Schritt 1: Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 14.09.17
Scan-Zeit: 16:34
Protokolldatei: dfd3a8c2-9959-11e7-9632-142d27eeaaee.json
Administrator: Ja
-Softwaredaten-
Version: 3.2.2.2018
Komponentenversion: 1.0.188
Version des Aktualisierungspakets: 1.0.2803
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: HEIKE\Lenovo
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 373764
Erkannte Bedrohungen: 31
In die Quarantäne verschobene Bedrohungen: 31
Abgelaufene Zeit: 9 Min., 49 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 3
PUP.Optional.WinYahoo.Generic, C:\PROGRAMDATA\{FDA738C4-77E5-B202-F123-2C406B61A78E}, In Quarantäne, [1186], [343986],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\USERS\LENOVO\APPDATA\LOCAL\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}, In Quarantäne, [71], [302717],1.0.2803
Datei: 28
PUP.Optional.WinYahoo.Generic, C:\PROGRAMDATA\{FDA738C4-77E5-B202-F123-2C406B61A78E}\seca, In Quarantäne, [1186], [343986],1.0.2803
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{FDA738C4-77E5-B202-F123-2C406B61A78E}\hdat1, In Quarantäne, [1186], [343986],1.0.2803
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{FDA738C4-77E5-B202-F123-2C406B61A78E}\hdat2, In Quarantäne, [1186], [343986],1.0.2803
PUP.Optional.WinYahoo.Generic, C:\ProgramData\{FDA738C4-77E5-B202-F123-2C406B61A78E}\mefife, In Quarantäne, [1186], [343986],1.0.2803
PUP.Optional.WinYahoo, C:\USERS\LENOVO\APPDATA\LOCAL\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HOWTOREMOVE\HOWTOREMOVE.HTML, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\chromium-min.jpg, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\control panel-min-min.JPG, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\down.png, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\ff menu.JPG, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\ff search engine-min.png, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\hp-min ff.png, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\hp-min ie.png, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\search engine.gif, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\setup pages.gif, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\sp-min.png, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\start-min.jpg, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\HowToRemove\up.png, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\bapi_chmm.dat, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\bapi_ff.dat, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\bapi_ie.dat, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\daci, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\fono, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\install.log, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\lomo, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\teti, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\uninst.dat, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.WinYahoo, C:\Users\Lenovo\AppData\Local\{94E5A2B9-B04D-CE01-DDD5-EBE9F9BD1771}\uninstp.dat, In Quarantäne, [71], [302717],1.0.2803
PUP.Optional.SysTweak, C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\SCANS\FILESSTASH\81A411A8-DAF6-C574-901A-DF981273AAD6_1D1CBD3EC0DF431, In Quarantäne, [238], [114383],1.0.2803
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Sorry das hat bisserl gedauert, hier Schritt 2: Code:
16:58:08 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.17.0
# EOSSerial=
# end=init
# utc_time=2017-09-14 14:58:08
# local_time=2017-09-14 16:58:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.3.9600 NT
16:58:12 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.17.0
# EOSSerial=6cc017bc494e1d4b882f2b37f320d6c6
# end=init
# utc_time=2017-09-14 14:58:12
# local_time=2017-09-14 16:58:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.3.9600 NT
16:58:25 Updating
16:58:25 Update Init
16:58:26 Update Download
17:07:29 esets_scanner_reload returned 0
17:07:30 g_uiModuleBuild: 34744
17:07:30 Update Finalize
17:07:30 Call m_esets_charon_send
17:07:30 Call m_esets_charon_destroy
17:07:30 Updated modules version: 34744
17:07:38 Call m_esets_charon_setup_create
17:07:38 Call m_esets_charon_create
17:07:38 m_esets_charon_create OK
17:07:38 Call m_esets_charon_start_send_thread
17:07:38 Call m_esets_charon_setup_set
17:07:38 m_esets_charon_setup_set OK
17:07:38 Scanner engine: 34744
19:39:50 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.17.0
# EOSSerial=6cc017bc494e1d4b882f2b37f320d6c6
# engine=34744
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# sfx_checked=true
# utc_time=2017-09-14 17:39:50
# local_time=2017-09-14 19:39:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.3.9600 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 11419099 41148696 0 0
# scanned=2
# found=6
# cleaned=0
# scan_time=9139
sh=D565560071BA11E80A3361EBF603132F18B0E304 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.AH eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\bbSqWy6yhK\1293297481.mxaddon"
sh=1951424B2C9396E09E6ED9BC84BE3D9A04F7632B ft=1 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Lenovo\Documents\Mein SugarSync\Downloads\FreeYouTubeDownload3020.exe"
sh=6431BAEFDC282198B4ABF640277F59935A8D638F ft=1 fh=0000000000000000 vn="Win32/FusionCore.L eventuell unerwünschte Anwendung,Variante von Win32/FusionCore.L eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Lenovo\Downloads\avc-609free.exe"
sh=3644F6FECD157D40267D8ABA4A9155AC58D80B64 ft=1 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung,ist OK" ac=I fn="C:\Users\Lenovo\Downloads\FreeAudioCDToMP3Converter.exe"
sh=E474F7B9AE6FDC138FBF386877F1DA481513D1BA ft=1 fh=0000000000000000 vn="Variante von Win32/Freemake.A eventuell unerwünschte Anwendung,ist OK" ac=I fn="C:\Users\Lenovo\Downloads\FreemakeVideoConverterFull_4.1.5.4.exe"
sh=883D2C5D8554CB094FFF92955AE6A6A6F55C98B8 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L eventuell unerwünschte Anwendung,Variante von Win32/Systweak.N eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Lenovo\Downloads\wz190gev-32.msi"
20:10:47 Call m_esets_charon_send
20:10:47 Call m_esets_charon_destroy
20:10:48 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Lenovo\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
Und Schritt 3: Code:
Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
Malwarebytes
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 31
Java version 32-bit out of Date!
Adobe Flash Player 27.0.0.130
Mozilla Firefox (50.1.0)
Google Chrome (60.0.3112.113)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
|
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Lesestoff:
SecurityCheck und: