Shir0hige | 22.01.2015 08:51 | Der ESET-Scan lief irgendwie länger als gedacht. hab ihn dann über Nacht fertig laufen lassen.
mbam: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 21.01.2015
Suchlauf-Zeit: 22:16:40
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2015.01.21.10
Rootkit Datenbank: v2015.01.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: David Engel
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 311403
Verstrichene Zeit: 19 Min, 8 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 6
PUP.Optional.CompatibilityVerifier.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Verifies and fixes application compatibility issues, In Quarantäne, [ab636f8baadf56e077bf7bfc52b1847c],
PUP.Optional.CouponDownloader.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Coupon Downloader, In Quarantäne, [7b93a05ac9c052e4af7afbab679c946c],
PUP.Optional.CouponArific.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\couponarific, In Quarantäne, [79952ecc1376c373d987fb865da646ba],
PUP.Optional.HDPlus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PlusSHD-9.9, In Quarantäne, [9975d6247f0a67cf07854c5945bec23e],
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [838b26d4d4b5ef471947208dff041fe1],
PUP.Optional.WebInternetSecurity, HKU\S-1-5-21-2508884068-3804397540-1067786986-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\webinternetsecurity, In Quarantäne, [8589a456fd8ced49a98c3c53689b7c84],
Registrierungswerte: 0
(Keine schädliche Elemente erkannt)
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 10
PUP.Optional.AdPeak.A, C:\Temp, In Quarantäne, [1ef06a90f0993df9e24c910d9b688d73],
PUP.Optional.Conduit.A, C:\Users\David Engel\AppData\Local\TB\APISupport, In Quarantäne, [36d8b14929606fc713fb0a4b40c3936d],
PUP.Optional.Conduit.A, C:\Users\David Engel\AppData\Local\TB\APISupport\MiniSP_1.0.4.9, In Quarantäne, [36d8b14929606fc713fb0a4b40c3936d],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\mz, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\skin, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.CouponArific, C:\Program Files\Couponarific, In Quarantäne, [e32b34c61d6c62d447730861c24107f9],
PUP.Optional.CouponArific, C:\Program Files\Couponarific\SSL, In Quarantäne, [e32b34c61d6c62d447730861c24107f9],
Dateien: 31
PUP.Optional.AdPeak.A, C:\Temp\InstallFilter32.msi, In Quarantäne, [f91556a4b2d7cd698d4a350829d7fa06],
PUP.Optional.SupraSavings.A, C:\Temp\t.msi, In Quarantäne, [d539b941aedbf2444bff561157ae718f],
PUP.Optional.ClientConnect, C:\Users\David Engel\AppData\Local\TB\APISupport\APISupport.dll, In Quarantäne, [de30b74305840d29cf5b497a38c946ba],
PUP.Optional.ClientConnect, C:\Users\David Engel\AppData\Local\TB\APISupport\APISupport.old, In Quarantäne, [f11dc139e0a963d309210ab9cd34ad53],
PUP.Optional.AdPeak.A, C:\Temp\lsp2.log, In Quarantäne, [1ef06a90f0993df9e24c910d9b688d73],
PUP.Optional.AdPeak.A, C:\Temp\t.txt, In Quarantäne, [1ef06a90f0993df9e24c910d9b688d73],
PUP.Optional.Conduit.A, C:\Users\David Engel\AppData\Local\TB\APISupport\MiniSP_1.0.4.9\MiniSP32.dll, In Quarantäne, [36d8b14929606fc713fb0a4b40c3936d],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome.manifest, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\icon.png, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\install.rdf, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\background.html, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\button.xml, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\config.js, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\content.js, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\framework.js, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\framework.png, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\framework.xul, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\i128.ico, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\i128.png, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\i16.ico, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\i16.png, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\i32.ico, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\i32.png, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\i48.ico, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\i48.png, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\jquery-1.9.1.min.js, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\options.xul, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\settings.json, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\mz\background.js, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\content\mz\content.js, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
PUP.Optional.SeeSimilar, C:\Users\David Engel\AppData\Roaming\Mozilla\Extensions\seesimilar@SeeSimilar.com\chrome\skin\framework.css, In Quarantäne, [13fb6e8ce7a2b284a548d683e91acb35],
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) ESET: Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=fdabcd45ab187445b8e99dcbc9d5a062
# engine=22082
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-22 12:25:23
# local_time=2015-01-22 01:25:23 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 11593985 116067527 0 0
# scanned=287857
# found=45
# cleaned=0
# scan_time=7737
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir"
sh=C0C362DC9304C406094429EFB14D721D2EF048AF ft=1 fh=4f6a0f1869746e8c vn="Win32/Toolbar.Conduit.AC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\CT3312329\plugins\TBVerifier.dll.vir"
sh=3096A6D6D5007B947C86A7FE8E72EEB3C86E80B3 ft=1 fh=6df4c99aadb2d5ea vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\APISupport.dll.vir"
sh=3661EDB38BCB034EA00F78F9144D975333C786BA ft=1 fh=0c96e457c8798f6f vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\APISupport.old.vir"
sh=D68B6F04BDEAE5E8335F52C4A32E08D91A80505E ft=1 fh=adf7011657306ae6 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\APISupport_2.0.1.1\ApiSupport.dll.vir"
sh=88F0020FC52EC4C7F80519D64F0C49D56210C499 ft=1 fh=df4b907de8b072e5 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\APISupport_2.0.1.3\ApiSupport.dll.vir"
sh=0E7E5F4C697E7E0A77575D8D62C4C6357CCD3B02 ft=1 fh=cb46e2c2bd0b7bca vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\APISupport_2.0.2.0\ApiSupport.dll.vir"
sh=69AF8D82BD65216B649368B4F1A0CB2708D296E1 ft=1 fh=10fa131a8ddb2fc9 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\APISupport_2.0.3.3\ApiSupport.dll.vir"
sh=3661EDB38BCB034EA00F78F9144D975333C786BA ft=1 fh=0c96e457c8798f6f vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\APISupport_2.0.4.3\ApiSupport.dll.vir"
sh=3096A6D6D5007B947C86A7FE8E72EEB3C86E80B3 ft=1 fh=6df4c99aadb2d5ea vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\APISupport_2.0.5.9\ApiSupport.dll.vir"
sh=CA946DDE75C196186A79BB3E5CE72F18C6105C09 ft=1 fh=68a4a6e0f1e4b865 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.107\MiniSP.dll.vir"
sh=4694896D296941721C0D8D609E512AE1B7FD2FF4 ft=1 fh=1053b6b83f30c1d5 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.55\MiniSP.dll.vir"
sh=C5F21C12A5C2066BBAE8587380FAAFA01F739B38 ft=1 fh=67bd6377e7694521 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.60\MiniSP.dll.vir"
sh=7B747225FCFD7B718513C61724F85F9DE3A3DEB1 ft=1 fh=741c83cdb80b287a vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.76\MiniSP.dll.vir"
sh=9CF16FBA745174DB1541FD0F4F64C22ED4928AED ft=1 fh=b6c6f78f2929b8a0 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.93\MiniSP.dll.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\genienext\nengine.dll.vir"
sh=31CC7FB5D00AD2A9E31049ABF3A55204FC3D870D ft=1 fh=473ac1ef31791cd4 vn="Variante von Win32/Skintrim.MP Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\lollipop\lollipop_05231506.exe.vir"
sh=D6CFE89E51D1CF5C0043E538BC26C4477CE3EF3E ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip.vir"
sh=95826B332BD1AC0543C2BA4DB637D082A994B1E5 ft=1 fh=f3159d8e366dd55a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=749E0C6D85971204E397EAE65ED10A9A4AEF40AB ft=1 fh=ef830199de104882 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=1FD24BAE5755536F5B1CDF3F46A6C75BFD137933 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir"
sh=93AD648467F47DC2708810D169F26F4A814778C5 ft=1 fh=e589ccabe231da4b vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=41F23E459EFF023AB1B26586463360E45528ABC7 ft=1 fh=5a93daf7e0cc20e5 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\NativeMessaging\CT3312329\1_0_0_10\TBMessagingHost.exe.vir"
sh=C2C35F77505CB8FF70FC312C44E070DBD5834942 ft=1 fh=bf83ea32284cf26c vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\NativeMessaging\CT3312329\1_0_0_2\TBMessagingHost.exe.vir"
sh=BB1A5AE5206E9995C35E517ECBA291C30CE4F7B7 ft=1 fh=34cca54ca63a6441 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\NativeMessaging\CT3312329\1_0_0_6\TBMessagingHost.exe.vir"
sh=FADE4553CF63ABD446132E31C7F927AC9D191F5D ft=1 fh=cfebcaa46fcaed43 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\NativeMessaging\CT3312329\1_0_1_6\TBMessagingHost.exe.vir"
sh=95D6172E485A8CE4E67FC5544335FB317B8D989B ft=1 fh=1a7ba23778e9464f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\NativeMessaging\CT3312329\1_0_2_0\TBMessagingHost.exe.vir"
sh=60A882DFB633B1179EC55F395F1862192BABE03A ft=1 fh=feb8b77c43644f53 vn="Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\TBHostSupport\TBHostSupport.dll.vir"
sh=B1C5D9DC9A6493C66CD50B3767157CCFC4B4985E ft=1 fh=da713123607f778d vn="Variante von Win32/Toolbar.Conduit.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\TBHostSupport\TBHostSupport_0.dll.vir"
sh=6B7D5797269DEB940E7FFFE14110EC63DD6E09E4 ft=1 fh=71e703819412be24 vn="Variante von MSIL/Packed.Cellbi.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Local\Webinternetsecurity\uninstall.webinternetsecurity.exe.vir"
sh=C5EB826131E5A9B629371E3BAC6F89377FCD65AF ft=0 fh=0000000000000000 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\eBay.lnk.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Roaming\newnext.me\nengine.dll.vir"
sh=9FE1F2B1FB6F2E1BBBE7B068CD5F79832C36BE39 ft=1 fh=526118062f73ede6 vn="Win32/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Roaming\SearchProtect\Res\SPSetup.exe.vir"
sh=45EBE0FDE5DFE2D3680BB9EC4ACA875DE0F392EA ft=1 fh=c71c0011eeab8e7c vn="Win32/bProtector.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Roaming\SeeSimilar\install_helper.exe.vir"
sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\David Engel\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=FA3D2307FE046020C22235418DA67905856A69AC ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\David Engel\AppData\Local\CRE\pickdmmkcajdddggmoaommkkoafandof.crx.xBAD"
sh=556095C3C04108657513E0DB73F9659259FE752E ft=1 fh=2b61ea0a79f227a9 vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe.xBAD"
sh=2C8981A59216CCB644BE5FBC92DBB7F8F0188F99 ft=1 fh=6aad921543298e71 vn="Variante von Win32/AdSuproot.A Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe.xBAD"
sh=D95DA6EB1B41CE144BC78AA7EF8FDBA782692156 ft=1 fh=038f0e9c2aa6fcd9 vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Default\AppData\Roaming\Compatibility Verifier\d3dcompiler_46.dll.xBAD"
sh=6FAC18F40A0B9D8591E636CB3B40208DE00A527D ft=1 fh=f4fb7f62c46286d7 vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Default\AppData\Roaming\Compatibility Verifier\ffmpegsumo.dll.xBAD"
sh=2E6E4C2FDF55F1E6CB989861ABC276BF28DE1F0C ft=1 fh=ab455342bbbbf6b6 vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Default\AppData\Roaming\Compatibility Verifier\libEGL.dll.xBAD"
sh=A759EFBF880BDF0268F7ACA91E5C7CFA184EC6BA ft=1 fh=8b9d0fa7f7d4506b vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Default\AppData\Roaming\Compatibility Verifier\libGLESv2.dll.xBAD"
sh=560236056E7C0D6603562B7296CBA8EDA6B081D5 ft=1 fh=27394455615c306e vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\FRST\Quarantine\C\Users\Default\AppData\Roaming\Compatibility Verifier\NPSWF32_15_0_0_189.dll.xBAD"
sh=B484B8201D40FE783C7BA45D1A3788F8ACFB6C60 ft=1 fh=3733a015581f57e3 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="D:\Silvia\SoftonicDownloader_fuer_ikea-home-planer.exe" |