| |
| |||||||
Anleitungen, FAQs & Links: Key-Find.com Browser Hijacker entfernenWindows 7 Hilfreiche Anleitungen um Trojaner zu entfernen. Viele FAQs & Links zum Thema Sicherheit, Malware und Viren. Die Schritt für Schritt Anleitungen zum Trojaner entfernen sind auch für nicht versierte Benutzer leicht durchführbar. Bei Problemen, einfach im Trojaner-Board nachfragen - unsere Experten helfen kostenlos. Weitere Anleitungen zu Hardware, Trojaner und Malware sind hier zu finden. |
02.10.2014, 15:08
| #1 |
| Administrator |  Key-Find.com Browser Hijacker entfernen Key-Find.com Browser Hijacker entfernen Was ist Key-Find.com Browser Hijacker? Key-Find.com Browser Hijacker ist eine weitere Rogue-Malware in Form einer gefälschten Scan-Software, die mittels eines sog. Trojaners in den PC eindringt und dem Benutzer weissmacht, den PC nach Malware abzusuchen. Diese Software (Key-Find.com Browser Hijacker) ist ein Fake und selbst eine Schadsoftware und sollte nicht gekauft werden. Da solche Software wie Key-Find.com Browser Hijacker sich gegen jede Entfernung wehren wird und Key-Find.com Browser Hijacker oftmals noch Rootkits mitinstalliert, sollte eine Neuinstallation des Systems in Erwägung gezogen werden. Verbreitet wird Scareware wie Key-Find.com Browser Hijacker nicht mehr ausschliesslich über 'dubiose Seiten' für Cracks, KeyGens und Warez, sondern auch seriöse Seiten werden zunehmend für die Verbreitung dieser mißbraucht (http://www.trojaner-board.de/90880-d...tallation.html). Der wichtigste Schutz vor einer Infizierung ist ein aktuelles Windows (mit allen Updates) und aktuelle Drittanbietersoftware wie Java oder Adobe Flash!  Symptome von Key-Find.com Browser Hijacker:
Fake-Meldungen von Key-Find.com Browser Hijacker: Dateien von Key-Find.com Browser Hijacker: Code:
ATTFilter %AppData%SupTab
%AppData%SupTabSupTab.dll
%CommonAppData%IePluginService
%CommonAppData%IePluginServicePluginService.exe
%CommonAppData%IePluginServiceupdate
%CommonAppData%WPM
%CommonAppData%WPMwprotectmanager.exe
%CommonAppData%WPMupdate
%CommonAppData%WPMupdateconf
c:Program FilesMozilla Firefoxsearchpluginskey-find.xml
c:Program FilesSupTab
c:Program FilesSupTabDpInterface32.dll
c:Program FilesSupTabDpInterface64.dll
c:Program FilesSupTabDpInterfacef32.dll
c:Program FilesSupTabient.json
c:Program FilesSupTabinstall.data
c:Program FilesSupTabRSHP.exe
c:Program FilesSupTabSearchProtect32.dll
c:Program FilesSupTabSearchProtect64.dll
c:Program FilesSupTabSpAPPSv32.dll
c:Program FilesSupTabSpAPPSv64.dll
c:Program FilesSupTabSupTab.dll
c:Program FilesSupTabuninstall.exe
c:Program FilesSupTabweb
c:Program FilesSupTabwebimg
c:Program FilesSupTabwebimgweather
c:Program FilesSupTabwebjs
c:Program FilesSupTabwebindexIE.html
c:Program FilesSupTabwebindexIE8.html
c:Program FilesSupTabwebstyle.css
c:Program FilesSupTabwebver.txt
c:Program FilesSupTabweb_locales
c:Program FilesSupTabweb_localesen-US
c:Program FilesSupTabweb_localesen-USmessages.json
c:Program FilesSupTabweb_localeses-419
c:Program FilesSupTabweb_localeses-419messages.json
c:Program FilesSupTabwebimgdefault_logo.png
c:Program FilesSupTabwebimgicon128.png
c:Program FilesSupTabwebimgicon16.png
c:Program FilesSupTabwebjsbackground.js
c:Program FilesSupTabwebjsga.js
c:Program FilesSupTabwebjsjquery.autocomplete.js
c:Program FilesSupTabwebjsjquery-base.js
c:Program FilesSupTabwebjsjs.js
c:Program FilesSupTabwebjsxagainit.js
File Location Notes:%CommonAppData% refers to the Application Data folder for the All Users Profile. By default, this is C:Documents and SettingsAll UsersApplication Data for Windows 2000/XP and C:ProgramData in Windows Vista, Windows 7, and Windows 8.%AppData% refers to the current users Application Data folder. By default, this is C:Documents and Settings<Current User>Application Data for Windows 2000/XP. For Windows Vista and Windows 7 it is C:Users<Current User>AppDataRoaming.%CommonAppData% refers to the Application Data folder in the All Users profile. For Windows XP, Vista, NT, 2000 and 2003 it refers to C:Documents and SettingsAll UsersApplication Data, and for Windows Vista, Windows 7, and Windows 8 it is C:ProgramData.
Registry-Einträge von Key-Find.com Browser Hijacker: Code:
ATTFilter HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{33BB0A4E-99AF-4226-BDF6-49120163DE86}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallWPM
HKEY_LOCAL_MACHINESOFTWAREsupTab
HKEY_LOCAL_MACHINESOFTWAREsupWPM
HKEY_LOCAL_MACHINESOFTWAREkey-findSoftware
HKEY_LOCAL_MACHINESOFTWAREWpm
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesIePluginService
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesWpm
HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerBrowserEmulation "TLDUpdates" = "1"
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain "Default_Page_URL" = "http://www.key-find.com/?type=hp&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>"
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerTabbedBrowsing "NewTabPageShow" = "0"
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain "Start Page" = "http://www.key-find.com/?type=hp&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetFIREFOX.EXEshellopencommand "(Default)" = "C:Program FilesMozilla Firefoxfirefox.exe http://www.key-find.com/?type=sc&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetGoogle Chromeshellopencommand "(Default)" = ""C:Documents and SettingsBleepingLocal SettingsApplication DataGoogleChromeApplicationchrome.exe" http://www.key-find.com/?type=sc&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetIEXPLORE.EXEshellopencommand "(Default)" = "C:Program FilesInternet Exploreriexplore.exe http://www.key-find.com/?type=sc&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetOperashellopencommand "(Default)" = ""C:Program FilesOperaOpera.exe" http://www.key-find.com/?type=sc&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetOpera.exeshellopencommand "(Default)" = ""C:Program FilesOperaOpera.exe" http://www.key-find.com/?type=sc&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>" = ""C:Program FilesSafariSafari.exe" http://www.key-find.com/?type=sc&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>"
HKEY_LOCAL_MACHINESOFTWAREClientsStartMenuInternetSEAMONKEY.EXEshellopencommand "(Default)" = "C:Program FilesSeaMonkeyseamonkey.exe http://www.key-find.com/?type=sc&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain "Default_Search_URL" = "http://www.key-find.com/web/?type=ds&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>&q={searchTerms}"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain "Search Page" = "http://www.key-find.com/web/?type=ds&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>&q={searchTerms}"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerMain "Start Page" = "http://www.key-find.com/?type=hp&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearch "CustomizeSearch" = "http://www.key-find.com/web/?type=ds&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>&q={searchTerms}"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearch "SearchAssistant" = "http://www.key-find.com/web/?type=ds&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>&q={searchTerms}"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows "AppInit_DLLs" = "C:PROGRA~1SupTabSEARCH~1.DLL"
Key-Find.com Browser Hijacker im HijackThis-Log: Code:
ATTFilter R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.key-find.com/?type=hp&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.key-find.com/?type=hp&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.key-find.com/?type=hp&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.key-find.com/web/?type=ds&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>&q={searchTerms}
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.key-find.com/web/?type=ds&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>&q={searchTerms}
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.key-find.com/?type=hp&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.key-find.com/web/?type=ds&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>&q={searchTerms}
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = http://www.key-find.com/web/?type=ds&ts=<timestamp>&from=<affiliate_id>&uid=<disk_id>&q={searchTerms}
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:Program FilesSupTabSupTab.dll
O20 - AppInit_DLLs: C:PROGRA~1SupTabSEARCH~1.DLL
O23 - Service: IePlugin Service (IePluginService) - Cherished Technololgy LIMITED - %CommonAppData%IePluginServicePluginService.exe
O23 - Service: Wpm Service (Wpm) - Cherished Technololgy LIMITED - %CommonAppData%WPMwprotectmanager.exe
|
Baum-Darstellung