Seiten mit Werbung/Adware poppen unter Firefox ständig auf. PUP.Optional.Legacy und PUP.Optnal.Frotswire.TB.A.

mikl · 19.11.2017, 16:14

Hallo,

an unserem Laptop poppt unter der Benutzung von Firefox ständig irgendwelche Gewinnspiele oder PCKeeper oder ReimageRepair oder Telekom oder oder oder auf. Sobald ich auf einen Link klicke öffnet sich eine Seite die ich nicht haben wollte. Sogar beim Registrierversuch auf dem TrojanerBoard poppte ein Trojaner-Board Gewinnspiel auf. Unter dem IE der ebenfalls installiert ist, passiert nichts dergleichen. Betriebssystem ist Windows 10.
Nach etwas Recherche im Forum hier habe ich AdwCleaner runtergladen und durchlaufen lassen.

Die Software hat beim ersten Mal so einiges gefunden. Log File folgt. Danach habe ich den Malwarebytes Anti Rootkit durchlaufen lassen, der hat aber nichts gefunden. Da sich nichts geändert hat habe ich AdwCleaner nochmal durchlaufen lassen und es wurde wieder etwas gefunden. Bevor ich nun weiter bastele habe ich erstmal dieses Thema eröffnet und hoffe es kann mir jmd helfen.

Logfile 1 von AdwCleaner

Code:

ATTFilter

# AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 18 12:17:34 2017
# Updated on 2017/27/10 by Malwarebytes 
# Database: 11-17-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

PUP.Optional.Legacy, Partner Service


***** [ Folders ] *****

PUP.Optional.Legacy, C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
PUP.Optional.Ask, C:\Users\alf\AppData\Local\AskToolbar
PUP.Optional.Ask, C:\Users\alf\AppData\LocalLow\AskToolbar
PUP.Optional.Ask, C:\Users\Default\AppData\Local\AskToolbar
PUP.Optional.Ask, C:\Users\Default User\AppData\Local\AskToolbar
PUP.Optional.Ask, C:\Program Files (x86)\Ask.com
Rogue.ForcedExtension, C:\Users\alf\AppData\Local\apn
Adware.LoadMoney, C:\ProgramData\Partner
Adware.LoadMoney, C:\Users\All Users\Partner


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Ask, Scheduled Update for Ask Toolbar


***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-339706622-3924946866-2515152861-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\APN
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\APN
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-339706622-3924946866-2515152861-1000\Software\APN
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\APN
PUP.Optional.Legacy, [Key] - HKCU\Software\APN
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar | {D4027C7F-154A-4066-A1AD-4243D8127440}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks | {00000000-6E41-4FD3-8538-502F5495E5FC}
PUP.Optional.Legacy, [Key] - HKCU\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-339706622-3924946866-2515152861-1000\Software\Classes\TypeLib\{006AD7B2-968A-11DE-88C9-5BDE55D89593}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{05366194-3126-4601-AC1A-DDE573E093DC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{061F450C-37B9-4330-9235-0F25D9F75B33}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{061F450C-37B9-4330-9235-0F25D9F75B33}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1D55DAA5-04AC-4036-B0BE-DA81EE9676CD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{22FEB0F5-0BA0-4D4B-8A66-55A21667BC31}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{26249267-15F4-4DA3-8247-C5A78E4FA918}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{28A88B70-D874-4F73-BBBA-9B2B222FB7D6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{39B217B4-8C69-4E45-A8DC-8CC4DAD3CF0A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CB4CE45-8849-4638-9226-D6B615A15827}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{43AB7B5D-4C40-4103-A549-7002A116A7D5}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{58CBF821-A0C7-4AE8-9430-77DD1AF38E99}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{72BCBFF7-2837-4CA0-B3B5-3DAED7F54601}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{824125FD-7732-4DA2-9277-3A7D0A0A0813}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{86676E13-D6D8-4652-9FCF-F2047F1FB000}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{996ED20F-A740-47A2-A7EF-9620D422BB4E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C17DC5CF-54FF-4E63-8AC7-94335D6DA231}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D14D0EE2-2DD1-4230-BE70-3F3AD6172C40}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{D2B79F7D-2D7D-4420-B2A9-ECE52C7C83A0}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\kt_bho_dll.dll
PUP.Optional.Ask, [Key] - HKLM\SOFTWARE\AskToolbar
PUP.Optional.Ask, [Key] - HKU\.DEFAULT\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKU\.DEFAULT\Software\AppDataLow\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKU\S-1-5-21-339706622-3924946866-2515152861-1000\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKU\S-1-5-21-339706622-3924946866-2515152861-1000\Software\AppDataLow\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKU\S-1-5-18\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKU\S-1-5-18\Software\AppDataLow\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKCU\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKCU\Software\AppDataLow\Software\AskToolbar
PUP.Optional.Ask, [Key] - HKU\.DEFAULT\Software\Ask.com
PUP.Optional.Ask, [Key] - HKU\S-1-5-21-339706622-3924946866-2515152861-1000\Software\Ask.com
PUP.Optional.Ask, [Key] - HKU\S-1-5-18\Software\Ask.com
PUP.Optional.Ask, [Key] - HKCU\Software\Ask.com
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
PUP.Optional.SlimCleanerPlus, [Key] - HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########



LOGFILE 2

# AdwCleaner 7.0.4.0 - Logfile created on Sun Nov 19 14:48:28 2017
# Updated on 2017/27/10 by Malwarebytes 
# Database: 11-17-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
PUP.Optional.FrostwireTB.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

Gruß Mikl

Seiten mit Werbung/Adware poppen unter Firefox ständig auf. PUP.Optional.Legacy und PUP.Optnal.Frotswire.TB.A.

Plagegeister aller Art und deren Bekämpfung: Seiten mit Werbung/Adware poppen unter Firefox ständig auf. PUP.Optional.Legacy und PUP.Optnal.Frotswire.TB.A.

Seiten mit Werbung/Adware poppen unter Firefox ständig auf. PUP.Optional.Legacy und PUP.Optnal.Frotswire.TB.A.

Ähnliche Themen: Seiten mit Werbung/Adware poppen unter Firefox ständig auf. PUP.Optional.Legacy und PUP.Optnal.Frotswire.TB.A.