LiquidBerry | 29.11.2015 14:10 | MBAM: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 29.11.2015
Suchlaufzeit: 13:22
Protokolldatei: mbam.txt
Administrator: Ja
Version: 2.2.0.1024
Malware-Datenbank: v2015.11.29.02
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x86
Dateisystem: NTFS
Benutzer: Nonnweiler
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 433384
Abgelaufene Zeit: 38 Min., 31 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 9
PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunAsStandardUser55F65376C3E44BA2BC9D9087841A12B8, , [9b2b176cb5d6e2544c6c2c6b946f0df3],
PUP.Optional.OpenCandy, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\OpenCandyHelperRunOnceD1B30F8147D642419D9C0F0C7E77FD09, , [ffc7374ce6a5a09613a58512d0338080],
PUP.Optional.PlusHD, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-2.5, , [5a6c0a79dab19b9ba02ecfcafb089070],
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{436A72BB-13B7-4CBC-A12A-617461F4C034}, , [6a5cd7acf89380b6004b1e60bc472dd3],
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5BC7017E-AB20-4627-8D4D-C7E079702FD4}, , [6f57542fc8c391a523286b1307fced13],
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73CAC931-3C24-44D7-9DCA-959CB54748F7}, , [e7df87fc761587af1438403e2fd42ed2],
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A99B8491-9662-4502-B9FD-2131DEE433B2}, , [0eb8612293f883b3be8ddf9fa75c42be],
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1EED49D-CF0B-4E82-8239-7322B0A5981B}, , [e4e28cf733586dc9f3582955de25ad53],
PUP.Optional.SnapDo, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\SMARTBAR, , [02c4265d38533006864a9a0904ffa060],
Registrierungswerte: 7
PUP.Optional.BProtector, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}, , [5f672d562665ca6c244467791ae9ac54]
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{436A72BB-13B7-4CBC-A12A-617461F4C034}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, , [6a5cd7acf89380b6004b1e60bc472dd3]
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5BC7017E-AB20-4627-8D4D-C7E079702FD4}|AppName, VisualBee-enabler.exe-buttonutil.exe, , [6f57542fc8c391a523286b1307fced13]
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73CAC931-3C24-44D7-9DCA-959CB54748F7}|AppName, Plus-HD-2.5-enabler.exe-codedownloader.exe, , [e7df87fc761587af1438403e2fd42ed2]
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A99B8491-9662-4502-B9FD-2131DEE433B2}|AppName, Plus-HD-2.5-enabler.exe-buttonutil.exe, , [0eb8612293f883b3be8ddf9fa75c42be]
PUP.Optional.CrossRider, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D1EED49D-CF0B-4E82-8239-7322B0A5981B}|AppName, VisualBee-enabler.exe-buttonutil.exe, , [e4e28cf733586dc9f3582955de25ad53]
PUP.Optional.SnapDo, HKU\S-1-5-21-2906294217-3088318799-3869448690-1001\SOFTWARE\SMARTBAR|publisher, SnapdoVBYB, , [02c4265d38533006864a9a0904ffa060]
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 36
PUP.Optional.Booster, C:\Program Files\SW_Booster, , [03c3453eb9d2280e30f993d85da55ca4],
PUP.Optional.MindSpark, C:\Users\Nonnweiler\AppData\LocalLow\Retrogamer_4wEI, , [7452562d94f70135ca3a0a7833cf8e72],
PUP.Optional.MindSpark, C:\Users\Nonnweiler\AppData\LocalLow\Retrogamer_4wEI\Installr, , [7452562d94f70135ca3a0a7833cf8e72],
PUP.Optional.MindSpark, C:\Users\Nonnweiler\AppData\LocalLow\Retrogamer_4wEI\Installr\Cache, , [7452562d94f70135ca3a0a7833cf8e72],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf\2.14, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\203, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg\1.0, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf\2.14, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\203, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg\1.0, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf\2.14, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\203, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg\1.0, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Spigot, C:\Users\Nonnweiler\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cekonfccladjgbdhpgobceahgjdcdbod, , [9531fc87c4c7bc7a52bf771ea45e7f81],
PUP.Optional.Spigot, C:\Users\Nonnweiler\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jloeihbcjbkgigodmcacomgfihpiaiip, , [52749de6a5e6aa8c64ae356006fcd828],
Dateien: 21
PUP.Optional.Spigot, C:\Users\Nonnweiler\AppData\Local\Temp\SettingsManager.exe, , [992d770cfc8f5ed8198d6429a4607e82],
PUP.Optional.MindSpark, C:\Users\Nonnweiler\AppData\LocalLow\Retrogamer_4wEI\Installr\Cache\004455BE.exe, , [7452562d94f70135ca3a0a7833cf8e72],
PUP.Optional.MindSpark, C:\Users\Nonnweiler\AppData\LocalLow\Retrogamer_4wEI\Installr\Cache\files.ini, , [7452562d94f70135ca3a0a7833cf8e72],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf\2.14\background.html, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf\2.14\manifest.json, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\203\background.html, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\203\manifest.json, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg\1.0\background.html, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg\1.0\manifest.json, , [586e8ef5f8931f175b30326058aa9868],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf\2.14\background.html, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf\2.14\manifest.json, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\203\background.html, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\203\manifest.json, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg\1.0\background.html, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg\1.0\manifest.json, , [21a52a59b0db2016a7e4c1d13ec4e917],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf\2.14\background.html, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\beflgnlmgicfjjlanjhfpjepcnmdchbf\2.14\manifest.json, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\203\background.html, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc\203\manifest.json, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg\1.0\background.html, , [3a8cafd43e4d6fc7048797fbcf33dd23],
PUP.Optional.Chromatic, C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\hgjgdddojoddjjleefamabciifmckdmg\1.0\manifest.json, , [3a8cafd43e4d6fc7048797fbcf33dd23],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) Wie kann ich die funde in Quarantäne verschieben? |