BetterSurf Addware nur halb entfernt

Blizzard79 · 06.02.2014, 11:53

Hallo,

ich wende mich das erste Mal an Euch, weil ich mein BetterSurf Addware PRoblem nicht vollstädnig beseitigen konnte. Was hab ich gemacht:

1.) Malwarebytes 1.75.0.1300 mit aktuellen Updates installiert und einen vollstädnigen Scan laufen lassen (Log siehe unten).
2.) Alle Programme geschlossen, alle Funde zur Enfernung gekenzeichnet und gestartet (inkl. Reboot)
3.) Seit dem gibt es bei Scans mit Malwarebytes keine Funde mehr, allerdings löscht McAfee immer wieder Dateien die er als "Bettersurf" indentifiziert (leider kein Screenshot verfügbar). Ich kann sonst keine Beeinträchtigungen mehr feststellen (Pop-up Windows, Element auf Webseiten oder Youtube).

Ich bitte um Eure geschätzte Hilfe!

Lg, Fred

------------ Beginn des Log-Files ----------------------

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.04.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16736
karla :: KARLA1 [administrator]

Protection: Enabled

04.02.2014 11:03:54
mbam-log-2014-02-04 (11-03-54).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 475342
Time elapsed: 1 hour(s), 3 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Users\KARLA\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.

Registry Keys Detected: 9
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MediaPlayerV1alpha3441 (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MediaPlayerV1alpha3441 (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Update veberGreat (PUP.Optional.VeberGreat.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{0082bec3-27ce-44ad-b548-954f86e8975d} (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{ff12d6d2-d710-4fc6-94e5-0de5e65aff8d} (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
HKCR\Interface\{BB75F45B-E646-4D2D-BB06-6394CD9AD56F} (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0082BEC3-27CE-44AD-B548-954F86E8975D} (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0082BEC3-27CE-44AD-B548-954F86E8975D} (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0082BEC3-27CE-44AD-B548-954F86E8975D} (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Data: C:\windows\SysWOW64\rundll32.exe "C:\Users\KARLA\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Mozilla\Firefox\Extensions|ext@MediaPlayerV1alpha3441.net (PUP.Optional.MediaPlayerAlpha.A) -> Data: C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 12
C:\Users\KARLA\AppData\Local\Temp\CT3314932 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\CT3319608 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Delete on reboot.
C:\Users\KARLA\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441 (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ch (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\chrome (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\chrome\content (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\chrome\content\icons (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\chrome\content\icons\default (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ie (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.

Files Detected: 34
C:\Users\KARLA\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Delete on reboot.
C:\AdwCleaner\Quarantine\C\Users\KARLA\AppData\Local\SwvUpdater\Updater.exe.vir (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\uninstall.exe (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\genienext\nengine.dll (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\nsbB0F4.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\nsf9367.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\nsq957B.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\nsqAF2E.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\nstB329.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\Setup2.exe (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\uninstall15516609.exe (PUP.Optional.YourfileDownloader) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\nse5C78.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\nsn7059.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\nsz97F1.tmp\OCSetupHlp.dll (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\KARLA\Downloads\GOMPLAYERENSETUP.EXE (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\KARLA\Downloads\GOMPLAYERENSETUP_2.2.56.EXE (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\Users\KARLA\Downloads\iLividSetup-r484-n-bc.exe (PUP.Optional.Bandoo) -> Quarantined and deleted successfully.
C:\Users\KARLA\Downloads\Microsoft_Office_2010_all_versions.full.rar_downloader.exe (PUP.Optional.GoForFiles.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\Downloads\Microsoft_Office_2010_Product_Key_[Full_Version]_downloader (1).exe (PUP.Optional.YourfileDownloader) -> Quarantined and deleted successfully.
C:\Users\KARLA\Downloads\Microsoft_Office_2010_Product_Key_[Full_Version]_downloader.exe (PUP.Optional.YourfileDownloader) -> Quarantined and deleted successfully.
C:\Users\KARLA\Downloads\VLC_Media_Player (1).exe (PUP.Optional.SimplyTech) -> Quarantined and deleted successfully.
C:\Users\KARLA\Downloads\VLC_Media_Player.exe (PUP.Optional.SimplyTech) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\CT3314932\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Local\Temp\CT3319608\ddt.csf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Users\KARLA\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ch\MediaPlayerV1alpha3441.crx (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\chrome.manifest (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\install.rdf (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\chrome\content\ffMediaPlayerV1alpha3441.js (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\chrome\content\overlay.xul (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\chrome\content\icons\Thumbs.db (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ff\chrome\content\icons\default\MediaPlayerV1alpha3441_32.png (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha3441\ie\MediaPlayerV1alpha3441.dll (PUP.Optional.MediaPlayerAlpha.A) -> Quarantined and deleted successfully.

(end)

BetterSurf Addware nur halb entfernt

Plagegeister aller Art und deren Bekämpfung: BetterSurf Addware nur halb entfernt

BetterSurf Addware nur halb entfernt

Ähnliche Themen: BetterSurf Addware nur halb entfernt