Extras, Einstellungen - nur ok und abbrechen

# AdwCleaner v3.311 - Bericht erstellt am 10/10/2014 um 06:58:30
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Odo - ODO-01-PC
# Gestartet von : D:\Downloads\_via Firefox\AdwCleaner\adwcleaner_3.311.exe
# Option : Suchen


***** [ Dienste ] *****


Dienst Gefunden : IePluginServices
Dienst Gefunden : RelevantKnowledge
Dienst Gefunden : WindowsMangerProtect


***** [ Dateien / Ordner ] *****


Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml
Datei Gefunden : C:\Users\Odo\AppData\Roaming\Mozilla\Firefox\Profiles\1rpxpkj8.default-1412776976892\foxydeal.sqlite
Datei Gefunden : C:\Users\Odo\AppData\Roaming\regsvr32.exe_log.txt
Datei Gefunden : C:\Windows\System32\roboot64.exe
Ordner Gefunden : C:\Program Files (x86)\NCH Software
Ordner Gefunden : C:\Program Files (x86)\RelevantKnowledge
Ordner Gefunden : C:\Program Files (x86)\SupTab
Ordner Gefunden : C:\ProgramData\CheuapoMeo
Ordner Gefunden : C:\ProgramData\COOupExxtension
Ordner Gefunden : C:\ProgramData\DiigiCoOupon
Ordner Gefunden : C:\ProgramData\IePluginServices
Ordner Gefunden : C:\ProgramData\NCH Software
Ordner Gefunden : C:\ProgramData\safeweb
Ordner Gefunden : C:\ProgramData\WindowsMangerProtect
Ordner Gefunden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
Ordner Gefunden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmgfilfjcebdjinidcleeebccpfcgnk
Ordner Gefunden : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmgfilfjcebdjinidcleeebccpfcgnk
Ordner Gefunden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel
Ordner Gefunden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmgfilfjcebdjinidcleeebccpfcgnk
Ordner Gefunden : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmgfilfjcebdjinidcleeebccpfcgnk
Ordner Gefunden : C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmgfilfjcebdjinidcleeebccpfcgnk
Ordner Gefunden : C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmgfilfjcebdjinidcleeebccpfcgnk
Ordner Gefunden : C:\Users\Odo\AppData\Roaming\NCH Software
Ordner Gefunden : C:\Users\Odo\AppData\Roaming\SimpleFiles
Ordner Gefunden : C:\Users\Odo\AppData\Roaming\sweet-page
Ordner Gefunden : C:\Users\Odo\Documents\PC Speed Maximizer


***** [ Tasks ] *****


Task Gefunden : YourFile DownloaderUpdate


***** [ Verknüpfungen ] *****




***** [ Registrierungsdatenbank ] *****


Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gefunden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gefunden : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gefunden : HKCU\Software\Conduit_Search_Protect
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKCU\Software\SimpleFiles
Schlüssel Gefunden : HKCU\Software\SupHpUISoft
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\Conduit_Search_Protect
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : [x64] HKCU\Software\SimpleFiles
Schlüssel Gefunden : [x64] HKCU\Software\SupHpUISoft
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gefunden : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstall
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
Schlüssel Gefunden : HKLM\SOFTWARE\SimpleFiles
Schlüssel Gefunden : HKLM\SOFTWARE\Solvusoft
Schlüssel Gefunden : HKLM\SOFTWARE\SupDp
Schlüssel Gefunden : HKLM\SOFTWARE\SupTab
Schlüssel Gefunden : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gefunden : HKLM\SOFTWARE\sweet-pageSoftware
Schlüssel Gefunden : HKLM\SOFTWARE\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]


***** [ Browser ] *****


-\\ Internet Explorer v11.0.9600.17280


Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.sweet-page.com/?type=hp&ts=1405750030&from=cor&uid=CorsairXForceXGT_11446504000010730077
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.sweet-page.com/?type=hp&ts=1405750030&from=cor&uid=CorsairXForceXGT_11446504000010730077
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.sweet-page.com/web/?type=ds&ts=1405750030&from=cor&uid=CorsairXForceXGT_11446504000010730077&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.sweet-page.com/?type=hp&ts=1405750030&from=cor&uid=CorsairXForceXGT_11446504000010730077
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.sweet-page.com/web/?type=ds&ts=1405750030&from=cor&uid=CorsairXForceXGT_11446504000010730077&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.sweet-page.com/?type=hp&ts=1405750030&from=cor&uid=CorsairXForceXGT_11446504000010730077
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.sweet-page.com/web/?type=ds&ts=1405750030&from=cor&uid=CorsairXForceXGT_11446504000010730077&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.sweet-page.com/?type=hp&ts=1405750030&from=cor&uid=CorsairXForceXGT_11446504000010730077
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.sweet-page.com/web/?type=ds&ts=1405750030&from=cor&uid=CorsairXForceXGT_11446504000010730077&q={searchTerms}


-\\ Mozilla Firefox v32.0.3 (x86 de)


[ Datei : C:\Users\Odo\AppData\Roaming\Mozilla\Firefox\Profiles\1rpxpkj8.default-1412776976892\prefs.js ]


Zeile gefunden : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
Zeile gefunden : user_pref("extensions.Mfqyef.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.[...]
Zeile gefunden : user_pref("extensions.UTx2UuG8Om.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\"=apapamam\")>-1||url.indexOf(\[...]
Zeile gefunden : user_pref("extensions.quick_start.enable_search1", false);
Zeile gefunden : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);


-\\ Google Chrome v35.0.1916.114


*************************


AdwCleaner[R0].txt - [41749 octets] - [27/03/2014 08:41:30]
AdwCleaner[R1].txt - [1045 octets] - [27/03/2014 08:48:05]
AdwCleaner[R2].txt - [9586 octets] - [22/04/2014 08:20:05]
AdwCleaner[R3].txt - [9564 octets] - [22/04/2014 08:42:09]
AdwCleaner[R4].txt - [5060 octets] - [03/05/2014 08:26:11]
AdwCleaner[R5].txt - [5899 octets] - [24/05/2014 07:44:38]
AdwCleaner[R6].txt - [11166 octets] - [10/10/2014 06:58:30]
AdwCleaner[S0].txt - [37867 octets] - [27/03/2014 08:42:08]
AdwCleaner[S1].txt - [9174 octets] - [22/04/2014 08:44:00]


########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [11348 octets] ##########

Malwarebytes Anti-Malware
www.malwarebytes.org


Suchlauf Datum: 10.10.2014
Suchlauf-Zeit: 13:11:10
Logdatei: 
Administrator: Nein


Version: 2.00.2.1012
Malware Datenbank: v2014.10.10.04
Rootkit Datenbank: v2014.10.08.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert


Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Odo


Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 362609
Verstrichene Zeit: 4 Min, 50 Sek


Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert


Prozesse: 0
(No malicious items detected)


Module: 0
(No malicious items detected)


Registrierungsschlüssel: 4
PUP.Optional.DefaultTab.A, HKU\S-1-5-21-115150119-1024699578-3588170308-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, , [31dbe82bf983290d30d3ffa1a65c28d8], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363}, , [b15bec27adcfd1659f370798f11114ec], 
PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77}, , [9775db3893e95ed86572356a23dfe31d], 
PUP.Optional.FastStart.A, HKU\S-1-5-21-115150119-1024699578-3588170308-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, , [42ca27ec49338aac70783bdba85b08f8], 


Registrierungswerte: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-115150119-1024699578-3588170308-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [42ca27ec49338aac70783bdba85b08f8]


Registrierungsdaten: 0
(No malicious items detected)


Ordner: 3
PUP.Optional.SnapDo.A, C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj, , [7a9217fc1f5d6fc7e90e95543bc7e818], 
PUP.Optional.SnapDo.A, C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj\1.4_0, , [7a9217fc1f5d6fc7e90e95543bc7e818], 
PUP.Optional.SnapDo.A, C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj\1.4_0\tinyurl, , [7a9217fc1f5d6fc7e90e95543bc7e818], 


Dateien: 9
PUP.Optional.RelevantKnowledge, C:\Windows\System32\rlls64.dll, , [3fcdf81b65176dc92b7682ab3dc87e82], 
PUP.Optional.RelevantKnowledge, C:\Windows\SysWOW64\rlls.dll, , [30dc54bf1864f93d2c75230a887d6a96], 
PUP.Optional.RelevantKnowledge, C:\Users\Odo\AppData\Local\Temp\CSM49EC.tmp, , [56b6aa69324a013505c578a92fd6758b], 
Trojan.Agent, C:\Windows\SysWOW64\rlls.dll, , [28e440d3710b8aac562a3269ec1753ad], 
PUP.Optional.SnapDo.A, C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj\1.4_0\tinyurl\ajax.js, , [7a9217fc1f5d6fc7e90e95543bc7e818], 
PUP.Optional.SnapDo.A, C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj\1.4_0\tinyurl\background.js, , [7a9217fc1f5d6fc7e90e95543bc7e818], 
PUP.Optional.SnapDo.A, C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj\1.4_0\tinyurl\common.js, , [7a9217fc1f5d6fc7e90e95543bc7e818], 
PUP.Optional.SnapDo.A, C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj\1.4_0\tinyurl\content.js, , [7a9217fc1f5d6fc7e90e95543bc7e818], 
PUP.Optional.SnapDo.A, C:\Users\Odo\AppData\Local\Google\Chrome\User Data\Default\Extensions\eehfnepnmclpcobedfhlofbalebekkaj\1.4_0\tinyurl\notifier.js, , [7a9217fc1f5d6fc7e90e95543bc7e818], 


Physische Sektoren: 0
(No malicious items detected)




(end)