Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
default-search.net nicht zulöschen

default-search.net nicht zulöschen


Log-Analyse und Auswertung: default-search.net nicht zulöschen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.04.2014, 12:49   #1
steffiglaubi
 
default-search.net nicht zulöschen - Standard

default-search.net nicht zulöschen


Hallo, ich habe bereits alles befolgt, was in diesem Thema beschrieben ist

http://www.trojaner-board.de/146735-...entfernen.html

der Befall ist jedoch nicht beseitigt. Können Sie mir bitte helfen?

Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16"?>

-<mbam-log>


-<header>

<date>2014/04/07 10:08:52 +0200</date>

<log>mbam-log-2014-04-07 (10-01-36).xml</log>

<isadmin>yes</isadmin>

</header>


-<engine>

<version>2.00.1.1004</version>

<rules-database>v2014.04.07.05</rules-database>

<swissarmy-database>v2014.03.27.01</swissarmy-database>

<license>free</license>

<file-protection>disabled</file-protection>

<web-protection>disabled</web-protection>

<self-protection>disabled</self-protection>

</engine>


-<system>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x86</arch>

<username>Büro</username>

<filesys>NTFS</filesys>

</system>


-<summary>

<type>threat</type>

<result>completed</result>

<objects>221436</objects>

<time>434</time>

<processes>5</processes>

<modules>42</modules>

<keys>18</keys>

<values>6</values>

<datas>2</datas>

<folders>5</folders>

<files>33</files>

<sectors>0</sectors>

</summary>


-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>disabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<shuriken>enabled</shuriken>

<pup>enabled</pup>

<pum>enabled</pum>

</options>


-<items>


-<process>

<path>C:\Program Files\Settings Manager\systemk\systemku.exe</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<pid>2780</pid>

<hash>5a2744e31f5c3cfafac23c2732cf9d63</hash>

</process>


-<process>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\PirritDesktop.exe</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<pid>5032</pid>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</process>


-<process>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\PirritService.exe</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<pid>2164</pid>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</process>


-<process>

<path>C:\Program Files\Settings Manager\systemk\SystemkService.exe</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<pid>2648</pid>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</process>


-<process>

<path>C:\Program Files\Settings Manager\systemk\SystemkService.exe</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<pid>2756</pid>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</process>


-<module>

<path>C:\Program Files\Settings Manager\systemk\systemk.dll</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<hash>0180e047b3c8df57ccf01350ea17fa06</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\systemk.dll</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<hash>0180e047b3c8df57ccf01350ea17fa06</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\systemk.dll</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<hash>0180e047b3c8df57ccf01350ea17fa06</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\systemkbho.dll</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\systemkbho.dll</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</module>


-<module>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\msvcp100.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</module>


-<module>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\msvcp100.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</module>


-<module>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\msvcr100.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</module>


-<module>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\msvcr100.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</module>


-<module>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\QtCore4.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</module>


-<module>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\QtCore4.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</module>


-<module>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\QtNetwork4.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\syskldr.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\syskldr.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\syskldr.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\syskldr.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<module>

<path>C:\Program Files\Settings Manager\systemk\syskldr.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</module>


-<key>

<path>HKLM\SOFTWARE\CLASSES\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\SettingsManagerIEHelper.DNSGuard</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\SettingsManagerIEHelper.DNSGuard.1</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</key>


-<key>

<path>HKU\S-1-5-21-3313896547-2878084619-875718404-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{54739D49-AC03-4C57-9264-C5195596B3A1}</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\TYPELIB\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\CLASSES\INTERFACE\{AA760BA8-5862-4BC5-9263-4452CBC0B264}</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</key>


-<key>

<path>HKU\S-1-5-21-3313896547-2878084619-875718404-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}</path>

<vendor>PUP.Optional.VBates</vendor>

<action>delete-on-reboot</action>

<hash>89f80d1a413a5adc20da818d22e0956b</hash>

</key>


-<key>

<path>HKU\S-1-5-21-3313896547-2878084619-875718404-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}</path>

<vendor>PUP.Optional.Linkey.A</vendor>

<action>delete-on-reboot</action>

<hash>9ce566c127549a9c2a3223e9768ce51b</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\SYSTEMK\General</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>success</action>

<hash>08799196f487e056cd7e431e897951af</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\SYSTEMK</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>success</action>

<hash>c8b9ee393e3dae88b29a095810f20cf4</hash>

</key>


-<key>

<path>HKU\S-1-5-21-3313896547-2878084619-875718404-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong</path>

<vendor>PUP.Optional.PriceGong.A</vendor>

<action>delete-on-reboot</action>

<hash>0f72b1767cff61d57ee6b0b9c53df40c</hash>

</key>


-<key>

<path>HKU\S-1-5-21-3313896547-2878084619-875718404-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\ValueApps</path>

<vendor>PUP.Optional.ValueApps.A</vendor>

<action>delete-on-reboot</action>

<hash>443d64c3f487d16594044f20c240c838</hash>

</key>


-<key>

<path>HKU\S-1-5-21-3313896547-2878084619-875718404-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S</path>

<vendor>PUP.Optional.InstallCore.A</vendor>

<action>delete-on-reboot</action>

<hash>9de40a1d4f2cd56172afd29dec169f61</hash>

</key>


-<key>

<path>HKU\S-1-5-21-3313896547-2878084619-875718404-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE</path>

<vendor>PUP.Optional.InstallCore.A</vendor>

<action>delete-on-reboot</action>

<hash>5b26e83fa1da45f1eb74790c18eb43bd</hash>

</key>


-<key>

<path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PirritDesktop</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>success</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</key>


-<key>

<path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SystemkService</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>success</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</key>


-<key>

<path>HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Settings Manager</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>success</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</key>


-<value>

<path>HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS</path>

<valuename>{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}</valuename>

<vendor>PUP.Optional.VBates</vendor>

<action>success</action>

<valuedata>C:\Program Files\V-bates\Firefox</valuedata>

<hash>89f80d1a413a5adc20da818d22e0956b</hash>

</value>


-<value>

<path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path>

<valuename>{21EAF666-26B3-4A3C-ABD0-CA2F5A326744}</valuename>

<vendor>PUP.Optional.VBates</vendor>

<action>success</action>

<valuedata>C:\Program Files\V-bates\Firefox</valuedata>

<hash>89f80d1a413a5adc20da818d22e0956b</hash>

</value>


-<value>

<path>HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}</path>

<valuename/>

<vendor>PUP.Optional.VBates</vendor>

<action>success</action>

<valuedata/>

<hash>d9a8a681b2c98da9c43653bbc141d42c</hash>

</value>


-<value>

<path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{21EAF666-26B3-4a3c-ABD0-CA2F5A326744}</path>

<valuename/>

<vendor>PUP.Optional.VBates</vendor>

<action>success</action>

<valuedata/>

<hash>94ed7fa86318a1956d8dec22758d827e</hash>

</value>


-<value>

<path>HKLM\SOFTWARE\SYSTEMK</path>

<valuename>browser</valuename>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>success</action>

<valuedata> ie ff cr</valuedata>

<hash>c8b9ee393e3dae88b29a095810f20cf4</hash>

</value>


-<value>

<path>HKU\S-1-5-21-3313896547-2878084619-875718404-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE</path>

<valuename>tb</valuename>

<vendor>PUP.Optional.InstallCore.A</vendor>

<action>delete-on-reboot</action>

<valuedata>0K1M1R</valuedata>

<hash>5b26e83fa1da45f1eb74790c18eb43bd</hash>

</value>


-<data>

<path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS</path>

<valuename>AppInit_DLLs</valuename>

<vendor>PUP.Optional.Datamngr.A</vendor>

<action>replaced</action>

<valuedata>C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\SETTIN~1\systemk\syskldr.dll </valuedata>

<baddata>C:\PROGRA~2\Wincert\WIN32C~1.DLL</baddata>

<gooddata/>

<hash>86fb0a1da5d6a98d985b1c6c92716898</hash>

</data>


-<data>

<path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS</path>

<valuename>AppInit_DLLs</valuename>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>replaced</action>

<valuedata>C:\PROGRA~2\Wincert\WIN32C~1.DLL C:\PROGRA~1\SETTIN~1\systemk\syskldr.dll </valuedata>

<baddata>C:\PROGRA~1\SETTIN~1\systemk\syskldr.dll</baddata>

<gooddata/>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</data>


-<folder>

<path>C:\ProgramData\systemk</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>077a4bdcb2c90c2aa73b3b24be44c838</hash>

</folder>


-<folder>

<path>C:\Users\Büro\AppData\Local\DownloadGuide</path>

<vendor>PUP.Optional.DownloadGuide.A</vendor>

<action>success</action>

<hash>5c25ae79730823133da73b55e32051af</hash>

</folder>


-<folder>

<path>C:\Users\Büro\AppData\Local\DownloadGuide\Offers</path>

<vendor>PUP.Optional.DownloadGuide.A</vendor>

<action>success</action>

<hash>5c25ae79730823133da73b55e32051af</hash>

</folder>


-<folder>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</folder>


-<folder>

<path>C:\Program Files\Settings Manager\systemk</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</folder>


-<file>

<path>C:\Program Files\Settings Manager\systemk\systemku.exe</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<hash>5a2744e31f5c3cfafac23c2732cf9d63</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\systemk.dll</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<hash>0180e047b3c8df57ccf01350ea17fa06</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\systemkbho.dll</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>delete-on-reboot</action>

<hash>6a176fb84d2e1b1b6e4f6300b74a15eb</hash>

</file>


-<file>

<path>C:\ProgramData\systemk\general.cfg</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>077a4bdcb2c90c2aa73b3b24be44c838</hash>

</file>


-<file>

<path>C:\ProgramData\systemk\coordinator.cfg</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>077a4bdcb2c90c2aa73b3b24be44c838</hash>

</file>


-<file>

<path>C:\ProgramData\systemk\S-1-5-21-3313896547-2878084619-875718404-1000.cfg</path>

<vendor>PUP.Optional.SystemK.A</vendor>

<action>success</action>

<hash>077a4bdcb2c90c2aa73b3b24be44c838</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\zoi7ce94.default\searchplugins\default-search.xml</path>

<vendor>PUP.Optional.DefaultSearch.A</vendor>

<action>success</action>

<hash>4c35b572334837fff14f09587a88fd03</hash>

</file>


-<file>

<path>C:\Program Files\Mozilla Firefox\browser\searchplugins\default-search.xml</path>

<vendor>PUP.Optional.DefaultSearch.A</vendor>

<action>success</action>

<hash>ee9364c381fa092d58e99dc43ac8e31d</hash>

</file>


-<file>

<path>C:\Windows\System32\roboot.exe</path>

<vendor>PUP.Optional.PCPerformer.A</vendor>

<action>success</action>

<hash>cdb44add7ffc7cba5602a0e6907354ac</hash>

</file>


-<file>

<path>C:\ProgramData\Wincert\win32cert.dll</path>

<vendor>PUP.Optional.Datamngr.A</vendor>

<action>success</action>

<hash>86fb0a1da5d6a98d985b1c6c92716898</hash>

</file>


-<file>

<path>C:\ProgramData\Wincert\win64cert.dll</path>

<vendor>PUP.Optional.Datamngr.A</vendor>

<action>success</action>

<hash>b0d1c0670b701f172cc72c5c2fd49967</hash>

</file>


-<file>

<path>C:\ProgramData\Wincert\win32prop.dll</path>

<vendor>PUP.Optional.Datamngr.A</vendor>

<action>success</action>

<hash>9de4c562116a231313e11e6a14efb050</hash>

</file>


-<file>

<path>C:\ProgramData\Wincert\win64prop.dll</path>

<vendor>PUP.Optional.Datamngr.A</vendor>

<action>success</action>

<hash>a3de35f2b8c31b1b8470aaded82b946c</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\DownloadGuide\amazon.ico</path>

<vendor>PUP.Optional.DownloadGuide.A</vendor>

<action>success</action>

<hash>5c25ae79730823133da73b55e32051af</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\DownloadGuide\FreeSystemUtilities.exe</path>

<vendor>PUP.Optional.DownloadGuide.A</vendor>

<action>success</action>

<hash>5c25ae79730823133da73b55e32051af</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\gd.txt</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>success</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\msvcp100.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\msvcr100.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\PirritDesktop.exe</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\PirritService.exe</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\QtCore4.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\QtNetwork4.dll</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>delete-on-reboot</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\unins000.dat</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>success</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Local\PirritSuggestor\unins000.exe</path>

<vendor>PUP.Optional.PirritSuggestor.A</vendor>

<action>success</action>

<hash>ea97fa2ddaa10333fc1eff5d986ab44c</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\favicon.ico</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\Helper.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\Internet Explorer Settings.exe</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\sysapcrt.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\syskldr.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\syskldr_u.dll</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\SystemkService.exe</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</file>


-<file>

<path>C:\Program Files\Settings Manager\systemk\Uninstall.exe</path>

<vendor>PUP.Optional.SettingsManager.A</vendor>

<action>delete-on-reboot</action>

<hash>e9980b1c47345dd9cda0ca92f210b749</hash>

</file>


-<file>

<path>C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\zoi7ce94.default\prefs.js</path>

<vendor>PUP.Optional.Conduit.A</vendor>

<action>replaced</action>

<baddata>user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&q=");</baddata>

<gooddata/>

<hash>daa74fd88ceff244ee3b4ef36d9718e8</hash>

</file>

</items>

</mbam-log>
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16"?>

-<mbam-log>


-<header>

<date>2014/04/07 12:49:24 +0200</date>

<log>mbam-log-2014-04-07 (12-43-55).xml</log>

<isadmin>yes</isadmin>

</header>


-<engine>

<version>2.00.1.1004</version>

<rules-database>v2014.04.07.05</rules-database>

<swissarmy-database>v2014.03.27.01</swissarmy-database>

<license>free</license>

<file-protection>disabled</file-protection>

<web-protection>disabled</web-protection>

<self-protection>disabled</self-protection>

</engine>


-<system>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x86</arch>

<username>Büro</username>

<filesys>NTFS</filesys>

</system>


-<summary>

<type>threat</type>

<result>completed</result>

<objects>221419</objects>

<time>327</time>

<processes>0</processes>

<modules>0</modules>

<keys>0</keys>

<values>0</values>

<datas>0</datas>

<folders>0</folders>

<files>0</files>

<sectors>0</sectors>

</summary>


-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>disabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<shuriken>enabled</shuriken>

<pup>enabled</pup>

<pum>enabled</pum>

</options>

<items> </items>

</mbam-log>
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-8"?>

-<logs>

<record toVersion="2014.3.27.1" name="Rootkit Database" last_modified_tag="613e205b-e1e2-4fa9-96e4-21be3587a3f2" fromVersion="2014.2.20.1" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T10:00:18.418058+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.4.7.5" name="Malware Database" last_modified_tag="d7191609-77ae-433a-94f5-0a969532f071" fromVersion="2014.3.4.9" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T10:00:43.768508+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2.0.1.1004" name="program" last_modified_tag="51d81ac6-bdd6-494c-9804-73a1f63f9629" fromVersion="2.0.0.1000" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T10:00:57.187276+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.3.27.1" name="Rootkit Database" last_modified_tag="f603b692-6e33-42dd-b785-e5f2ffe84992" fromVersion="2014.2.20.1" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T10:01:25.561338+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.4.7.5" name="Malware Database" last_modified_tag="62fe0d6f-905e-4bbd-b5e6-aa95061d8363" fromVersion="2014.3.4.9" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T10:01:28.104143+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2.0.1.1004" name="program" last_modified_tag="50c54bca-9f30-4d8c-9047-d880e1928ff0" fromVersion="2.0.0.1000" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T12:18:40.417689+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.3.27.1" name="Rootkit Database" last_modified_tag="ab363dfb-f73c-44cf-93ed-cbcf511b25df" fromVersion="2014.2.20.1" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T12:18:40.691290+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.3.27.1" name="Rootkit Database" last_modified_tag="d05bd908-a019-46cb-a939-26b4bc8bae3f" fromVersion="2014.2.20.1" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T12:19:00.600125+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.4.7.5" name="Malware Database" last_modified_tag="fb4e8d00-90a4-42ed-9cdf-f6082ef7a862" fromVersion="2014.3.4.9" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T12:19:03.096129+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.3.27.1" name="Rootkit Database" last_modified_tag="083cc07c-f584-4f75-a4a8-51cb19a72d56" fromVersion="2014.2.20.1" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T12:19:32.019580+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.4.7.5" name="Malware Database" last_modified_tag="5cb662bd-4589-4ed5-932a-89e7710b8dfa" fromVersion="2014.3.4.9" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T12:19:34.515585+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.3.27.1" name="Rootkit Database" last_modified_tag="71ada40f-2014-4399-b335-d1afbf2ad85e" fromVersion="2014.2.20.1" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T12:35:46.144970+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.4.7.5" name="Malware Database" last_modified_tag="b390cb0a-c1d5-4932-95fa-acfea26936c3" fromVersion="2014.3.4.9" systemname="BÜRO-PC" username="SYSTEM" type="Update" source="Manual" datetime="2014-04-07T12:35:48.828175+02:00" LoggingEventType="1" severity="debug"/>

</logs>

 

Themen zu default-search.net nicht zulöschen
appdata, appdatalow, befall, browser, c:\windows, c:\windows\system32\roboot.exe, code, desktop.exe, explorer, firefox, free, install.exe, internet, internet explorer, malware, microsoft, mozilla, pup.optional.defaultsearch.a, pup.optional.linkey.a, pup.optional.pirritsuggestor.a, pup.optional.settingsmanager.a, pup.optional.systemk.a, roaming, rootkits, service.exe, services, software, system, system32, uninstall.exe, update, windows, windows 7


« win7 64 bit friert regelmäßig - unregelmäßig ohne meldung ein | Regclean Pro entfernen »


Ähnliche Themen: default-search.net nicht zulöschen


  1. C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehen...
    Plagegeister aller Art und deren Bekämpfung - 16.03.2015 (17)
  2. C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehe
    Plagegeister aller Art und deren Bekämpfung - 06.02.2015 (5)
  3. Ungewollte Startseite in den Browsern - http://www.default-search.net - wie entferne ich das?
    Plagegeister aller Art und deren Bekämpfung - 23.09.2014 (17)
  4. Default-Search bleibt auch nach Neustart als Startseite
    Log-Analyse und Auswertung - 14.08.2014 (9)
  5. Verändert Default-Search.net Facebook?
    Log-Analyse und Auswertung - 14.04.2014 (7)
  6. Windows 8: default-search.net als Startsarte in allen Browsern
    Log-Analyse und Auswertung - 02.04.2014 (9)
  7. Default-Search
    Plagegeister aller Art und deren Bekämpfung - 01.04.2014 (9)
  8. Search d.p Engine. Ist das Delta-Search? Wenn nein, egal ich werde es nicht mehr los
    Log-Analyse und Auswertung - 27.01.2014 (11)
  9. Default-Search.net entfernen
    Anleitungen, FAQs & Links - 16.12.2013 (2)
  10. do-search kann nicht entfernt werden trotz Malware Bites und Avira, Programm nicht mehr sichtbar - do-search trotzdem noch da
    Log-Analyse und Auswertung - 08.12.2013 (21)
  11. "Trojan-Spy.Win32.Zbot.dnei" in "C:\Users\Default.Default-PC\AppData\Roaming"
    Plagegeister aller Art und deren Bekämpfung - 12.03.2012 (11)
  12. default search engine protection was ist das???
    Alles rund um Windows - 28.01.2009 (0)
  13. neuer Uer DEFAULT ?
    Plagegeister aller Art und deren Bekämpfung - 16.03.2005 (1)
  14. Bekomme "http://default.home/" und "ACCESS BLOCKED - VIRUS WARNING" nicht mehr los
    Log-Analyse und Auswertung - 16.01.2005 (5)
  15. .dll/default.hta
    Alles rund um Windows - 04.03.2003 (6)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema default-search.net nicht zulöschen - Hallo, ich habe bereits alles befolgt, was in diesem Thema beschrieben ist http://www.trojaner-board.de/146735-...entfernen.html der Befall ist jedoch nicht beseitigt. Können Sie mir bitte helfen? Code: Alles auswählen Aufklappen ATTFilter <?xml - default-search.net nicht zulöschen...
Archiv
Du betrachtest: default-search.net nicht zulöschen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131