Goodfell | 10.06.2014 11:59 | Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 10.06.2014
Suchlauf-Zeit: 12:38:50
Logdatei: MBAM 2.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.06.10.02
Rootkit Datenbank: v2014.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Sven
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 383357
Verstrichene Zeit: 12 Min, 35 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 12
PUP.Optional.OutBrowse, HKU\S-1-5-21-1098949856-1301053314-1890294551-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CEEFADBD-A0CE-4422-A760-3B9167344E06}, In Quarantäne, [5c6e0e685823ef473a62a797c939f50b],
PUP.Optional.OutBrowse, HKU\S-1-5-21-1098949856-1301053314-1890294551-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CEEFADBD-A0CE-4422-A760-3B9167344E06}, In Quarantäne, [5c6e0e685823ef473a62a797c939f50b],
PUP.Optional.PricePeep.A, HKU\S-1-5-21-1098949856-1301053314-1890294551-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, In Quarantäne, [07c3a1d5c4b71521e88fc7aa07fbb848],
PUP.Optional.PricePeep.A, HKU\S-1-5-21-1098949856-1301053314-1890294551-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, In Quarantäne, [07c3a1d5c4b71521e88fc7aa07fbb848],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\PSHD-9.9, In Quarantäne, [1fab7105097275c1e2046e3518ea24dc],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PSHD-9.9, In Quarantäne, [4288373f3f3c2c0a25bfc5de3ac8916f],
PUP.Optional.OutBrowse, HKU\S-1-5-21-1098949856-1301053314-1890294551-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Outbrowsetoolbar, In Quarantäne, [d1f9e591205bc076c3677969a063dc24],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-1098949856-1301053314-1890294551-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PSHD-9.9, In Quarantäne, [8743e690bbc07abcde06d6cd33cfd927],
PUP.Optional.PricePeep.A, HKU\S-1-5-21-1098949856-1301053314-1890294551-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PricePeep, In Quarantäne, [48820b6b8af1c86e94abd9e561a1e31d],
PUP.Optional.Babylon.A, HKU\S-1-5-21-1098949856-1301053314-1890294551-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, In Quarantäne, [16b47ff74f2ceb4bb27f0bc745be1fe1],
PUP.Optional.BProtector.A, HKU\S-1-5-21-1098949856-1301053314-1890294551-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\BPROTECTSETTINGS, In Quarantäne, [2b9fb8be4a3184b251326272e91a4ab6],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\PSHD-9.9, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 6
PUP.Optional.Snapdo, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh0HHLt9EvHpdsBSNIcEGIjdmo8CMRkTrkziZb8t8ApvoxKHNUP2bzDfHfGP57oCmfu, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh0HHLt9EvHpdsBSNIcEGIjdmo8CMRkTrkziZb8t8ApvoxKHNUP2bzDfHfGP57oCmfu),Ersetzt,[676385f12b503afc0fb1b3bc7c88f808]
PUP.Optional.Snapdo, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}),Ersetzt,[c00aa1d5314a181e8f2ffb740df7827e]
PUP.Optional.Snapdo, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}),Ersetzt,[ebdfd1a55c1f90a61aa579f6ba4a48b8]
PUP.Optional.Snapdo, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}),Ersetzt,[9139fa7c0c6f1a1cc9f8df908f757f81]
PUP.Optional.Snapdo, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}),Ersetzt,[af1b4630cbb064d200c2aec155afa957]
PUP.Optional.SnapDo.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPAMW02fQbYPFkTjj8jzRyB0rQvzyej3yvtbwnztdp5nXPZvpzCX4E2FcmauFZv-hjtt6EuXWPQ6bNIAL1jNtGcHHJJE6s07KRRX2Jcu_7ZNWVJWV0sjSh4lJuywJmF6S0DNScJPJDnoiorRgNegpDPaio-iqvxrZ1ZxkKNJjJqP48t1-GYrQzm&q={searchTerms}),Ersetzt,[4a807ff7304bb97ddc7e8bdb976d9b65]
Ordner: 4
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe, In Quarantäne, [b9113b3b8af113232d795338a55d8878],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0, In Quarantäne, [18b26610d8a383b36d663d4fc63ce917],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
Dateien: 34
PUP.Optional.SnapDo.A, C:\Windows\Installer\17f2707.msi, In Quarantäne, [5b6f9dd93348b18509de483dfc05a65a],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI6E5.tmp, In Quarantäne, [7e4c1a5cef8cda5c77a58ea0b64a4cb4],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI999F.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [5377d0a67ffc0333b16b35f957a9a25e],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI6E5.tmp-\Smartbar.Installer.CustomActions.dll, In Quarantäne, [14b6b6c08af1181eda4288a6b44cdf21],
PUP.Optional.Ciuvo.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage, In Quarantäne, [7654096d304bba7c8f483664936fbf41],
PUP.Optional.Ciuvo.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage-journal, In Quarantäne, [0dbd2056077463d34e8993071be7df21],
PUP.Optional.SelectNGo.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, In Quarantäne, [ecdee096097270c669609e00c2403cc4],
PUP.Optional.SelectNGo.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, In Quarantäne, [1baf591d6e0d2e0824a5c3db8c76b749],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0.localstorage, In Quarantäne, [56740a6c156623137b893b72e022ad53],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0.localstorage-journal, In Quarantäne, [d7f3284ec1baec4a669ebcf18979956b],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\000005.ldb, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\000013.ldb, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\000016.ldb, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\000020.log, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\CURRENT, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\LOCK, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\LOG, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\LOG.old, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\MANIFEST-000018, In Quarantäne, [5b6fbabcec8f989e448ee7a5ed157789],
PUP.Optional.CrossRider.A, C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0\3, In Quarantäne, [18b26610d8a383b36d663d4fc63ce917],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\PSHD-9.9-bho64.dll, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\1293297481.mxaddon, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\360-52916.crx, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\41220790-4b35-4753-91f3-94289344bd48-3.exe, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\52916.crx, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\52916.xpi, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\background.html, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\bgNova.html, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\PSHD-9.9-bg.exe, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\PSHD-9.9-bho.dll, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\PSHD-9.9-nova.dll, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\PSHD-9.9.ico, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\Uninstall.exe, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\PSHD-9.9\utils.exe, In Quarantäne, [f4d645314f2c3ff70d4a840f4ab88f71],
Physische Sektoren: 0
(No malicious items detected)
(end) |