RRSAVINGS - Windows 8.1 - Firefox 28.0

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 27.04.2014
Suchlauf-Zeit: 13:25:34
Logdatei: Malware Logdatei_01.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.27.02
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: *****

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 247047
Verstrichene Zeit: 21 Min, 55 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 2
Adware.Adpeak, C:\Program Files\002\bukgmhvrux64.exe, 1636, , [26da00008c74e51b2e3279aca460b54b]
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\RrFilterService64.exe, 1880, , [da265ea28a76b7495df2fc73e31f1ae6]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 3
Adware.Adpeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bukgmhvrux64, , [26da00008c74e51b2e3279aca460b54b], 
PUP.Optional.RRSavings.A, HKLM\SOFTWARE\rrsavings, , [af51916f847c6d939c395e13c63c9967], 
PUP.Optional.RRSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RrFilterService64, , [da265ea28a76b7495df2fc73e31f1ae6], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[946c52ae34cc20e0779c939e04008779]

Ordner: 2
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter, , [da265ea28a76b7495df2fc73e31f1ae6], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\SSL, , [da265ea28a76b7495df2fc73e31f1ae6], 

Dateien: 12
Adware.Adpeak, C:\Program Files\002\bukgmhvrux64.exe, , [26da00008c74e51b2e3279aca460b54b], 
PUP.Optional.SkyTech.A, C:\Users\Brigitte\AppData\Local\Temp\sweetpage_294wld.exe, , [58a8857bab55e41cf244e86a28d9d62a], 
PUP.Optional.SkyTech.A, C:\Users\Brigitte\AppData\Local\Temp\fullpackage_temp1398518186\alilog.dll, , [4ab633cd01ffa06033e1bd7546ba857b], 
PUP.Optional.SkyTech.A, C:\Users\Brigitte\AppData\Local\Temp\fullpackage_temp1398518186\package1.zip, , [20e018e8718fe41ce52f1e144cb4fc04], 
PUP.Optional.IePluginService.A, C:\Users\Brigitte\AppData\Local\Temp\fullpackage_temp1398518186\tmp\SupTab.exe, , [7b85db25ff01b050c690bb972bd640c0], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\Installbat64.dll, , [da265ea28a76b7495df2fc73e31f1ae6], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\Microsoft.Deployment.WindowsInstaller.dll, , [da265ea28a76b7495df2fc73e31f1ae6], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\Microsoft.Deployment.WindowsInstaller.xml, , [da265ea28a76b7495df2fc73e31f1ae6], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\nfapi.dll, , [da265ea28a76b7495df2fc73e31f1ae6], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\ProtocolFilters.dll, , [da265ea28a76b7495df2fc73e31f1ae6], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\RrFilterService64.exe, , [da265ea28a76b7495df2fc73e31f1ae6], 
PUP.Optional.RRSavings.A, C:\Program Files\RrFilter\sample.dll, , [da265ea28a76b7495df2fc73e31f1ae6], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         

# AdwCleaner v3.204 - Report created 27/04/2014 at 13:39:41
# Updated 26/04/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : *****
# Running from : C:\Users\*****\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16384


-\\ Mozilla Firefox v28.0 (de)

[ File : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\mfq3l940.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [6246 octets] - [26/04/2014 15:17:20]
AdwCleaner[R1].txt - [785 octets] - [26/04/2014 15:28:40]
AdwCleaner[R2].txt - [989 octets] - [27/04/2014 13:39:03]
AdwCleaner[S0].txt - [4608 octets] - [26/04/2014 15:18:17]
AdwCleaner[S1].txt - [845 octets] - [26/04/2014 15:29:24]
AdwCleaner[S2].txt - [911 octets] - [27/04/2014 13:39:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [970 octets] ##########
         

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by ***** on 27.04.2014 at 13:53:23,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.04.2014 at 13:55:42,39
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Shortcut Cleaner 1.3.3 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 8.1 
Program started at: 04/27/2014 01:57:05 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\*****\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\*****\Desktop


0 bad shortcuts found.

Program finished at: 04/27/2014 01:57:05 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)