| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Registry Einträge löschen Wichtig?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
25.07.2014, 02:10
| #1 |
| |  Registry Einträge löschen Wichtig? Hallo, ich habe, nachdem ich mich über SpyHunter schlau gemacht habe, das die Mutter eines Freundes tragischerweise auf seinen PC geladen hat, auch selbst einmal Malwarebytes über meinen Rechner laufen lassen. Er hat auch so manche Adware gefunden. SearchProtect, Iminent usw... Hier ist der Log des ersten Laufes: (wenn ihr wenig Zeit habt, lest euch nur den Log des zweiten Laufes durch) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 25.07.2014 Scan Time: 01:15:05 Logfile: Test.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.24.09 Rootkit Database: v2014.07.17.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Anwender Scan Type: Threat Scan Result: Completed Objects Scanned: 317415 Time Elapsed: 15 min, 52 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 55 PUP.Optional.SearchProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, , [6eeb50538cef72c4b145405419e8bb45], PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [5009d6cde6951521a2b460010bf707f9], PUP.Optional.Spigot, HKLM\SOFTWARE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}\INPROCSERVER32, , [5009d6cde6951521a2b460010bf707f9], PUP.Optional.Spigot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [5009d6cde6951521a2b460010bf707f9], PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [5009d6cde6951521a2b460010bf707f9], PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [5009d6cde6951521a2b460010bf707f9], PUP.Optional.Spigot, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [5009d6cde6951521a2b460010bf707f9], PUP.Optional.Spigot, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [5009d6cde6951521a2b460010bf707f9], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject.1, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [5aff3271e4971c1a2836d1c2e022ab55], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\CLSID\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1fa44816-ecc1-4582-89c8-c8b043ba7656}, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{848B6490-7D35-4482-8C9F-C1350C53C5A5}, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{848B6490-7D35-4482-8C9F-C1350C53C5A5}, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1fa44816-ecc1-4582-89c8-c8b043ba7656}, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\wit4ie.WitBHO.2, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\wit4ie.WitBHO, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wit4ie.WitBHO, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wit4ie.WitBHO.2, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Blabbers.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}, , [d6831c87c9b291a57ed7f8649d65a759], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [73e602a1f6858da9bc7b890b44beef11], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [4910a300a9d2290dac8c8f056f9328d8], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [65f413909fdcac8aae1eb1e2e81ab64a], PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, , [0158bce73a41ee4899ffbf334fb3c937], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent, , [7fdab1f2f9827bbbb312f12be2226f91], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, , [9fbad2d1f18a81b5bef87a8e1ce8bf41], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, , [8ccda7fca3d8320493232bdd2adaa35d], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, , [a7b29e059ae151e59909c34d9272738d], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [cc8dcfd42655b185d4c446acd32f936d], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, , [d3865053f08b62d4ae1772aa3dc7ad53], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender, , [4e0b7e2593e8979fbdf909ffb74d7789], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender.1, , [78e13172d5a672c43a7c1bed0103738d], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, , [55043c679dde54e29c0637d94db73fc1], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\igdhbblpcellaljokkpfhcjlagemhgjl, , [24358f141d5efd39d5c2e60ce022768a], PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, , [2237eab983f8e056100f804e30d2659b], PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA, , [96c3e4bfa8d39c9a51fc55b4a2628f71], PUP.Optional.Iminent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinkHandler, , [0554782b27547fb76d29ef03eb17916f], PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, , [2039f7ac2d4e76c05401775002008d73], PUP.Optional.Iminent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPROTECTION, , [1940a5fea5d6fa3cd535b154ec18df21], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, , [9abf8f14ff7cdf576e2b7a780af8c53b], PUP.Optional.InstallCore.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [ed6c752e1764c86e7a29698806fc8a76], PUP.Optional.InstallCore.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [1742c2e199e2b18578402bdc93715ea2], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, , [45145b48b7c461d52b1e00dd8181ac54], PUP.Optional.Softonic.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [5306f6adadce93a3b705548cbb4751af], Registry Values: 10 PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [65f413909fdcac8aae1eb1e2e81ab64a], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [9cbdc6dde299aa8c1bb1bad95da57b85], PUP.Optional.Spigot.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Extensions, "C:\Users\Anwender\AppData\Roaming\Browser Extensions\CouponsHelper.exe", , [9fbaffa48eedea4c2a94a27f788c0ff1] PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Iminent, C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C", , [69f0148f7dfea78f9b703fc6b94bcf31] PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|IminentMessenger, C:\Program Files (x86)\Iminent\Iminent.Messengers.exe, , [f663554e7cff0036d933b352c044629e] PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, , [2237eab983f8e056100f804e30d2659b] PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA|MUpdBlock, { "MASSUPDATE" : { "CHROME_MBAR" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 1 }, "FIREFOX_MBAR" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 1 }, "IEXPLORE_BHO" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 4 } } } , , [96c3e4bfa8d39c9a51fc55b4a2628f71] PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, , [2039f7ac2d4e76c05401775002008d73] PUP.Optional.Iminent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPROTECTION|ImagePath, C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe, , [1940a5fea5d6fa3cd535b154ec18df21] PUP.Optional.InstallCore.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, zr2X2X1G1S1F2V1S2Q0V, , [1742c2e199e2b18578402bdc93715ea2] Registry Data: 2 PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll),,[db7e693a8deec0769c5a7222748d8e72] PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, Good: (), Bad: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll),,[1d3c168d8dee3ef825d1197ba35e936d] Folders: 27 PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, , [e376bee55b209d99b81531e022e2ab55], Rogue.Multiple, C:\ProgramData\374311380, , [1940bce799e2350143538d0a02000df3], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\rep, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\STG, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\UI, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\UI\rep, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.Extutil.A, C:\Users\Anwender\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, , [94c55b48403bbc7ae390fdc29d656799], PUP.Optional.Managera.A, C:\Users\Anwender\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, , [adaceeb547348aacc3b1526d70921fe1], Files: 113 PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, , [6eeb50538cef72c4b145405419e8bb45], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, , [db7e693a8deec0769c5a7222748d8e72], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, , [1d3c168d8dee3ef825d1197ba35e936d], PUP.Optional.Spigot, C:\Users\Anwender\AppData\Roaming\Browser Extensions\Coupons64.dll, , [5009d6cde6951521a2b460010bf707f9], PUP.Optional.Spigot, C:\Users\Anwender\AppData\Roaming\Browser Extensions\coupons.dll, , [5009d6cde6951521a2b460010bf707f9], PUP.Optional.Somoto, C:\Users\Anwender\AppData\Local\Temp\bitool.dll, , [3722584bbac13600da21f6b233ce2bd5], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\Temp\nsb7E2A.tmp, , [2e2ba102cead8aaccc2abfd58e737789], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nsfC236.exe, , [ce8bdcc756259f97cf03a8e2a061ae52], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nsk70F5.exe, , [ce8bc5def88375c17f53880256ab8f71], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nskBD74.exe, , [6eeb1c87b5c6a98d8a4884065aa7cf31], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nskC6E8.exe, , [64f5841f106bfa3c18ba08825ca5cd33], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nslC3AF.exe, , [2e2bb0f3295251e5735fe5a5c63b0000], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nsm12D3.exe, , [11484f542853d066cf03b6d4d72aea16], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nsmC912.exe, , [a3b630733a416bcb9a385337ad5401ff], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\Temp\nsp3D94.tmp, , [e87113904b30f6402fc77d17f30e669a], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nsp750B.exe, , [f2671e857cff21152ba7fa90fb06916f], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\sp-downloader.exe, , [f564bbe8512a42f448e8968fbb46a25e], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nsrC1DF.exe, , [2633416282f9eb4bcf03404a45bc857b], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nsrF49.exe, , [3722aff4a8d352e4b71b99f191708e72], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nsu6CA0.exe, , [2435cbd8b1caf73f577bbbcf6b968a76], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nsw166C.exe, , [1346a2013a41f83e20b203879e637888], PUP.Optional.Conduit.A, C:\Users\Anwender\AppData\Local\Temp\nshC5E6.exe, , [79e0960d35460531755db4d619e8b44c], PUP.Optional.Softonic.A, C:\Users\Anwender\Downloads\SoftonicDownloader_fuer_painttool-sai.exe, , [0851b1f2b7c43ff76254a8803cc5b64a], PUP.Optional.Iminent.A, C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, , [2b2e643fa6d590a687bd0dce12f06898], PUP.Optional.Iminent.A, C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js, , [3a1fc3e0ef8c95a13be0f21347bd817f], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, , [e376bee55b209d99b81531e022e2ab55], PUP.Optional.Spigot.A, C:\Users\Anwender\AppData\Roaming\Browser Extensions\CouponsHelper.exe, , [9fbaffa48eedea4c2a94a27f788c0ff1], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\CRASH_DUMP_P3284_T3288_D2014_07_24_T17_55_51.dmp, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\CRASH_REPORT_P3284_T3288_D2014_07_24_T17_55_51.txt, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\STG\Init_7CD9.tmp, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\STG\Init_7D57.tmp, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\SearchProtect\STG\Init_7DE4.tmp, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.SearchProtect.A, C:\Users\Anwender\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, , [fd5c564db1ca92a453bd9528cc369769], PUP.Optional.Extutil.A, C:\Users\Anwender\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, , [94c55b48403bbc7ae390fdc29d656799], PUP.Optional.Extutil.A, C:\Users\Anwender\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, , [94c55b48403bbc7ae390fdc29d656799], PUP.Optional.Extutil.A, C:\Users\Anwender\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, , [94c55b48403bbc7ae390fdc29d656799], PUP.Optional.Managera.A, C:\Users\Anwender\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, , [adaceeb547348aacc3b1526d70921fe1], PUP.Optional.Managera.A, C:\Users\Anwender\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, , [adaceeb547348aacc3b1526d70921fe1], PUP.Optional.Spigot.A, C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "https://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ch",), ,[8fca6c37d4a78ea8c35ec819b54f6e92] Physical Sectors: 0 (No malicious items detected) (end) Am Ende sah das Ergebnis des Scans so aus: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 25.07.2014 Scan Time: 02:45:27 Logfile: Test2.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.25.01 Rootkit Database: v2014.07.17.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Anwender Scan Type: Threat Scan Result: Completed Objects Scanned: 316412 Time Elapsed: 12 min, 21 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 49 PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.BrowserHelperObject.1, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [942102a1de9d2115db852d6629d99e62], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\CLSID\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1fa44816-ecc1-4582-89c8-c8b043ba7656}, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{848B6490-7D35-4482-8C9F-C1350C53C5A5}, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{848B6490-7D35-4482-8C9F-C1350C53C5A5}, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1fa44816-ecc1-4582-89c8-c8b043ba7656}, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\wit4ie.WitBHO.2, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\CLASSES\wit4ie.WitBHO, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wit4ie.WitBHO, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\wit4ie.WitBHO.2, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Blabbers.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{ED1E27F0-1BCD-42A4-AD62-7FC21E086E54}, , [07aeabf897e4e254c69114481ee40df3], PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [c9ec871c9fdc5dd93127174a3ec437c9], PUP.Optional.Spigot, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [c9ec871c9fdc5dd93127174a3ec437c9], PUP.Optional.Spigot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [c9ec871c9fdc5dd93127174a3ec437c9], PUP.Optional.Spigot, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [c9ec871c9fdc5dd93127174a3ec437c9], PUP.Optional.Spigot, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}, , [c9ec871c9fdc5dd93127174a3ec437c9], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [7a3ba102dba0b28442f71084a2607987], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [a510f7ac0d6e4cea46f4a0f482809f61], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [bafb346f2b503df95579ff945ca6758b], PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, , [6c491291790248ee920831c1cc360ff1], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent, , [8b2a0c972a5160d6aa1d95874cb8cd33], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, , [cee7bbe833487db9bcfca761fd070ef2], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, , [ddd8ecb7730822146058a761ad572bd5], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, , [1f96dac9e19af442a3016aa610f45fa1], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [961fd7cc304b46f07a20e012e81a30d0], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, , [a411f1b26417a591dcebda42cd3724dc], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender, , [734212915724e650c3f5c1478a7ab54b], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IminentWebBooster.ScriptExtender.1, , [e3d29a0994e7f541e5d3a76125dfb54b], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, , [1b9a851eb0cb51e52b79f51b57addf21], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\igdhbblpcellaljokkpfhcjlagemhgjl, , [2a8b168d5e1d76c05346a052b54ded13], PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA, , [13a2960dfd7eda5c410e0ffa32d2758b], PUP.Optional.Iminent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WinkHandler, , [1a9b9a0989f29c9a227619d914eee61a], PUP.Optional.Iminent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPROTECTION, , [b10453506318290d1eee0df88183e818], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\Iminent, , [4273376cf685a294673412e059a9c739], PUP.Optional.InstallCore.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [e5d0980bec8ffb3b564fa0517c8602fe], PUP.Optional.InstallCore.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\INSTALLCORE, , [6253d6cd98e376c03d7d4bbc63a19d63], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, , [882d50539cdfdd59f7546d708f73e818], PUP.Optional.Softonic.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\SOFTONIC\Universal Downloader, , [c8edeab9f48794a2a41ac11f61a1e21e], Registry Values: 8 PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [bafb346f2b503df95579ff945ca6758b], PUP.Optional.Iminent.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, , [08adc2e15b20bb7bc6085b3850b2669a], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Iminent, C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C", , [b6ff4a59d8a3e551e528986df90bfe02] PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|IminentMessenger, C:\Program Files (x86)\Iminent\Iminent.Messengers.exe, , [e5d0485be497f145ce400302a75dc13f] PUP.Optional.Umbrella.A, HKLM\SOFTWARE\WOW6432NODE\UMBRELLA|MUpdBlock, { "MASSUPDATE" : { "CHROME_MBAR" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 1 }, "FIREFOX_MBAR" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 1 }, "IEXPLORE_BHO" : { "Checked" : 1, "RetryIdx" : 0, "Version" : 4 } } } , , [13a2960dfd7eda5c410e0ffa32d2758b] PUP.Optional.Iminent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPROTECTION|ImagePath, C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe, , [b10453506318290d1eee0df88183e818] PUP.Optional.InstallCore.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\INSTALLCORE|tb, zr2X2X1G1S1F2V1S2Q0V, , [6253d6cd98e376c03d7d4bbc63a19d63] PUP.Optional.Spigot.A, HKU\S-1-5-21-953273123-1783433218-2112471993-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-2\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Browser Extensions, "C:\Users\Anwender\AppData\Roaming\Browser Extensions\CouponsHelper.exe", , [4471099a106b75c1a31ec859b351ca36] Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 2 PUP.Optional.Softonic.A, C:\$RECYCLE.BIN\S-1-5-21-953273123-1783433218-2112471993-1001\$R8ERYVG.exe, , [c1f4dac9f08b50e67b3b4ddbeb168d73], PUP.Optional.Iminent.A, C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage, , [0ca9148fbcbfe74ffa4c3e9d35cd0cf4], Physical Sectors: 0 (No malicious items detected) (end) Bitte korrigiert mich, wenn ich falsch liege, aber ich glaube die zweite Datei ist nur eine unseriöse Website im Verlauf des Chrome. Ich habe generell lieber Dateien komplett gelöscht, als sie "in Quarantäne zu verschieben", oder verstehe ich hier einfach alles falsch, und das Programm löscht es direkt für micht? Ich jetzt außerdem noch die Registry-Einträge löschen? Eigentlich können sie ja alleine nicht anrichten, außer vielleicht die Values in den Einträgen von Chrome und Firefox, liege ich da richtig? Und wenn ich wirklich alle löschen muss, gibt es dann einfachere Lösungen, als die Pfade einzeln abzuklicken oder mit der Suchen-Funktion nach dem langen Dateinamen zu suchen? Danke im Voraus  Dies hier ist das erste Thema, das ich erstellt habe. Ich nehme also Kritik, die euch die Arbeit leichter macht gerne an. |
Baum-Darstellung