curlyz88 | 12.01.2015 17:57 | Hier schonmal die Auswertung von MBAM: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 12.01.2015
Suchlauf-Zeit: 17:01:07
Logdatei: MBAM.txt
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2015.01.12.05
Rootkit Datenbank: v2015.01.07.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Greta
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 440426
Verstrichene Zeit: 35 Min, 0 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 9
PUP.Optional.Linkey.A, HKU\S-1-5-21-3598410763-1360646077-3866033100-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, In Quarantäne, [52334caa2b5e2214e4cae40531d10bf5],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64, In Quarantäne, [097cc92da5e470c6ce28048134cf867a],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [96ef14e20782a98db09524c5020254ac],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [fc896294cabf38fe81c35099ae565aa6],
PUP.Optional.SystemK.A, HKLM\SOFTWARE\WOW6432NODE\SystemK, In Quarantäne, [364f6096bdcc8caae4f288fc4bb89b65],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, In Quarantäne, [d5b066905d2ceb4bcb62f3afa162bb45],
PUP.Optional.Softonic.A, HKU\S-1-5-21-3598410763-1360646077-3866033100-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, In Quarantäne, [aed7f8fe9feae74f099378f654af6997],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3598410763-1360646077-3866033100-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [86ff27cfc0c987af5cc9baf5b64da35d],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3598410763-1360646077-3866033100-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [2a5ba353d3b687af5ae19e27aa5ae51b],
Registrierungswerte: 2
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, In Quarantäne, [7213bb3b3a4fd462824825ca57ad8878]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3598410763-1360646077-3866033100-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0Z1B1L2Z1S, In Quarantäne, [2a5ba353d3b687af5ae19e27aa5ae51b]
Registrierungsdaten: 1
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3598410763-1360646077-3866033100-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://Vosteran.com/?f=1&a=vst_ggfc_15_03_ff&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0D0Bzz0C0AtA0EtA0DtDtN0D0Tzu0StCtCtDyBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0DtA0E0CzyzytAtGyDyDzz0BtG0DyB0A0CtG0EyCyD0DtGtA0CzytA0AyDyCzyzz0E0FtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0F0ByEyC0DyByCtGzy0C0FtCtGyEtDtCtDtGzz0FtD0EtGyCyB0F0EtB0ByE0C0AtA0Azy2Q&cr=1496097220&ir=, Gut: (www.google.com), Schlecht: (hxxp://Vosteran.com/?f=1&a=vst_ggfc_15_03_ff&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0D0Bzz0C0AtA0EtA0DtDtN0D0Tzu0StCtCtDyBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0DtA0E0CzyzytAtGyDyDzz0BtG0DyB0A0CtG0EyCyD0DtGtA0CzytA0AyDyCzyzz0E0FtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0F0ByEyC0DyByCtGzy0C0FtCtGyEtDtCtDtGzz0FtD0EtGyCyB0F0EtB0ByE0C0AtA0Azy2Q&cr=1496097220&ir=),Ersetzt,[03822acc6b1ec07693422b673acb2fd1]
Ordner: 28
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.OpenCandy, C:\Users\Greta\AppData\Roaming\OpenCandy, In Quarantäne, [b4d1ba3ce9a071c5f3b4240fd72ca35d],
PUP.Optional.OpenCandy, C:\Users\Greta\AppData\Roaming\OpenCandy\850C7769A9024030BD34B2A9A32F1272, In Quarantäne, [b4d1ba3ce9a071c5f3b4240fd72ca35d],
PUP.Optional.OpenCandy, C:\Users\Greta\AppData\Roaming\OpenCandy\DAB5B767FC7943428E0587D8B2EBE9E5, In Quarantäne, [b4d1ba3ce9a071c5f3b4240fd72ca35d],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk, In Quarantäne, [a5e06096daaf2e087dee6fcb966d6a96],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64, In Quarantäne, [a5e06096daaf2e087dee6fcb966d6a96],
PUP.Optional.SearchProtect.A, C:\Users\Greta\AppData\Local\SearchProtect, In Quarantäne, [bbcab83e6d1c60d621f245047b885da3],
PUP.Optional.SearchProtect.A, C:\Users\Greta\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [bbcab83e6d1c60d621f245047b885da3],
PUP.Optional.SearchProtect.A, C:\Users\Greta\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [bbcab83e6d1c60d621f245047b885da3],
PUP.Optional.SearchProtect.A, C:\Users\Greta\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [bbcab83e6d1c60d621f245047b885da3],
PUP.Optional.SearchProtect.A, C:\Users\Greta\AppData\Local\SearchProtect\UI, In Quarantäne, [bbcab83e6d1c60d621f245047b885da3],
PUP.Optional.SearchProtect.A, C:\Users\Greta\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [bbcab83e6d1c60d621f245047b885da3],
Dateien: 108
PUP.Optional.Conduit.A, C:\Users\Greta\AppData\Roaming\OpenCandy\850C7769A9024030BD34B2A9A32F1272\sp-downloader.exe, In Quarantäne, [4d38f60076136fc7d34bae90fc059a66],
PUP.Optional.InstalLCore, C:\Users\Greta\AppData\Local\Temp\is765589038\52614A36_stp.EXE, In Quarantäne, [25605b9bd2b76ec8bdd398cfbc497987],
PUP.Optional.BPlug, C:\Users\Greta\AppData\Local\Temp\is765589038\64C2F02D_stp.EXE, In Quarantäne, [22630cea1a6fe74ff605b51613ee25db],
PUP.Optional.InstallCore, C:\Users\Greta\AppData\Local\Temp\is765589038\5D4B7A38_stp\uninstaller.exe, In Quarantäne, [aadbbd3995f4a4921f51ef1bbc4636ca],
PUP.Optional.InstallCore, C:\Users\Greta\AppData\Local\Temp\2814843.Uninstall\uninstaller.exe, In Quarantäne, [1c69579fcbbe979fdf9146c40df57b85],
PUP.Optional.InstallCore, C:\Users\Greta\AppData\Local\Temp\2826640.Uninstall\uninstaller.exe, In Quarantäne, [3e47e0163851f0466f014bbfca3837c9],
PUP.Optional.InstallCore, C:\Users\Greta\AppData\Local\Temp\2864109.Uninstall\uninstaller.exe, In Quarantäne, [fa8b04f2038644f292de18f2ab57f808],
PUP.Optional.InstallCore, C:\Users\Greta\AppData\Local\Temp\2886718.Uninstall\uninstaller.exe, In Quarantäne, [3e4708ee3f4ac07699d71af0679b9967],
PUP.Optional.Bundler, C:\Users\Greta\Downloads\FileOpenerSetup.exe, In Quarantäne, [d2b31dd92861fc3a35c2bcc59075ab55],
PUP.Optional.SearchProtect.A, C:\Windows\apppatch\apppatch64\SPVCLdr64.dll, Löschen bei Neustart, [20652fc71574082e64f0dbd3936e2ad6],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{f81878fa-25e9-442d-8ada-79658b6520f2}Gw64.sys, In Quarantäne, [097cc92da5e470c6ce28048134cf867a],
PUP.Optional.Trovi.A, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\searchplugins\trovi-search.xml, In Quarantäne, [95f06b8bed9c2313f588e9aecb38d12f],
PUP.Optional.DefaultSearch.A, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\searchplugins\default-search.xml, In Quarantäne, [850024d28603b2840620c8da90737c84],
PUP.Optional.DefaultSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml, In Quarantäne, [3253ee0834557eb8d3545b47db28cf31],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [b3d2c234fc8de2549c9c3e91689cf808],
PUP.Optional.SearchProtect, C:\Windows\apppatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, In Quarantäne, [c6bf37bfc8c14fe7f15736b38f75ee12],
PUP.Optional.Vosteran.A, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\searchplugins\Vosteran.xml, In Quarantäne, [8500cb2b820704323fc1ad41d92b1be5],
PUP.Optional.OpenCandy, C:\Users\Greta\AppData\Roaming\OpenCandy\DAB5B767FC7943428E0587D8B2EBE9E5\TuneUp2014GER15day-de-DE-p4v1.exe, In Quarantäne, [b4d1ba3ce9a071c5f3b4240fd72ca35d],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll, In Quarantäne, [a5e06096daaf2e087dee6fcb966d6a96],
PUP.Optional.SearchProtect.A, C:\Users\Greta\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [bbcab83e6d1c60d621f245047b885da3],
PUP.Optional.SearchProtect.A, C:\Users\Greta\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [bbcab83e6d1c60d621f245047b885da3],
PUP.Optional.SearchProtect.A, C:\Users\Greta\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [bbcab83e6d1c60d621f245047b885da3],
PUP.Optional.Vosteran.A, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, In Quarantäne, [e4a18175c1c8280eb264d2f60bfa23dd],
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (user_pref("extensions.srchvstrn.hmpg", true);), Ersetzt,[206549ad1c6d9c9ad36e4484c73ecd33]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (sions.blocklist.enabled", false);
user_pref("app.update.auto", false);
user_pref("extensions.srchvstrn.hmpg", true);
user_pref("extensions.srchvstrn.hmpgUrl", "hxxp://Vosteran.com/?f=1&a=vst_ggfc_15_03_ff&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0D0Bzz0C0AtA0EtA0DtDtN0D0Tzu0StCtCtDyBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0DtA0E0CzyzytAtGyDyDzz0BtG0DyB0A0CtG0EyCyD0DtGtA0CzytA0AyDyCzyzz0E0FtD2), Ersetzt,[bcc961952168c57181c05e6a749139c7]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (0DyB0A0CtG0EyCyD0DtGtA0CzytA0AyDyCzyzz0E0FtD2QtN1), Ersetzt,[8401c92d2d5cb77f75cc8345a560dc24]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (s.blocklist.enabled", false);
user_pref("app.update.aut), Ersetzt,[d5b0777ffb8e7cba7ec3794f3acb39c7]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (list.enabled", false);
user_pref("app.update.a), Ersetzt,[a0e5b1458207e94dab960fb9cf3638c8]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (ons.blocklist.enabled", false);
user_pref("app.u), Ersetzt,[1a6b27cfe6a349edf94870584db89868]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (s.blocklist.enabled", false);
user_pref("app.update.auto", false);
user_pref("extensions.srchvstrn.hmpg", true);
user_pref("extensions.srchvstrn.hmpgUrl", "hxxp://Vosteran.com/?f=1&a=vst_ggfc_15_03_ff&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0D0Bzz0C0AtA0EtA0DtDtN0D0Tzu0StCtCtDyBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0DtA0E0CzyzytAtGyDyDzz0BtG0DyB0A0CtG0EyCyD0DtGtA0CzytA0AyDyCzyzz0E0FtD2QtN1M1), Ersetzt,[89fc6096d2b7d660261b7d4b778e6c94]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (yB0A0CtG0EyCyD0DtGtA0CzytA0AyDyCzyzz0E0FtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0F0ByEyC0DyByCtGzy0C0FtCtGyEtDtCtDtGzz0FtD0EtGyCyB0F0EtB0ByE0C0AtA0Azy2Q&cr=1496097220&ir=");
user_pref("extensions.srchvstrn.dfltSrch", true);
user_pref("extensions.srchvstrn.srchPrvdr", "Vosteran");
user_pref("extensions.srchvstrn.dnsErr", true);
user_pref("extensions.srchvstrn_i.newTab", true);
user_pref("extensions.srchvstrn.newTabUrl", "hxxp://Vos), Ersetzt,[90f54caad0b9e056320fe5e3fa0b9f61]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (CtG0EyCyD0DtGtA0CzytA0AyDyCzyzz0E0FtD2QtN1M1F1B2Z1V1N2Y1L), Ersetzt,[fe87a2543f4a61d5d170507863a228d8]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (ist.enabled", false);
user_pref("app.update.auto", ), Ersetzt,[e99c62944346231384bd37919d6829d7]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (locklist.enabled", false);
user_pref("app.), Ersetzt,[8df8aa4ccabf063083be874111f4da26]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (ensions.blocklist.enabled", false);
user_pr), Ersetzt,[c5c00fe78504082e0839616726dfb947]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (nsions.blocklist.enabled", false);
user_pref("app.upd), Ersetzt,[d5b08f67cdbc82b41c257058cf36e61a]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (cklist.enabled", false);
user_pref("app.update.auto", fal), Ersetzt,[1174dd19137656e00f32deea739230d0]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (st.enabled", false);
user_pref("app.update.auto", fa), Ersetzt,[9bea5f972e5b57df4bf61aaecb3a728e]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (ocklist.enabled", false);
user_pref("app.update.auto", fals), Ersetzt,[7f0681756f1a7abccc75e4e4f51016ea]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (.enabled", false);
user_pref("app.update.auto", fal), Ersetzt,[493ca056a3e642f44bf636922adbdc24]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (locklist.enabled", false);
user_pref("app.up), Ersetzt,[c6bfae48a6e357df65dc3e8ab352b44c]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (sions.blocklist.enabled", false);
user_pref("app.update), Ersetzt,[c0c5d71f77123105af92dbed867f48b8]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (list.enabled", false);
user_pref("app.update.), Ersetzt,[e89d896def9a320499a83c8cc63f8878]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (ions.blocklist.enabled", false);
user_pref("app.update.auto", false);
user_pref(), Ersetzt,[a8ddee083356d75f68d9804841c4bf41]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (er_pref("app.update.auto", false);
user_pref("ex), Ersetzt,[3f460fe7c6c353e31d24dcec30d5e917]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (s.blocklist.enabled", false);
user_pref("app.updat), Ersetzt,[a5e08274b5d4ce68261bc3052bda4eb2]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (blocklist.enabled", false);
user_pref("app.update.auto", false);
user_pref("extensions.srchvstrn.hmpg", true);
user_pref("extensions.srchvstrn.hmpgUrl", "hxxp://Vosteran.com/?f=1&a=vst_ggfc_15_03_ff&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0D0Bzz0C0AtA0EtA0DtDtN0D0Tzu0StCtCtDyBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qzu2StB0DtA0E), Ersetzt,[c1c4e1155d2c40f654ed2f9956af13ed]
PUP.Optional.Vosteran, C:\Users\Greta\AppData\Roaming\Mozilla\Firefox\Profiles\hbyc0503.default\user.js, Gut: (), Schlecht: (CzutCyEtBzytDyD1V1ByEtN1L1G1B1V1N2Y1L1Qz), Ersetzt,[b5d0cb2bb0d9d561a49d78500ff67b85]
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) hier das Ergebnis von Adwcleaner: Code:
# AdwCleaner v4.107 - Bericht erstellt am 12/01/2015 um 17:52:16
# Aktualisiert 07/01/2015 von Xplode
# Database : 2015-01-11.2 [Live]
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Greta - GRETA
# Gestartet von : C:\Users\Greta\Downloads\AdwCleaner_4.107.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\blekko toolbars
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpener
Ordner Gelöscht : C:\Program Files (x86)\Settings Manager
Ordner Gelöscht : C:\Program Files (x86)\Toolbar Cleaner
Ordner Gelöscht : C:\Program Files (x86)\Tweaks
Ordner Gelöscht : C:\Users\Greta\AppData\Local\Temp\Dynamo Combo
Ordner Gelöscht : C:\Users\Greta\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\Greta\AppData\Roaming\Security Systems
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87934C42-161D-45BC-8CEF-EF18ABE2A30C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKLM\SOFTWARE\adawaretb
Schlüssel Gelöscht : HKLM\SOFTWARE\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tweaks FileOpener
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v34.0.5 (x86 de)
[hbyc0503.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.order.1", "default-search.net");
[hbyc0503.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.hmpgUrl", "hxxp://Vosteran.com/?f=1&a=vst_ggfc_15_03_ff&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0D0Bzz0C0AtA0EtA0DtDtN0D0Tzu0StCtCtDyBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzytDy[...]
[hbyc0503.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.newTabUrl", "hxxp://Vosteran.com/?f=2&a=vst_ggfc_15_03_ff&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0D0Bzz0C0AtA0EtA0DtDtN0D0Tzu0StCtCtDyBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBzyt[...]
[hbyc0503.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.prtnrId", "WSE_Vosteran");
[hbyc0503.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.srchPrvdr", "Vosteran");
[hbyc0503.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.tlbrSrchUrl", "hxxp://Vosteran.com/?f=3&a=vst_ggfc_15_03_ff&cd=2XzuyEtN2Y1L1QzutA0EyByB0EyC0D0Bzz0C0AtA0EtA0DtDtN0D0Tzu0StCtCtDyBtN1L2XzutAtFyCtFtCyCtFyCtN1L1CzutCyEtBz[...]
-\\ Opera v0.0.0.0
*************************
AdwCleaner[R0].txt - [8033 octets] - [12/01/2015 17:49:06]
AdwCleaner[S0].txt - [7320 octets] - [12/01/2015 17:52:16]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7380 octets] ########## |