Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7: Webseiten werden auf Werbung umgeleitet.

Windows 7: Webseiten werden auf Werbung umgeleitet.


Log-Analyse und Auswertung: Windows 7: Webseiten werden auf Werbung umgeleitet.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 12.01.2015, 23:40   #3
jaydee81
 
Windows 7: Webseiten werden auf Werbung umgeleitet. - Standard

Malewarebytes Logs


Malwarebytes Log 1:
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/01/12 19:17:00 +0100</date>
<logfile>mbam-log-2015-01-12 (19-16-59).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2015.01.12.07</malware-database>
<rootkit-database>v2015.01.07.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>JDR</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>312948</objects>
<time>514</time>
<processes>5</processes>
<modules>0</modules>
<keys>51</keys>
<values>12</values>
<datas>12</datas>
<folders>16</folders>
<files>111</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<process><path>C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe</path><vendor>PUP.Optional.WindowsProtectManger.A</vendor><action>delete-on-reboot</action><pid>1584</pid><hash>830426d0286149ed628b497ac1401ae6</hash></process>
<process><path>C:\Program Files (x86)\LPT\srptsl.exe</path><vendor>PUP.Optional.VeriStaff</vendor><action>delete-on-reboot</action><pid>1372</pid><hash>fa8d44b2dfaa2511126a0b528779a45c</hash></process>
<process><path>D:\Program Files\WordProser_1.10.0.6\Service\wpsvc.exe</path><vendor>PUP.Optional.WordProser.A</vendor><action>delete-on-reboot</action><pid>2332</pid><hash>a6e1c531ff8aca6c6949eef2a06142be</hash></process>
<process><path>C:\Program Files (x86)\LPT\srpts.exe</path><vendor>PUP.Optional.Linkury.A</vendor><action>delete-on-reboot</action><pid>1928</pid><hash>fe898d6994f5b28440906148ee15a759</hash></process>
<process><path>C:\Windows\rcore.exe</path><vendor>PUP.Optional.Score.A</vendor><action>delete-on-reboot</action><pid>2196</pid><hash>8502fcfa5a2f3ff7d455d6165ba9b64a</hash></process>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect</path><vendor>PUP.Optional.WindowsProtectManger.A</vendor><action>success</action><hash>830426d0286149ed628b497ac1401ae6</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wpsvc_1.10.0.6</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a6e1c531ff8aca6c6949eef2a06142be</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}</path><vendor>PUP.Optional.DynConIE.A</vendor><action>success</action><hash>90f7d1256f1a72c4d1d773789d653bc5</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}</path><vendor>PUP.Optional.DynConIE.A</vendor><action>success</action><hash>90f7d1256f1a72c4d1d773789d653bc5</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>8dfad71fa4e5fb3b8f84edfe0bf78080</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>8dfad71fa4e5fb3b8f84edfe0bf78080</hash></key>
<key><path>HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>8dfad71fa4e5fb3b8f84edfe0bf78080</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>8dfad71fa4e5fb3b8f84edfe0bf78080</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>8dfad71fa4e5fb3b8f84edfe0bf78080</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>8dfad71fa4e5fb3b8f84edfe0bf78080</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}</path><vendor>PUP.Optional.Snapdo.T</vendor><action>success</action><hash>afd80aecef9a9f978202d350b84b4db3</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}</path><vendor>PUP.Optional.Snapdo.T</vendor><action>success</action><hash>afd80aecef9a9f978202d350b84b4db3</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}</path><vendor>PUP.Optional.DefaultSearch.A</vendor><action>success</action><hash>a9de6f8746433cfade5f27c09e645ba5</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}</path><vendor>PUP.Optional.DefaultSearch.A</vendor><action>success</action><hash>a9de6f8746433cfade5f27c09e645ba5</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wpnfd_1_10_0_6</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>f88fde18f09935011154b1c505fec63a</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{886f5d30-5b8b-42ab-98f8-31d062b96dc3}Gw64</path><vendor>PUP.Optional.Sanbreel.A</vendor><action>success</action><hash>d8af9b5b0d7cdd59fc572264a65dbf41</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{a6994947-8316-401e-82e4-23da215413fb}Gw64</path><vendor>PUP.Optional.Sanbreel.A</vendor><action>success</action><hash>731411e5414841f52231e1a5bb4846ba</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}</path><vendor>PUP.Optional.Qone8</vendor><action>success</action><hash>5f287a7ccfbab77f53d1468b6a9acb35</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}</path><vendor>PUP.Optional.SearchProtect</vendor><action>success</action><hash>61264da9cbbe1521643c816873912bd5</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}</path><vendor>PUP.Optional.SearchProtect</vendor><action>success</action><hash>6e19c234ed9c3006c3dcd712808434cc</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\ClickCaption_1.10.0.5</path><vendor>PUP.Optional.ClickCaption.A</vendor><action>success</action><hash>3453f0069eeb9f974606dc97897aad53</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\Flowsurf</path><vendor>PUP.Optional.FlowSurf.A</vendor><action>success</action><hash>6d1a6d892069f244a91ab03e1fe5bb45</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\IHProtect</path><vendor>PUP.Optional.IHProtect.A</vendor><action>success</action><hash>3d4a787e6f1a171f7242d7937291c13f</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\omiga-plusSoftware</path><vendor>PUP.Optional.ISearch.A</vendor><action>success</action><hash>5631e214e5a489ad95eca23bbe46e41c</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\SmdmF</path><vendor>PUP.Optional.SettingsManager.A</vendor><action>success</action><hash>f7904ea802875cda29e4c8ba8a7935cb</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect</path><vendor>PUP.Optional.WPM.A</vendor><action>success</action><hash>e2a5f9fd44450135fe7b6d780004a957</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\WordProser_1.10.0.6</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>d9ae985ee7a293a370f85125e91a14ec</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE</path><vendor>PUP.Optional.GlobalUpdate.T</vendor><action>success</action><hash>1e6904f2e0a9f3434a4b4e3aae552fd1</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}</path><vendor>PUP.Optional.Linkury.A</vendor><action>success</action><hash>266133c3b9d049edb5070d89a95ad62a</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>790e619567223bfb5322c4244cb852ae</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>47404da9662373c30f6730b830d412ee</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\SUPTAB</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>4b3c09eddfaacd692633aad661a2a55b</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd</path><vendor>PUP.Optional.SystemSpeedup</vendor><action>success</action><hash>097e3bbbd9b04fe7dbd31674b54e48b8</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ccnfd_1_10_0_5</path><vendor>PUP.Optional.ClickCaption.A</vendor><action>success</action><hash>07807b7b256487af301a87ecd62d768a</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect</path><vendor>PUP.Optional.WindowsMangerProtect.A</vendor><action>success</action><hash>f295cf2774154cea1a694134cb3808f8</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LPTSYSTEMUPDATER</path><vendor>PUP.Optional.Linkury.A</vendor><action>success</action><hash>fe898d6994f5b28440906148ee15a759</hash></key>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RCORES</path><vendor>PUP.Optional.Score.A</vendor><action>success</action><hash>8502fcfa5a2f3ff7d455d6165ba9b64a</hash></key>
<key><path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force</path><vendor>PUP.Optional.GeForce.A</vendor><action>success</action><hash>c0c7f204395062d425525690fb0922de</hash></key>
<key><path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQPro-Video 1.6V10.01</path><vendor>PUP.Optional.CrossRider.A</vendor><action>success</action><hash>93f4ed0953362511969e314331d28e72</hash></key>
<key><path>HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Media+PlayerVidEd2.5</path><vendor>PUP.Optional.MediaPlayerVideo.A</vendor><action>success</action><hash>3156a353315863d39e3ed19d37ccd22e</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\StormWatchApp</path><vendor>PUP.Optional.StormWatchApp.A</vendor><action>success</action><hash>06819561018869cd3597304654af23dd</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag</path><vendor>PUP.Optional.Tuto4PC.A</vendor><action>success</action><hash>563103f33b4ea88eb9efaf39dd27a45c</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider</path><vendor>PUP.Optional.CrossRider.A</vendor><action>success</action><hash>ee9952a492f796a0ad14fbde48bc19e7</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE</path><vendor>PUP.Optional.MultiIE.A</vendor><action>success</action><hash>6f188c6a1c6d42f42bb8fae8ea1a619f</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S</path><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><hash>bdcad125ed9c181e6c14cce3d42feb15</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE</path><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><hash>850234c2d1b8ae884650863fd72d6a96</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR</path><vendor>PUP.Optional.SafeFinder.A</vendor><action>success</action><hash>f295c82ef396c96d027b6a1727dcc53b</hash></key>
<key><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd</path><vendor>PUP.Optional.SystemSpeedup</vendor><action>success</action><hash>acdb0cea286140f67d304f3b4fb49967</hash></key>
<key><path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></key>
<key><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WordProser_1.10.0.6</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></key>
<value><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR</path><valuename>{ae07101b-46d4-4a98-af68-0333ea26e113}</valuename><vendor>PUP.Optional.SmartBar</vendor><action>success</action><valuedata>Smartbar</valuedata><hash>305718de5732de5859a5aad4ce358c74</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE</path><valuename>path</valuename><vendor>PUP.Optional.GlobalUpdate.T</vendor><action>success</action><valuedata>C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe</valuedata><hash>1e6904f2e0a9f3434a4b4e3aae552fd1</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR</path><valuename>{ae07101b-46d4-4a98-af68-0333ea26e113}</valuename><vendor>PUP.Optional.SmartBar</vendor><action>success</action><valuedata>Smartbar</valuedata><hash>f4935e98fc8dd46252aceb93da29e41c</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>gmsd_de_78</valuename><vendor>PUP.Optional.GamesDesktop.A</vendor><action>success</action><valuedata></valuedata><hash>13749c5a355401355be6bcb36f94c13f</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>gmsd_de_80</valuename><vendor>PUP.Optional.GamesDesktop.A</vendor><action>success</action><valuedata></valuedata><hash>97f09b5b117872c419288be428db2ed2</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN</path><valuename>mbot_de_406</valuename><vendor>PUP.Optional.MBot.A</vendor><action>success</action><valuedata></valuedata><hash>2a5db145b7d29c9a06b997ea48bb57a9</hash></value>
<value><path>HKLM\SOFTWARE\WOW6432NODE\SUPTAB</path><valuename>ptid</valuename><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><valuedata>tugs</valuedata><hash>4b3c09eddfaacd692633aad661a2a55b</hash></value>
<value><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LPTSYSTEMUPDATER</path><valuename>ImagePath</valuename><vendor>PUP.Optional.Linkury.A</vendor><action>success</action><valuedata>&quot;C:\Program Files (x86)\LPT\srpts.exe&quot;</valuedata><hash>fe898d6994f5b28440906148ee15a759</hash></value>
<value><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RCORES</path><valuename>ImagePath</valuename><vendor>PUP.Optional.Score.A</vendor><action>success</action><valuedata>C:\Windows\rcore.exe</valuedata><hash>8502fcfa5a2f3ff7d455d6165ba9b64a</hash></value>
<value><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE</path><valuename>tb</valuename><vendor>PUP.Optional.InstallCore.A</vendor><action>success</action><valuedata>0Q1O1R1R0D1G1J1S</valuedata><hash>850234c2d1b8ae884650863fd72d6a96</hash></value>
<value><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path><valuename>DefaultScope</valuename><vendor>PUP.Optional.Snapdo.T</vendor><action>success</action><valuedata>{006ee092-9658-4fd6-bd8e-a21a348e59f5}</valuedata><hash>335412e41c6d8da9badc5a2ef0132ad6</hash></value>
<value><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR</path><valuename>publisher</valuename><vendor>PUP.Optional.SafeFinder.A</vendor><action>success</action><valuedata>IrsSF</valuedata><hash>f295c82ef396c96d027b6a1727dcc53b</hash></value>
<data><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>PUP.Optional.OmigaPlus.A</vendor><action>replaced</action><valuedata>hxxp://isearch.omiga-plus.com/?type=hppp&amp;ts=1420919252&amp;from=tugs&amp;uid=STTXFTM64GX25H_P569318-btix-6269013</valuedata><baddata>hxxp://isearch.omiga-plus.com/?type=hppp&amp;ts=1420919252&amp;from=tugs&amp;uid=STTXFTM64GX25H_P569318-btix-6269013</baddata><gooddata>www.google.com</gooddata><hash>186fe90d276274c2878a0d861bea5da3</hash></data>
<data><path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path><valuename>DefaultScope</valuename><vendor>PUP.Optional.Qone8</vendor><action>replaced</action><valuedata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</valuedata><baddata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</baddata><gooddata>{0633EE93-D776-472f-A0FF-E1416B8B2E3A}</gooddata><hash>3651a1554c3dc37389b6622f21e4ec14</hash></data>
<data><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>PUP.Optional.OmigaPlus.A</vendor><action>replaced</action><valuedata>hxxp://isearch.omiga-plus.com/?type=hppp&amp;ts=1420919252&amp;from=tugs&amp;uid=STTXFTM64GX25H_P569318-btix-6269013</valuedata><baddata>hxxp://isearch.omiga-plus.com/?type=hppp&amp;ts=1420919252&amp;from=tugs&amp;uid=STTXFTM64GX25H_P569318-btix-6269013</baddata><gooddata>www.google.com</gooddata><hash>3651bc3abdcc4ceaa170543f57ae946c</hash></data>
<data><path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL</path><valuename>Default</valuename><vendor>PUP.Optional.SafeFinder.A</vendor><action>replaced</action><valuedata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyahHISZMPSu3Vv0UGtPsXvs&amp;q={searchTerms}</valuedata><baddata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyahHISZMPSu3Vv0UGtPsXvs&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>236427cf4445be784ce15630689d5fa1</hash></data>
<data><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Search Page</valuename><vendor>PUP.Optional.SafeFinder.A</vendor><action>replaced</action><valuedata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</valuedata><baddata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>90f7cd290386112531f5295d56afb54b</hash></data>
<data><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Start Page</valuename><vendor>PUP.Optional.SafeFinder.A</vendor><action>replaced</action><valuedata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCSH6gc8-7TDgQXhxYEloZ5bmvGguuDX11bYCBT6-B25m6HH_IaaV5Io90RgwFx3BGxOSudEc9ytaPWkOnpeyBlN</valuedata><baddata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCSH6gc8-7TDgQXhxYEloZ5bmvGguuDX11bYCBT6-B25m6HH_IaaV5Io90RgwFx3BGxOSudEc9ytaPWkOnpeyBlN</baddata><gooddata>www.google.com</gooddata><hash>0582a84eacddbb7bc55e582ebc4959a7</hash></data>
<data><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Default_Page_URL</valuename><vendor>PUP.Optional.OmigaPlus.A</vendor><action>replaced</action><valuedata>hxxp://isearch.omiga-plus.com/?type=hppp&amp;ts=1420919252&amp;from=tugs&amp;uid=STTXFTM64GX25H_P569318-btix-6269013</valuedata><baddata>hxxp://isearch.omiga-plus.com/?type=hppp&amp;ts=1420919252&amp;from=tugs&amp;uid=STTXFTM64GX25H_P569318-btix-6269013</baddata><gooddata>www.google.com</gooddata><hash>f1964da98dfc4beb4ebb088bda2b26da</hash></data>
<data><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Default_Search_URL</valuename><vendor>PUP.Optional.OmigaPlus.A</vendor><action>replaced</action><valuedata>hxxp://isearch.omiga-plus.com/web/?type=dspp&amp;ts=1420919252&amp;from=tugs&amp;uid=STTXFTM64GX25H_P569318-btix-6269013&amp;q={searchTerms}</valuedata><baddata>hxxp://isearch.omiga-plus.com/web/?type=dspp&amp;ts=1420919252&amp;from=tugs&amp;uid=STTXFTM64GX25H_P569318-btix-6269013&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>3d4ab4427a0fea4c8e85dca937ced52b</hash></data>
<data><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path><valuename>Search Bar</valuename><vendor>PUP.Optional.SafeFinder.A</vendor><action>replaced</action><valuedata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</valuedata><baddata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>9becaf475d2c90a6fa2ed7af27de32ce</hash></data>
<data><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH</path><valuename>Default_Search_URL</valuename><vendor>PUP.Optional.SafeFinder.A</vendor><action>replaced</action><valuedata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</valuedata><baddata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>32552dc92e5bfc3a63c88afc8a7be21e</hash></data>
<data><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH</path><valuename>SearchAssistant</valuename><vendor>PUP.Optional.SafeFinder.A</vendor><action>replaced</action><valuedata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</valuedata><baddata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>5b2c70864d3c072f121aa9dd3ec7a858</hash></data>
<data><path>HKU\S-1-5-21-2100642859-3274675363-52059511-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL</path><valuename>Default</valuename><vendor>PUP.Optional.SafeFinder.A</vendor><action>replaced</action><valuedata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</valuedata><baddata>hxxp://feed.safefinder.com/?p=mKO_AwFzXIpYRak5VLd2-qQdkN5729vVFWxou9hoxUv82Ac0l78Z5A1nEmRSUhC4s2s4BBwiY8BHHkfnEAObOW8yk0Z3BJq_5cISz9jLZd-YXBu8_Tn_YCg3JRvQR20wDIpiZi0wzjVR6OtkBVIwpqQBlG4XljOFU9V-rEFsp9CYEPWgLWIeHyG_-nL33GG0VUvBdRaAVUiq&amp;q={searchTerms}</baddata><gooddata>www.google.com</gooddata><hash>9deab6401d6c4ceaa787dbab6d983cc4</hash></data>
<folder><path>C:\Users\JDR\AppData\Roaming\OpenCandy</path><vendor>PUP.Optional.OpenCandy</vendor><action>success</action><hash>8502c630791091a50ce16cc71ee5f60a</hash></folder>
<folder><path>C:\Users\JDR\AppData\Roaming\OpenCandy\OpenCandy_F84DC9210CC144FDAC59644E772CE2C2</path><vendor>PUP.Optional.OpenCandy</vendor><action>success</action><hash>8502c630791091a50ce16cc71ee5f60a</hash></folder>
<folder><path>C:\Users\JDR\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B</path><vendor>PUP.Optional.Extutil.A</vendor><action>success</action><hash>c8bf06f0aedb88aebbe861ea0cf7e31d</hash></folder>
<folder><path>C:\Users\JDR\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42</path><vendor>PUP.Optional.Managera.A</vendor><action>success</action><hash>d1b634c23f4a2115089c52f9986b43bd</hash></folder>
<folder><path>C:\ProgramData\WindowsMangerProtect</path><vendor>PUP.Optional.WPM.A</vendor><action>delete-on-reboot</action><hash>cdbab83e1a6f979f5063a1aace35a35d</hash></folder>
<folder><path>C:\ProgramData\WindowsMangerProtect\update</path><vendor>PUP.Optional.WPM.A</vendor><action>success</action><hash>cdbab83e1a6f979f5063a1aace35a35d</hash></folder>
<folder><path>C:\Users\JDR\AppData\Local\Temp\comh.127565</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></folder>
<folder><path>C:\Users\JDR\AppData\Local\Temp\comh.145177</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></folder>
<folder><path>C:\Users\JDR\AppData\Local\Temp\comh.158125</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></folder>
<folder><path>C:\Users\JDR\AppData\Local\Temp\comh.406763</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></folder>
<folder><path>C:\Users\JDR\AppData\Local\Temp\comh.459338</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></folder>
<folder><path>D:\Program Files\WordProser_1.10.0.6</path><vendor>PUP.Optional.WordProser.A</vendor><action>delete-on-reboot</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></folder>
<folder><path>D:\Program Files\WordProser_1.10.0.6\3rd Party Licenses</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></folder>
<folder><path>D:\Program Files\WordProser_1.10.0.6\Service</path><vendor>PUP.Optional.WordProser.A</vendor><action>delete-on-reboot</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></folder>
<folder><path>C:\ProgramData\IHProtectUpDate</path><vendor>PUP.Optional.IHProtectUpDate.A</vendor><action>success</action><hash>abdc8e68f495e84ee72f7cedd33035cb</hash></folder>
<folder><path>C:\ProgramData\IHProtectUpDate\update</path><vendor>PUP.Optional.IHProtectUpDate.A</vendor><action>success</action><hash>abdc8e68f495e84ee72f7cedd33035cb</hash></folder>
<file><path>C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe</path><vendor>PUP.Optional.WindowsProtectManger.A</vendor><action>delete-on-reboot</action><hash>830426d0286149ed628b497ac1401ae6</hash></file>
<file><path>C:\Program Files (x86)\LPT\srptsl.exe</path><vendor>PUP.Optional.VeriStaff</vendor><action>delete-on-reboot</action><hash>fa8d44b2dfaa2511126a0b528779a45c</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\Service\wpsvc.exe</path><vendor>PUP.Optional.WordProser.A</vendor><action>delete-on-reboot</action><hash>a6e1c531ff8aca6c6949eef2a06142be</hash></file>
<file><path>C:\Program Files (x86)\XTab\SupTab.dll</path><vendor>PUP.Optional.SupTab.A</vendor><action>success</action><hash>8dfad71fa4e5fb3b8f84edfe0bf78080</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\292195.exe.exe</path><vendor>PUP.Optional.OutBrowse</vendor><action>success</action><hash>e4a3d323c0c9ba7c300d8b7c43bf5da3</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\312419.exe.exe</path><vendor>PUP.Optional.OutBrowse</vendor><action>success</action><hash>9fe8c23495f457df61f8d33533cf41bf</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\350425.exe.exe</path><vendor>PUP.Optional.OutBrowse</vendor><action>success</action><hash>12753fb75930f046e376b94fb15134cc</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\nsq73C9.tmp\utu.dll</path><vendor>PUP.Optional.OutBrowse</vendor><action>success</action><hash>7b0caf473d4cd660c37aaa5d07fbd030</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\81c83413-b1a5-42b2-9c78-cb8e7761d798\games desktop.exe</path><vendor>PUP.Optional.Tuto4PC.A</vendor><action>success</action><hash>c0c773838108171fed7cdf1c50b1936d</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\is-3AVA1.tmp\package_speedup_installer_multilang.exe</path><vendor>PUP.Optional.Tuto4PC.A</vendor><action>success</action><hash>147319dda3e6f73f39b50be6a160b24e</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\is-JI9OR.tmp\package_mybestofferstoday_installer_multilang.exe</path><vendor>PUP.Optional.Tuto4PC.A</vendor><action>success</action><hash>7a0db73f91f85fd7b7376a87d62b847c</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\is-V0QH0.tmp\package_speedup_installer_multilang.exe</path><vendor>PUP.Optional.Tuto4PC.A</vendor><action>success</action><hash>4047f9fd1a6f2412e20cea07946d22de</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\is-V6A5H.tmp\package_mybestofferstoday_installer_multilang.exe</path><vendor>PUP.Optional.Tuto4PC.A</vendor><action>success</action><hash>bec920d69bee67cf599523ce61a017e9</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\~dlFCF4\~dljyb\tmp\STab_v4.0.exe</path><vendor>PUP.Optional.XTab.A</vendor><action>success</action><hash>2f581fd797f2e4527b8631d4659d13ed</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\~dlFCF4\~dljyb\tmp\wpm_v20.0.0.1337.exe</path><vendor>PUP.Optional.WindowsProtectManger.A</vendor><action>success</action><hash>741355a191f8f046c12cf6cd8e7343bd</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\cd06f77b-2e4b-407a-9f5a-bf4099dbff09\3333-2081_speedcheck.exe</path><vendor>PUP.Optional.SpeedCheck.A</vendor><action>success</action><hash>b6d152a4becb4fe75c42baabb050eb15</hash></file>
<file><path>C:\Users\JDR\Downloads\ChromeSetup.exe</path><vendor>PUP.Optional.SoftPulse</vendor><action>success</action><hash>a1e61bdbd6b36ccabb4f0efa659db34d</hash></file>
<file><path>C:\Windows\AppPatch\AppPatch64\VCLdr64.dll</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>5a2d8b6be0a9c76ff16c04aa04fde11f</hash></file>
<file><path>C:\Windows\Installer\6702f.msi</path><vendor>PUP.Optional.VeriStaff</vendor><action>success</action><hash>ec9b37bf216854e2502f5d00f709827e</hash></file>
<file><path>C:\Windows\Installer\MSICC0B.tmp-\Smartbar.Installer.CustomActions.dll</path><vendor>PUP.Optional.SmartBar</vendor><action>success</action><hash>3c4bc72fb7d222141e6553db8080c937</hash></file>
<file><path>C:\Windows\Installer\MSIEB2.tmp-\Smartbar.Installer.CustomActions.dll</path><vendor>PUP.Optional.SmartBar</vendor><action>success</action><hash>8ef917dfaadf1521f88b49e5e11f33cd</hash></file>
<file><path>C:\Windows\Installer\MSI69A0.tmp-\Smartbar.Installer.CustomActions.dll</path><vendor>PUP.Optional.SmartBar</vendor><action>success</action><hash>325510e672176cca196ab07e0ff11be5</hash></file>
<file><path>C:\Windows\System32\drivers\Msft_Kernel_webinstrNHK_01009.Wdf</path><vendor>PUP.Optional.WebInstr.A</vendor><action>success</action><hash>54339a5c2d5cf046c73fea801fe4f709</hash></file>
<file><path>C:\Windows\System32\abengineOff.ini</path><vendor>PUP.Optional.Flowsurf.A</vendor><action>success</action><hash>60271dd9e3a61e18fed8d99237cce31d</hash></file>
<file><path>C:\Windows\SysWOW64\abengineOff.ini</path><vendor>PUP.Optional.Flowsurf.A</vendor><action>success</action><hash>9ceb29cd76139c9af0e6610aef1413ed</hash></file>
<file><path>C:\Windows\SysWOW64\abengine.ini</path><vendor>PUP.Optional.Flowsurf.A</vendor><action>success</action><hash>e99efbfb98f169cd9b3cdd8e6c97a060</hash></file>
<file><path>C:\Windows\Temp\abengine.log</path><vendor>PUP.Optional.Flowsurf.A</vendor><action>success</action><hash>83044aacfe8b999ddffd9ecdbc470af6</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage</path><vendor>PUP.Optional.BoostSaves.A</vendor><action>delete-on-reboot</action><hash>fb8c80763b4e3afc0622125c35ceaf51</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal</path><vendor>PUP.Optional.BoostSaves.A</vendor><action>delete-on-reboot</action><hash>ddaa7b7bf495ce68cc5c6509bf4413ed</hash></file>
<file><path>C:\Windows\System32\drivers\wpnfd_1_10_0_6.sys</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>f88fde18f09935011154b1c505fec63a</hash></file>
<file><path>C:\Windows\System32\drivers\{886f5d30-5b8b-42ab-98f8-31d062b96dc3}Gw64.sys</path><vendor>PUP.Optional.Sanbreel.A</vendor><action>success</action><hash>d8af9b5b0d7cdd59fc572264a65dbf41</hash></file>
<file><path>C:\Windows\System32\drivers\{a6994947-8316-401e-82e4-23da215413fb}Gw64.sys</path><vendor>PUP.Optional.Sanbreel.A</vendor><action>success</action><hash>731411e5414841f52231e1a5bb4846ba</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage</path><vendor>PUP.Optional.Boost.A</vendor><action>delete-on-reboot</action><hash>4e3941b5fb8e3402cd9fa2e6a95a11ef</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal</path><vendor>PUP.Optional.Boost.A</vendor><action>success</action><hash>4047d5214c3d16204824097f07fcf10f</hash></file>
<file><path>C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb</path><vendor>PUP.Optional.SearchProtect</vendor><action>success</action><hash>dbac20d601887bbba8fb44a592726997</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage</path><vendor>PUP.Optional.ReMarkable.A</vendor><action>delete-on-reboot</action><hash>8502b83ecabfe84ef6939555fc08916f</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal</path><vendor>PUP.Optional.ReMarkable.A</vendor><action>delete-on-reboot</action><hash>bfc85a9c45441c1a3f4a04e60202b64a</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\vitruvian-installer-hardwareprofile-v0001</path><vendor>PUP.Optional.Vitruvian.A</vendor><action>success</action><hash>384fa74f860383b35f79c42a09fb12ee</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\vitruvian-installer-install-v0003</path><vendor>PUP.Optional.Vitruvian.A</vendor><action>success</action><hash>6720ad49e5a4df5709cf549a71932ed2</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\vitruvian-installer-processes-v0002</path><vendor>PUP.Optional.Vitruvian.A</vendor><action>success</action><hash>6720c1355c2d58de0fc9b03e0ff5d22e</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001</path><vendor>PUP.Optional.Vitruvian.A</vendor><action>success</action><hash>830419dde2a72511a533eb0373917f81</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0002</path><vendor>PUP.Optional.Vitruvian.A</vendor><action>success</action><hash>a1e646b07910999d6474d11ddc28ef11</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\vitruvian-installer-uninstall-v0002</path><vendor>PUP.Optional.Vitruvian.A</vendor><action>success</action><hash>e0a7787e2a5f4fe7597f3eb0eb19659b</hash></file>
<file><path>C:\Program Files (x86)\LPT\srpts.exe</path><vendor>PUP.Optional.Linkury.A</vendor><action>delete-on-reboot</action><hash>fe898d6994f5b28440906148ee15a759</hash></file>
<file><path>C:\Windows\rcore.exe</path><vendor>PUP.Optional.Score.A</vendor><action>delete-on-reboot</action><hash>8502fcfa5a2f3ff7d455d6165ba9b64a</hash></file>
<file><path>C:\Users\JDR\AppData\Roaming\OpenCandy\OpenCandy_F84DC9210CC144FDAC59644E772CE2C2\syesubc3_p2v3.exe</path><vendor>PUP.Optional.OpenCandy</vendor><action>success</action><hash>8502c630791091a50ce16cc71ee5f60a</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js</path><vendor>PUP.Optional.Extutil.A</vendor><action>success</action><hash>c8bf06f0aedb88aebbe861ea0cf7e31d</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js</path><vendor>PUP.Optional.Extutil.A</vendor><action>success</action><hash>c8bf06f0aedb88aebbe861ea0cf7e31d</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json</path><vendor>PUP.Optional.Extutil.A</vendor><action>success</action><hash>c8bf06f0aedb88aebbe861ea0cf7e31d</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js</path><vendor>PUP.Optional.Managera.A</vendor><action>success</action><hash>d1b634c23f4a2115089c52f9986b43bd</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json</path><vendor>PUP.Optional.Managera.A</vendor><action>success</action><hash>d1b634c23f4a2115089c52f9986b43bd</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\GoogleCrashHandler.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\GoogleUpdate.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\GoogleUpdateBroker.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\GoogleUpdateHelper.msi</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\GoogleUpdateOnDemand.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\goopdate.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\goopdateres_en.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\npGoogleUpdate4.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\psmachine.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.127565\psuser.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>bdca85715c2d78bee9b8ff4ec63d7987</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\GoogleCrashHandler.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\GoogleUpdate.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\GoogleUpdateBroker.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\GoogleUpdateHelper.msi</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\GoogleUpdateOnDemand.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\goopdate.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\goopdateres_en.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\npGoogleUpdate4.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\psmachine.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.145177\psuser.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>4a3da84e88011c1a425f222bf50e7b85</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\GoogleCrashHandler.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\GoogleUpdate.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\GoogleUpdateBroker.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\GoogleUpdateHelper.msi</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\GoogleUpdateOnDemand.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\goopdate.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\goopdateres_en.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\npGoogleUpdate4.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\psmachine.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.158125\psuser.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>2e59995dc9c088aee6bb64e940c3d927</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\GoogleCrashHandler.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\GoogleUpdate.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\GoogleUpdateBroker.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\GoogleUpdateHelper.msi</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\GoogleUpdateOnDemand.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\goopdate.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\goopdateres_en.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\npGoogleUpdate4.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\psmachine.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.406763\psuser.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>6423876fa7e263d39e03f25bcc372cd4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\GoogleCrashHandler.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\GoogleUpdate.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\GoogleUpdateBroker.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\GoogleUpdateHelper.msi</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\GoogleUpdateOnDemand.exe</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\goopdate.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\goopdateres_en.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\npGoogleUpdate4.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\psmachine.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Temp\comh.459338\psuser.dll</path><vendor>PUP.Optional.GlobalUpdate.A</vendor><action>success</action><hash>ccbb7a7cc8c1ff379809fd50db288d73</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\terms-of-service.rtf</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\Uninstall.exe</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\3rd Party Licenses\buildcrx-license.txt</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\3rd Party Licenses\Info-ZIP-license.txt</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\3rd Party Licenses\JSON-simple-license.txt</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\3rd Party Licenses\nsJSON-license.txt</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\3rd Party Licenses\Nustache-license.txt</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\3rd Party Licenses\TaskScheduler-license.txt</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></file>
<file><path>D:\Program Files\WordProser_1.10.0.6\3rd Party Licenses\UAC-license.txt</path><vendor>PUP.Optional.WordProser.A</vendor><action>success</action><hash>a2e5f402a2e7979f9bdded7216edac54</hash></file>
<file><path>C:\ProgramData\IHProtectUpDate\update\conf</path><vendor>PUP.Optional.IHProtectUpDate.A</vendor><action>success</action><hash>abdc8e68f495e84ee72f7cedd33035cb</hash></file>
</items>
</mbam-log>
Log 2:
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/01/12 19:30:41 +0100</date>
<logfile>mbam-log-2015-01-12 (19-30-40).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2015.01.12.07</malware-database>
<rootkit-database>v2015.01.07.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>JDR</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>311797</objects>
<time>461</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>6</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage</path><vendor>PUP.Optional.BoostSaves.A</vendor><action>delete-on-reboot</action><hash>cdbaf00692f7e74f8f996d01c73c31cf</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal</path><vendor>PUP.Optional.BoostSaves.A</vendor><action>delete-on-reboot</action><hash>e1a651a593f63204fc2cdd91e51ec838</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage</path><vendor>PUP.Optional.Boost.A</vendor><action>delete-on-reboot</action><hash>5136ec0ad4b592a43b31e1a742c1639d</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal</path><vendor>PUP.Optional.Boost.A</vendor><action>delete-on-reboot</action><hash>563139bdb2d744f2610bb7d1e0235aa6</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage</path><vendor>PUP.Optional.ReMarkable.A</vendor><action>delete-on-reboot</action><hash>31561dd934552a0c1a6f6585dc28e818</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal</path><vendor>PUP.Optional.ReMarkable.A</vendor><action>delete-on-reboot</action><hash>295eb3432d5cca6c5633da105aaad62a</hash></file>
</items>
</mbam-log>
Log 3:
Code:
ATTFilter
<?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/01/12 19:39:28 +0100</date>
<logfile>mbam-log-2015-01-12 (19-39-25).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.4.1028</version>
<malware-database>v2015.01.12.07</malware-database>
<rootkit-database>v2015.01.07.01</rootkit-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>JDR</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>312794</objects>
<time>530</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>6</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage</path><vendor>PUP.Optional.BoostSaves.A</vendor><action>delete-on-reboot</action><hash>b1e7e70d4d3c24125fc9066821e23dc3</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.boostsaves.com_0.localstorage-journal</path><vendor>PUP.Optional.BoostSaves.A</vendor><action>delete-on-reboot</action><hash>2078e014eb9ea591eb3d2747cb3852ae</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage</path><vendor>PUP.Optional.Boost.A</vendor><action>delete-on-reboot</action><hash>adeb22d2177238feadbf751307fc1ce4</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.boostsaves.com_0.localstorage-journal</path><vendor>PUP.Optional.Boost.A</vendor><action>delete-on-reboot</action><hash>2e6a579d7a0f999df67630587e85d32d</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage</path><vendor>PUP.Optional.ReMarkable.A</vendor><action>delete-on-reboot</action><hash>a0f81dd7abdeb086bacfe5059272cb35</hash></file>
<file><path>C:\Users\JDR\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal</path><vendor>PUP.Optional.ReMarkable.A</vendor><action>delete-on-reboot</action><hash>dfb98272c2c766d0711809e1a0648977</hash></file>
</items>
</mbam-log>
__________________
 

Themen zu Windows 7: Webseiten werden auf Werbung umgeleitet.
.dll, adware, antivirus, auf werbung umgeleitet, bonjour, browser, cpu, defender, dllhost.exe, downloader, explorer, failed, firewall, flash player, google, homepage, mozilla, problem, registry, revo uninstaller, security, seiten, software, svchost.exe, system, teredo, tracker, webseiten werden auf werbung umgeleitet., werbung, windows, winlogon.exe, ytdownloader


« eset smart security funktioniert nicht mehr wegen EKR.exe Fehler | Suche drindend guten hacker »


Ähnliche Themen: Windows 7: Webseiten werden auf Werbung umgeleitet.


  1. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 30.07.2015 (8)
  2. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 08.05.2015 (16)
  3. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 24.04.2015 (31)
  4. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 11.02.2015 (19)
  5. Windows 8.1: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 13.01.2015 (8)
  6. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 10.01.2015 (10)
  7. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Plagegeister aller Art und deren Bekämpfung - 25.11.2014 (9)
  8. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 11.09.2014 (13)
  9. Windows 8: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 01.08.2014 (5)
  10. Windows 7: Internet Explorer startet automatisch Werbung/ Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 27.07.2014 (7)
  11. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 19.05.2014 (15)
  12. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Plagegeister aller Art und deren Bekämpfung - 26.04.2014 (4)
  13. Windows 7: Webseiten werden auf Werbung umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 16.02.2014 (9)
  14. Windows 7: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 07.01.2014 (6)
  15. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Log-Analyse und Auswertung - 30.11.2013 (12)
  16. Windows 7: Webseiten werden auf Werbung umgeleitet.
    Plagegeister aller Art und deren Bekämpfung - 12.09.2013 (3)
  17. Windows 8: Webseiten werden auf Werbung umgeleitet
    Log-Analyse und Auswertung - 24.08.2013 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7: Webseiten werden auf Werbung umgeleitet. - Malwarebytes Log 1: Code: Alles auswählen Aufklappen ATTFilter <?xml version="1.0" encoding="UTF-16" ?> <mbam-log> <header> <date>2015/01/12 19:17:00 +0100</date> <logfile>mbam-log-2015-01-12 (19-16-59).xml</logfile> <isadmin>yes</isadmin> </header> <engine> <version>2.00.4.1028</version> <malware-database>v2015.01.12.07</malware-database> <rootkit-database>v2015.01.07.01</rootkit-database> <license>trial</license> <file-protection>enabled</file-protection> <web-protection>enabled</web-protection> <self-protection>disabled</self-protection> </engine> - Windows 7: Webseiten werden auf Werbung umgeleitet....
Archiv
Du betrachtest: Windows 7: Webseiten werden auf Werbung umgeleitet. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131