Code:
Alles auswählen Aufklappen ATTFilter
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 26.05.2014
Scan Time: 18:51:05
Logfile: mbam.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.05.26.02
Rootkit Database: v2014.05.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: *****
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 279743
Time Elapsed: 16 min, 54 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 1
PUP.Optional.Tarma.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\50b1f5e2-1233-43b5-b9b4-5cbfafb8a6d4, Quarantined, [11e97fd6dc9fa88e835b93b22fd1f709],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 5
PUP.Optional.InstalleRex.A, C:\ProgramData\InstallMate\{21BE4EA2-8B60-4BB4-A95F-C342FA5D6C54}\Custom.dll, Quarantined, [08f253022d4e73c378c869da8c747a86],
PUP.Optional.Tarma.A, C:\ProgramData\InstallMate\{21BE4EA2-8B60-4BB4-A95F-C342FA5D6C54}\Setup.exe, Quarantined, [11e97fd6dc9fa88e835b93b22fd1f709],
PUP.Optional.InstalleRex, C:\$Recycle.Bin\S-1-5-21-3756904942-2459461274-3818286609-1001\$RXI8S7V.exe, Quarantined, [9b5fc09546350630a8a8e19635cc7789],
PUP.Optional.Superfish.A, C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Quarantined, [23d7bb9a1d5e5fd7539caae3986a8f71],
PUP.Optional.Superfish.A, C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Quarantined, [8f6bc590d8a34ceac629c8c5ee1439c7],
Physical Sectors: 0
(No malicious items detected)
(end)
Der Spybot-Log ist mehr als 1 .Mio Zeichen lang...
Hier nochmal zwei Logs von AdwCleaner und vom Eset Online Scanner
Code:
Alles auswählen Aufklappen ATTFilter
# AdwCleaner v3.211 - Bericht erstellt am 26/05/2014 um 21:21:30
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 8.1 Pro (64 bits)
# Benutzername : ***** - *****-LAPTOP
# Gestartet von : C:\Users\*****\Downloads\adwcleaner_3.211.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\*****\AppData\Local\Temp\OCS
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\r8mew3mj.default\prefs.js ]
-\\ Google Chrome v35.0.1916.114
[ Datei : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3226 octets] - [11/05/2014 12:20:59]
AdwCleaner[R1].txt - [1249 octets] - [26/05/2014 20:26:32]
AdwCleaner[S0].txt - [3201 octets] - [11/05/2014 12:22:58]
AdwCleaner[S1].txt - [1124 octets] - [26/05/2014 21:21:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1184 octets] ##########
Code:
Alles auswählen Aufklappen ATTFilter
C:\$Recycle.Bin\S-1-5-21-3756904942-2459461274-3818286609-1001\$RYR8Q22.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 Win32/InstalleRex.M potentially unwanted application deleted - quarantined
26.05.2014, 20:29
Hybrid-Darstellung
