übrigens vielen vielen Dank für die Hilfe, ich weiss das sehr zu schätzen ;-) Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 22.09.2014
Scan Time: 16:50:53
Logfile: 1.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.22.04
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marcel
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 373178
Time Elapsed: 21 min, 6 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end) Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 22.09.2014
Scan Time: 17:14:22
Logfile: 1.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.22.04
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marcel
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 373204
Time Elapsed: 39 min, 38 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end) Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 22.09.2014 14:20:09, SYSTEM, AEROCOOL, Manual, Rootkit Database, 2014.2.20.1, 2014.9.19.1,
Update, 22.09.2014 14:20:12, SYSTEM, AEROCOOL, Manual, Malware Database, 2014.3.4.9, 2014.9.22.2,
Update, 22.09.2014 16:50:47, SYSTEM, AEROCOOL, Manual, Rootkit Database, 2014.2.20.1, 2014.9.19.1,
Update, 22.09.2014 16:50:51, SYSTEM, AEROCOOL, Manual, Malware Database, 2014.3.4.9, 2014.9.22.4,
(end) Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 22.09.2014
Scan Time: 14:33:25
Logfile: 1.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.22.02
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marcel
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 372922
Time Elapsed: 10 min, 44 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 1
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation, Quarantined, [acfe846cccaf9f97ac77578147bb59a7],
Files: 1
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\SWDS.bin, Quarantined, [acfe846cccaf9f97ac77578147bb59a7],
Physical Sectors: 0
(No malicious items detected)
(end) Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 22.09.2014
Scan Time: 14:20:21
Logfile: 1.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.09.22.02
Rootkit Database: v2014.09.19.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Marcel
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 372990
Time Elapsed: 12 min, 33 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
Adware.InstallBrain, C:\Windows\System32\dmwu.exe, 1880, Delete-on-Reboot, [aefc658b87f472c4a81ba189e61e2bd5]
Modules: 0
(No malicious items detected)
Registry Keys: 14
Trojan.Banker, HKU\S-1-5-21-449399407-1750495009-3439875748-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C689C99E-3A8C-4c87-A79C-C80DC9C81632}, Delete-on-Reboot, [deccea06d8a31224d5a6e3c152b0ba46],
Trojan.Agent, HKU\S-1-5-21-449399407-1750495009-3439875748-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{EFF39A40-C163-4d5d-B073-52FBB55C646A}, Delete-on-Reboot, [6743d9178cef8fa71f1a792820e2bd43],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WNLT, Delete-on-Reboot, [6a405c9486f5e2545b84e96e19ebcf31],
PUP.Optional.Diamondata.A, HKLM\SOFTWARE\WOW6432NODE\diamondata, Quarantined, [e9c17977740793a3850e471245bfa55b],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, Quarantined, [f3b757995922b383c9fdcd8460a4837d],
Adware.InstallBrain, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IBUpdaterService, Quarantined, [aefc658b87f472c4a81ba189e61e2bd5],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, Delete-on-Reboot, [3f6b6a866615a591974788cf867e6f91],
PUP.Optional.SaveSense.A, HKU\S-1-5-21-449399407-1750495009-3439875748-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSenseLive, Delete-on-Reboot, [1298579997e46ec88b116ff0c93b8d73],
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-449399407-1750495009-3439875748-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, Delete-on-Reboot, [bbefef017704c0769abe8fc8e222827e],
PUP.Optional.Softonic.A, HKU\S-1-5-21-449399407-1750495009-3439875748-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Delete-on-Reboot, [1298ba362d4e7cba9d0fe643d62dc040],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-449399407-1750495009-3439875748-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, Delete-on-Reboot, [bfebd71957242b0bad181d34758f3ec2],
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-449399407-1750495009-3439875748-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, Delete-on-Reboot, [436712deed8e92a4b12d193e32d2c838],
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-449399407-1750495009-3439875748-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, Quarantined, [3e6ca848e19a211545995ef913f152ae],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WNLT, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
Registry Values: 6
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WNLT|PDV, [BLACKLIST=1], Quarantined, [6a405c9486f5e2545b84e96e19ebcf31]
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, {4BA7D954-F15F-11E1-9350-BCAEC51763CF}, Quarantined, [f3b757995922b383c9fdcd8460a4837d]
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, Delete-on-Reboot, [3f6b6a866615a591974788cf867e6f91]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-449399407-1750495009-3439875748-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {4BA7D954-F15F-11E1-9350-BCAEC51763CF}, Delete-on-Reboot, [bfebd71957242b0bad181d34758f3ec2]
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-449399407-1750495009-3439875748-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, Delete-on-Reboot, [436712deed8e92a4b12d193e32d2c838],
PUP.Optional.InstallBrain.A, HKU\S-1-5-21-449399407-1750495009-3439875748-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, Quarantined, [3e6ca848e19a211545995ef913f152ae]
Registry Data: 0
(No malicious items detected)
Folders: 21
PUP.Optional.OpenCandy, C:\Users\Marcel\AppData\Roaming\OpenCandy, Quarantined, [bceed41ce9927abc1e5a8750ff03fc04],
PUP.Optional.OpenCandy, C:\Users\Marcel\AppData\Roaming\OpenCandy\F8BC7971B8C04A5EA1CC60AC9173247C, Quarantined, [bceed41ce9927abc1e5a8750ff03fc04],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars, Quarantined, [49612cc47407ff378869508718ea8f71],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer, Quarantined, [49612cc47407ff378869508718ea8f71],
PUP.Optional.SweetIM.A, C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT, Quarantined, [49612cc47407ff378869508718ea8f71],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive, Quarantined, [a00a9d53235846f0e8f2d800e31f6f91],
PUP.Optional.SaveSense, C:\Program Files (x86)\SaveSenseLive\CrashReports, Quarantined, [a00a9d53235846f0e8f2d800e31f6f91],
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive, Quarantined, [2d7d11dfcbb0d85e3e9d5e7af60c9d63],
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update, Quarantined, [2d7d11dfcbb0d85e3e9d5e7af60c9d63],
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log, Quarantined, [2d7d11dfcbb0d85e3e9d5e7af60c9d63],
PUP.Optional.SaveSense, C:\Users\Marcel\AppData\Roaming\SaveSense, Quarantined, [24861dd33942152115c77761c73b02fe],
PUP.Optional.SaveSense, C:\Users\Marcel\AppData\Roaming\SaveSense\UpdateProc, Quarantined, [24861dd33942152115c77761c73b02fe],
PUP.Optional.SaveSense.A, C:\Users\Marcel\AppData\Local\SaveSenseLive, Quarantined, [2288a64a4635fd39c8189a3e778b8c74],
PUP.Optional.SaveSense.A, C:\Users\Marcel\AppData\Local\SaveSenseLive\CrashReports, Quarantined, [2288a64a4635fd39c8189a3e778b8c74],
PUP.Optional.SweetIM.A, C:\Users\Gast\AppData\LocalLow\SweetIM, Quarantined, [357523cd0a713402b478815aa0625ba5],
PUP.Optional.SweetIM.A, C:\Users\Gast\AppData\LocalLow\SweetIM\Toolbars, Quarantined, [357523cd0a713402b478815aa0625ba5],
PUP.Optional.SweetIM.A, C:\Users\Gast\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer, Quarantined, [357523cd0a713402b478815aa0625ba5],
PUP.Optional.SweetIM.A, C:\Users\Gast\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache, Quarantined, [357523cd0a713402b478815aa0625ba5],
PUP.Optional.SimpleFiles, C:\Program Files (x86)\SimpleFiles, Quarantined, [ecbeba36d7a42f071fe62fcbe220ff01],
Files: 29
PUP.Optional.SaveSense.A, C:\Users\Marcel\AppData\Roaming\OpenCandy\F8BC7971B8C04A5EA1CC60AC9173247C\sas.exe, Quarantined, [f6b4ba36e3980432a1c7fc57cd34956b],
PUP.Optional.SaveSense.A, C:\Users\Marcel\AppData\Roaming\OpenCandy\F8BC7971B8C04A5EA1CC60AC9173247C\SaveSense_p1v2.exe, Quarantined, [604ab23ef68567cf9ccc63f0b44d0000],
PUP.Optional.Somoto, C:\Users\Marcel\CheatEngine62.exe, Quarantined, [d3d746aa3348ad8922bc5cd04eb7a060],
PUP.OfferBundler.ST, C:\Users\Marcel\Downloads\SoftonicDownloader_fuer_virtual-dj.exe, Quarantined, [fab0539d4437f93d5a5ba5f6ba46966a],
PUP.Optional.Lyrics.A, C:\Windows\System32\Tasks\Boby Lyrics Update, Quarantined, [affbd21edc9fe056962a51c657aca55b],
PUP.Optional.Perion.A, C:\Windows\SysWOW64\ARFC\wrtc.exe, Quarantined, [1e8c02eefa81e5512905d94f8b78e917],
PUP.Optional.MyStartSearch.A, C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\9uflh2ha.default-1402011943439\searchplugins\MyStart Search.xml, Quarantined, [e8c203ed502baf87f31c919dad563cc4],
Adware.InstallBrain, C:\Windows\System32\dmwu.exe, Delete-on-Reboot, [aefc658b87f472c4a81ba189e61e2bd5],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Config.bin, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\HSChromeRegSetup.exe, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\NTSetup.exe, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\SKSetup.exe, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\SWDS.bin, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\uninstaller.exe, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\WSSetup.exe, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\msvcp100.dll, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\msvcr100.dll, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\uninstaller.exe, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.InstallBrain.A, C:\Windows\SysWOW64\WNLT\Installation\Uninstall\UninstallerLauncher.exe, Quarantined, [a406a0500e6dd36370b3a4341be733cd],
PUP.Optional.SaveSense, C:\ProgramData\SaveSenseLive\Update\Log\SaveSenseLive.log, Quarantined, [2d7d11dfcbb0d85e3e9d5e7af60c9d63],
PUP.Optional.SaveSense, C:\Users\Marcel\AppData\Roaming\SaveSense\UpdateProc\config.dat, Quarantined, [24861dd33942152115c77761c73b02fe],
PUP.Optional.SweetIM.A, C:\Users\Gast\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\473d5c007e793590a1db512a6ef4eb57.games2.png, Quarantined, [357523cd0a713402b478815aa0625ba5],
PUP.Optional.SweetIM.A, C:\Users\Gast\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\53b597b55d8412d563b720d3585c1af8.facebook.png, Quarantined, [357523cd0a713402b478815aa0625ba5],
PUP.Optional.SweetIM.A, C:\Users\Gast\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\5af11f47db7e11200db081b18faa30a0.options_remote44b.html, Quarantined, [357523cd0a713402b478815aa0625ba5],
PUP.Optional.SweetIM.A, C:\Users\Gast\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\7c1329c14e8f09f2e97e3522bcd7e126.toolbar46.xml, Quarantined, [357523cd0a713402b478815aa0625ba5],
PUP.Optional.SweetIM.A, C:\Users\Gast\AppData\LocalLow\SweetIM\Toolbars\Internet Explorer\cache\dda5971490977d5465f836a12522f1a1.games3.png, Quarantined, [357523cd0a713402b478815aa0625ba5],
PUP.Optional.SimpleFiles, C:\Program Files (x86)\SimpleFiles\htmlayout.dll, Quarantined, [ecbeba36d7a42f071fe62fcbe220ff01],
PUP.Optional.SimpleFiles, C:\Program Files (x86)\SimpleFiles\SFUpdater.exe, Quarantined, [ecbeba36d7a42f071fe62fcbe220ff01],
PUP.Optional.SimpleFiles, C:\Program Files (x86)\SimpleFiles\uninstall.exe, Quarantined, [ecbeba36d7a42f071fe62fcbe220ff01],
Physical Sectors: 0
(No malicious items detected)
(end) |