zu viele pup's gefunden Guten Abend,
mein Sohn hat mir seinen Laptop gebracht und ich hab mich gewundert wie langsam der läuft. Ich hab dann mal Malwarebytes durchlaufen lassen und einige PUP's gefunden. Ich vermute mal, dass die daran schuld sind.
Hier ist die txt file von MWB. Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 27.01.2015
Suchlauf-Zeit: 18:06:53
Logdatei: Malwarebytes2701.txt
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2015.01.27.07
Rootkit Datenbank: v2015.01.14.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Undertaker
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 427460
Verstrichene Zeit: 32 Min, 20 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 10
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, , [f96a8a721475ab8b8b1249abbd45c23e],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64, , [f76c5f9d6d1c092defc1683059aada26],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [c79ceb11711848ee7d742476a0630df3],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [c59eb04c6128989e03c2f5051be954ac],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [83e0fffda8e14aecfcca14e662a2df21],
PUP.Optional.OfferMosquito.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\OfferMosquito, , [bba86e8e4e3b300693681be2d0348977],
PUP.Optional.Somoto.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Somoto, , [471ca05cd7b2db5b2c82286691724eb2],
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, , [491a7e7e1475d75fc31e574019ea758b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, , [e77ca75594f5db5b850f1645eb188f71],
Registrierungswerte: 2
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [c79ceb11711848ee7d742476a0630df3]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|PopularScreensavers EPM Support, "C:\PROGRA~2\POPULA~2\bar\1.bin\7imedint.exe" T8EPMSUP.DLL,S, , [6102f8047c0dd462cc6cd2b5ad569e62]
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 8
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\History, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Settings, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.Extutil.A, C:\Users\Undertaker\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, , [ee7578842f5a58de0c8ab9a0f50e758b],
PUP.Optional.Managera.A, C:\Users\Undertaker\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, , [c1a28577f39668ce3d5a0d4c996ab848],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670, , [e77ca75594f5db5b850f1645eb188f71],
Dateien: 42
PUP.Optional.AdvancedSystemProtector, C:\Windows\System32\sasnative64.exe, , [105303f9a4e58da97078239e1ee306fa],
PUP.Optional.Conduit.A, C:\Users\Undertaker\AppData\Local\Temp\nsbAC51.exe, , [d2919c60e7a2c96db892456252afc13f],
PUP.Optional.Conduit.A, C:\Users\Undertaker\AppData\Local\Temp\nsc8D10.exe, , [362df7054841191dc5854e59758c9967],
PUP.Optional.Conduit.A, C:\Users\Undertaker\AppData\Local\Temp\nsg9B0.exe, , [f370c03ca1e89f974cfefdaa5ea320e0],
PUP.Optional.Conduit.A, C:\Users\Undertaker\AppData\Local\Temp\nsqB8DF.exe, , [d98a2dcfc0c9cf6750fa4c5b15ecca36],
PUP.Optional.Conduit.A, C:\Users\Undertaker\AppData\Local\Temp\nsr122A.exe, , [84df36c60b7e81b5c684cadd22df9967],
PUP.Optional.SearchProtect.A, C:\Users\Undertaker\AppData\Local\Temp\nsv619A\SpSetup.exe, , [9ac9c735f693979fd7913879d22fc937],
PUP.Optional.SkyTech.A, C:\Users\Undertaker\AppData\Local\Temp\fullpackage_temp1388606446\QQBrowserFrame.dll, , [243f1fdda6e33ff7acadd822e0216a96],
PUP.Optional.DomaIQ, C:\Users\Undertaker\Downloads\New player.exe, , [491a619b17721e182c6c2f9cf908639d],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys, , [f76c5f9d6d1c092defc1683059aada26],
PUP.Optional.BetterDeals.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, , [adb6b3495732cb6bd938960f7d863cc4],
PUP.Optional.BetterDeals.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, , [085bb943f792c76fb65b6f36b053b34d],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACB809, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACBCAA, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACBF78.bmp, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACC0A0.bmp, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACC11D.bmp, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACC19A.bmp, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACC207.bmp, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACC2D2.bmp, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACC32F.cab, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACC523.bmp, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\24ACC59F.bmp, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\25596A3B, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Cache\files.ini, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\History\search3, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.MindSpark.A, C:\Users\Undertaker\AppData\LocalLow\PopularScreensavers_7i\bar\Settings\prevcfg2.htm, , [1152ab51e1a880b6bc1cada5c83bef11],
PUP.Optional.Extutil.A, C:\Users\Undertaker\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, , [ee7578842f5a58de0c8ab9a0f50e758b],
PUP.Optional.Extutil.A, C:\Users\Undertaker\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, , [ee7578842f5a58de0c8ab9a0f50e758b],
PUP.Optional.Extutil.A, C:\Users\Undertaker\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, , [ee7578842f5a58de0c8ab9a0f50e758b],
PUP.Optional.Managera.A, C:\Users\Undertaker\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, , [c1a28577f39668ce3d5a0d4c996ab848],
PUP.Optional.Managera.A, C:\Users\Undertaker\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, , [c1a28577f39668ce3d5a0d4c996ab848],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\GoogleCrashHandler.exe, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\GoogleUpdate.exe, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\GoogleUpdateBroker.exe, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\GoogleUpdateHelper.msi, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\GoogleUpdateOnDemand.exe, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\goopdate.dll, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\goopdateres_en.dll, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\npGoogleUpdate4.dll, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\psmachine.dll, , [e77ca75594f5db5b850f1645eb188f71],
PUP.Optional.GlobalUpdate.A, C:\Users\Undertaker\AppData\Local\Temp\comh.23670\psuser.dll, , [e77ca75594f5db5b850f1645eb188f71],
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end) Vielen Dank schon mal für Eure Hilfe.
LG
Ani |