
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\updateFramedDisplay.exe, , [0d4ac55257252e08ff217b4c38c958a8],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\FramedDisplaybho.dll, , [50071dfa344896a0be61ecdb51b02bd5],
PUP.Optional.InstalLCore, C:\Users\Bernd\AppData\Local\temp\is1242154493\17996561_stp.EXE, , [82d56aada8d4bd799ca55daa2cd958a8],
PUP.Optional.BPlug, C:\Users\Bernd\AppData\Local\temp\is1242154493\17996932_stp.EXE, , [be995bbcabd1f73fafdc863951b0f010],
PUP.Optional.Astromenda.A, C:\Windows\System32\Tasks\WSE_Astromenda, , [2d2a9186443861d53ec98696bc47a759],
PUP.Optional.Astromenda.A, C:\Windows\Tasks\WSE_Astromenda.job, , [b4a370a783f9f640050378a4ff046f91],
PUP.Optional.Astromenda, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\searchplugins\Astromenda.xml, , [2037d542afcdd2649267e93bc142e917],
PUP.Optional.Astromenda, C:\Users\Power\AppData\Roaming\Mozilla\Firefox\Profiles\6p6z0btk.default-1398166762451\searchplugins\Astromenda.xml, , [6fe8d344f983f3437f7ae4402cd725db],
PUP.Optional.Astromenda, C:\Users\Power\AppData\Roaming\Mozilla\Firefox\Profiles\ugxwq37m.default\searchplugins\Astromenda.xml, , [25329a7d790350e6a3569a8a0ef55ca4],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\FramedDisplay.ico, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\0, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\7za.exe, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\FramedDisplayUninstall.exe, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\updateFramedDisplay.InstallState, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\7012eec14f3742d4a2cd.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\7012eec14f3742d4a2cd64.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\7za.exe, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\BrowserAdapter.7z, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\FramedDisplay.BrowserAdapter64.exe, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\FramedDisplay.PurBrowse64.exe, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\FramedDisplay.PurBrowseG.zip, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\sqlite3.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\utilFramedDisplay.InstallState, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\{7012eec1-4f37-42d4-a2cd-26727494d248}.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\{7012eec1-4f37-42d4-a2cd-26727494d248}64.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\plugins\FramedDisplay.BrowserAdapter.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\plugins\FramedDisplay.FFUpdate.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\plugins\FramedDisplay.GCUpdate.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\plugins\FramedDisplay.IEUpdate.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.FramedDisplay.A, C:\Program Files (x86)\Framed Display\bin\plugins\FramedDisplay.PurBrowseG.dll, , [6aed1ef9ee8e67cfca9c256a758f9f61],
PUP.Optional.Updater.A, C:\Users\Bernd\AppData\Roaming\DigitalSites\UpdateProc\bkup.dat, , [cd8a59becfad092d912e2be00201748c],
PUP.Optional.Updater.A, C:\Users\Bernd\AppData\Roaming\DigitalSites\UpdateProc\config.dat, , [cd8a59becfad092d912e2be00201748c],
PUP.Optional.Updater.A, C:\Users\Bernd\AppData\Roaming\DigitalSites\UpdateProc\info.dat, , [cd8a59becfad092d912e2be00201748c],
PUP.Optional.Updater.A, C:\Users\Bernd\AppData\Roaming\DigitalSites\UpdateProc\prod.dat, , [cd8a59becfad092d912e2be00201748c],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\FavIcon.ico, , [da7d080fd8a472c46ec55cb542c1926e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\Sqlite3.dll, , [da7d080fd8a472c46ec55cb542c1926e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\uninst.dat, , [da7d080fd8a472c46ec55cb542c1926e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\uninstall.exe, , [da7d080fd8a472c46ec55cb542c1926e],
PUP.Optional.Astromenda, C:\Program Files (x86)\WSE_Astromenda\BRS\Sqlite3.dll, , [da7d080fd8a472c46ec55cb542c1926e],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\WSE_Astromenda\icons_3.2.1.5\ctr.ico, , [bc9b0f08502cc96dc6860011986b4eb2],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\WSE_Astromenda\UpdateProc\bkup.dat, , [bc9b0f08502cc96dc6860011986b4eb2],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\WSE_Astromenda\UpdateProc\config.dat, , [bc9b0f08502cc96dc6860011986b4eb2],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\WSE_Astromenda\UpdateProc\info.dat, , [bc9b0f08502cc96dc6860011986b4eb2],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav-groups, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\favs##265bb01d078949b9d3b0ca786b1024d4, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\05a6b67e18b4a34ef0b3993a568280f0, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\13ddb1c7092f0b55e0fec387b68a9900, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\23b827170d8476fea82803c47587d38a, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\477df36d9244ffa3d339c30a475c7342, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\6289834cfb3782d09f133b2e8cf23078, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\aafbdae97bc721d1f89e075ec789885e, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\b1f0fae6606010b6dc130113d9370147, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\b6cde3ca4b4d3102bcc79de7bdffb39c, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\cb384bf303175031f378e5f7d9793f3d, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\d60d346467eb23ad3de8434f664b6c63, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\d8b06f3831087821c3a34a14ffbfc3d2, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\e236c9b26e928e3662e83df7563cdd6b, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Bernd\AppData\Roaming\Mozilla\Firefox\Profiles\jrweuwgo.default\astrmndant\fav_thumbs\ec01daa48930fc1892183916ceaafcee, , [a9ae0a0dfd7ff73f0693071115ee44bc],
PUP.Optional.Astromenda.A, C:\Users\Power\AppData\Roaming\Mozilla\Firefox\Profiles\6p6z0btk.default-1398166762451\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://astromenda.com/?f=1&a=ast_ggfc_14_43_ff&cd=2XzuyEtN2Y1L1Qzu0DtDtByBzzzzyCzzyB0DtCyDyByByE0EtN0D0Tzu0StCtDtBtAtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0B0FzztBtCzy0CtGyEyEtB0AtGyByC0EtCtGzytB0DyEtGtCzy0AyE0C0Czy0AyC0DtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0FyBtCyEzzzztAtGtD0DyEyDtGyEtAtB0EtGzyyDzy0AtGtByC0DyCyBzytByB0B0EzyyD2Q&cr=1953599297&ir=");), ,[32254ccb700cab8bb59984d632d32ed2]
PUP.Optional.Astromenda.A, C:\Users\Power\AppData\Roaming\Mozilla\Firefox\Profiles\ugxwq37m.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://astromenda.com/?f=1&a=ast_ggfc_14_43_ff&cd=2XzuyEtN2Y1L1Qzu0DtDtByBzzzzyCzzyB0DtCyDyByByE0EtN0D0Tzu0StCtDtBtAtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StD0B0FzztBtCzy0CtGyEyEtB0AtGyByC0EtCtGzytB0DyEtGtCzy0AyE0C0Czy0AyC0DtC0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0FyBtCyEzzzztAtGtD0DyEyDtGyEtAtB0EtGzyyDzy0AtGtByC0DyCyBzytByB0B0EzyyD2Q&cr=1953599297&ir=");), ,[3b1c35e281fb76c04a0471e916ef9c64]
Physische Sektoren: 0
(No malicious items detected)
(end) |