habe ein Versucht ein Java-update zu machen und mir dabei scheinbar was eingefangen. Hier ein mbm- log. Das Zeug ist jetzt in Quarantäne. Reicht das oder kann ich noch mehr unternehmen.
Code:
Alles auswählen Aufklappen ATTFilter
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 13.06.2014
Scan Time: 18:53:10
Logfile: mbmjava.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.06.13.06
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Admin
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 282705
Time Elapsed: 26 min, 3 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 1
PUP.Optional.Trovi.A, HKU\S-1-5-21-215206202-106891609-722276783-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=MC909C447-9036-466C-B377-37C043A52762&SearchSource=55&CUI=&UM=5&UP=SP0AE36D24-4BA7-451E-A46A-1B2204746182&SSPV=214CH36A_sp_ie, Good: (www.google.com), Bad: (hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=MC909C447-9036-466C-B377-37C043A52762&SearchSource=55&CUI=&UM=5&UP=SP0AE36D24-4BA7-451E-A46A-1B2204746182&SSPV=214CH36A_sp_ie),Replaced,[b644c4b3502bd75f8a10de8d53b132ce]
Folders: 2
PUP.Optional.OpenCandy, C:\Users\Admin\AppData\Roaming\OpenCandy, Quarantined, [24d6492e1f5c55e18b6bb7d0be44f60a],
PUP.Optional.OpenCandy, C:\Users\Admin\AppData\Roaming\OpenCandy\59EA691CA20E427593BB366A681D2C55, Quarantined, [24d6492e1f5c55e18b6bb7d0be44f60a],
Files: 12
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Roaming\OpenCandy\59EA691CA20E427593BB366A681D2C55\sp-downloader.exe, Quarantined, [fefcb7c0e09b14222c6021fe15ec9e62],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\nsd71B9.exe, Quarantined, [dd1dcbac6714f73f5a888ef641c04db3],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\nsdBBE5.exe, Quarantined, [0eec92e5b4c795a1ac3652328e730000],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\nsiF8FA.exe, Quarantined, [84761661770463d37270394b58a942be],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\nssF061.exe, Quarantined, [11e94334bbc06fc71cc686fe010001ff],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\nsyB11A.exe, Quarantined, [33c7fe79a8d3d36339a98df704fdf50b],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\nsyB6E5.exe, Quarantined, [22d82354abd03501cd15f4901ce548b8],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\nsyE7AA.exe, Quarantined, [75858aedfb804fe7be24e59ffe038b75],
PUP.Optional.Conduit.A, C:\Users\Admin\AppData\Local\Temp\nsi8529\SpSetup.exe, Quarantined, [21d906717704bd796d75dfa502ff768a],
PUP.Optional.OpenCandy, C:\Users\Admin\Downloads\jre-8u5-windows-x64.exe, Quarantined, [7d7d86f1205b26108b4a0a8f7e86fe02],
PUP.Optional.OpenCandy, C:\Users\Admin\Downloads\JavaSetup7u60.exe, Quarantined, [f2081562c7b4a492c510debb50b406fa],
PUP.Optional.Trovi.A, C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "hxxp://www.trovi.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=MC909C447-9036-466C-B377-37C043A52762&SearchSource=55&CUI=&UM=5&UP=SP0AE36D24-4BA7-451E-A46A-1B2204746182&SSPV=214CH36A_sp_ch" ],), Replaced,[16e466113d3e2d0920aae4be47bdb44c]
Physical Sectors: 0
(No malicious items detected)
(end)
13.06.2014, 18:26
Baum-Darstellung