Code:
Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 19.01.17
Scan-Zeit: 07:48
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.0
Komponentenversion: 1.0.39
Version des Aktualisierungspakets: 1.0.1053
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: PEACHY\Alex
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 518549
Abgelaufene Zeit: 6 Min., 35 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 9
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Docertain Core, In Quarantäne, [15], [309201],1.0.1053
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Droqagegrowosy Reports, In Quarantäne, [1624], [362382],1.0.1053
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6F5ECFB4-DEE8-436D-A0E7-ACFC1498453F}, In Quarantäne, [1624], [362377],1.0.1053
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{852E5EAC-BD28-47F6-922D-6CC306F6A428}, In Quarantäne, [15], [309198],1.0.1053
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\mpc.am, In Quarantäne, [259], [352340],1.0.1053
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\mpc.am, In Quarantäne, [259], [352334],1.0.1053
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\search.mpc.am, In Quarantäne, [259], [352330],1.0.1053
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\search.mpc.am, In Quarantäne, [259], [352337],1.0.1053
PUP.Optional.Youndoo, HKLM\SOFTWARE\WOW6432NODE\youndooSoftware, In Quarantäne, [767], [182849],1.0.1053
Registrierungswert: 2
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6F5ECFB4-DEE8-436D-A0E7-ACFC1498453F}|PATH, In Quarantäne, [1624], [362377],1.0.1053
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{852E5EAC-BD28-47F6-922D-6CC306F6A428}|PATH, In Quarantäne, [15], [309198],1.0.1053
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 20
PUP.Optional.Booking, C:\USERS\ALEX\APPDATA\ROAMING\BOOKING.ICO, In Quarantäne, [504], [362374],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\SEARCHPLUGINS\3XW1IENB.XML, In Quarantäne, [420], [324483],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\SEARCHPLUGINS\3XW1IENB.XML, In Quarantäne, [420], [324483],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\SEARCHPLUGINS\0SOQNY4N.XML, In Quarantäne, [767], [324489],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4PLK0L5.ALEX\SEARCHPLUGINS\3XW1IENB.XML, In Quarantäne, [420], [302745],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4PLK0L5.ALEX\SEARCHPLUGINS\0SOQNY4N.XML, In Quarantäne, [767], [302734],1.0.1053
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
Update Init
Update Download
Update Finalize
Updated modules version: 31798
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# end=init
# utc_time=2017-01-19 06:56:47
# local_time=2017-01-19 07:56:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32114
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# end=updated
# utc_time=2017-01-19 06:59:35
# local_time=2017-01-19 07:59:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# engine=32114
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-19 12:09:34
# local_time=2017-01-19 01:09:34 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2865440 16158390 0 0
# scanned=769074
# found=84
# cleaned=0
# scan_time=18598
sh=F81CD3415D58C85D232289336647C48FBE3ED11C ft=1 fh=704de8d2e8b5ef1b vn="Variante von Win64/Packed.Komodia.F verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\agnrpdxcdwyjdxrpnozlmjjynqiwogaa.back"
sh=203F3E4320A3A2DC2E35E3B93CA65597EABAD34B ft=1 fh=e61d5b67a3f81d84 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\hahdnlwzyekrilmouvbqebnbndmpjxtl.back"
sh=623843773350AA5F780C19EC6022776FF20E37E0 ft=1 fh=90df97ff6331c41b vn="Variante von Win64/Riskware.Komodia.G Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\hgysyxwqwzjvspkltsdlqkztczkgmgcn.back"
sh=12495AD71AA29F53763B246A9CE15DB130E54607 ft=1 fh=187409252f5a37a8 vn="Variante von Win32/Adware.Agent.NPN Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\jmtoltzssgadwsvwvndmhsklljgckxhf.back"
sh=76F2808D639E0413E3B370D7650F48B6099B5AA0 ft=1 fh=e2d09406a3f81d84 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lxoifbzzzivmyqdhmimumlsgxbnetcne.back"
sh=BD4DA616EBBB6A0C66D5724A7C6D372FC61CD6FE ft=1 fh=a8660c98f963db16 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\qcdbzvsyyahalebzsrhmgbdblvtdrsdg.back"
sh=76F2808D639E0413E3B370D7650F48B6099B5AA0 ft=1 fh=e2d09406a3f81d84 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\sqryewphavokolkbsocdufkvcbnmouux.back"
sh=F81CD3415D58C85D232289336647C48FBE3ED11C ft=1 fh=704de8d2e8b5ef1b vn="Variante von Win64/Packed.Komodia.F verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\xawrassaumhdjxkkudxgtdbjnujlmnox.back"
sh=623843773350AA5F780C19EC6022776FF20E37E0 ft=1 fh=90df97ff6331c41b vn="Variante von Win64/Riskware.Komodia.G Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\xgifpecfdqkqswrpmzwspneocdpixufp.back"
sh=B306200E2B5410E93746ED061E66248D040B282D ft=1 fh=d892a395755f03cd vn="Variante von Win32/SpeedBit.AX eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\arxwnfflewvdfnyejihjgnaazaphutmq\48.0.0.0\updater.exe"
sh=05E3C729E0AC8D36C2F901D4249AAB6241E7E410 ft=1 fh=845e2544c78acd4b vn="Variante von MSIL/Injector.QTZ Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\bwfkojedplepsxqgnzxgmbvszuxbnzny\8A9JEO.exe"
sh=AA4FF01764572625460CDE395F55AC4DA9EB3572 ft=1 fh=0078c89b90908f6e vn="Variante von MSIL/Injector.QTZ Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\bwfkojedplepsxqgnzxgmbvszuxbnzny\uninstaller.exe"
sh=442473C0C1CC48A5F953E37FAFAC750D78124199 ft=1 fh=c71c0011f27b99f8 vn="Variante von Win32/AdWare.EoRezo.AU Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\bwfkojedplepsxqgnzxgmbvszuxbnzny\wincom_ZG5.exe"
sh=764A021A60890EC6E7156C8AE5D9EC34A909A40C ft=1 fh=c71c001131ef779a vn="Variante von Win32/Adware.ConvertAd.AEX Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dbctwmmpdugeydlsavzouqdnkulgyfmc\qnsg808.tmp"
sh=FA0E376F07A07228969860985E41A0B3C771840B ft=1 fh=632a91d9111d7d05 vn="Win32/Adware.ConvertAd.AHL Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dbctwmmpdugeydlsavzouqdnkulgyfmc\Uninstall.exe"
sh=764A021A60890EC6E7156C8AE5D9EC34A909A40C ft=1 fh=c71c001131ef779a vn="Variante von Win32/Adware.ConvertAd.AEX Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gnuuecxmzyykopppsjduzwygrhajokmt\qnsu77AA.tmp"
sh=FA0E376F07A07228969860985E41A0B3C771840B ft=1 fh=632a91d9111d7d05 vn="Win32/Adware.ConvertAd.AHL Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gnuuecxmzyykopppsjduzwygrhajokmt\Uninstall.exe"
sh=7E2EC011D411FEBC748D6E44D69BCBDD22676444 ft=1 fh=084c18c00f213496 vn="Variante von Win32/Adware.ConvertAd.AJP Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\hbdklnfpfaigjrinoctrugfedwvixcil\uninstall.exe"
sh=F07425B4E8C696F63ADE40F50DF97FEE41233CAA ft=1 fh=b447739edc938c93 vn="Variante von Win32/SpeedBit.AS eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\smci32.dll"
sh=6C8E997A4ED64F008D6621A031A52210AD4B83F7 ft=1 fh=ceaa452d36f52c19 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\smci64.dll"
sh=4A2488D43B8862E07213DA7DCE19CBEED0B1ACDA ft=1 fh=6252101c3804915c vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\smu.exe"
sh=C143C79D25F42BDD643BDE398D347782A0087E13 ft=1 fh=ddc00dc2c6ed8528 vn="Variante von Win32/SBWatchman.K eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\SMUninstall.exe"
sh=D22619BFCCB8677437EFD9C5012E1C35DB2AB11A ft=1 fh=b496d95a0445267e vn="Variante von Win64/SpeedBit.D eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\smw.sys"
sh=30EFF31CEDBC710B73CDAED4F6BC155982DAFC18 ft=1 fh=5a3913fd785a67d5 vn="Variante von Win32/SpeedBit.AS eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\smci32.dll"
sh=12011126EB03DD85DD0A9D61C88B3F4E7B1862F6 ft=1 fh=ceaa452d36dd42c1 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\smci64.dll"
sh=9EBF991CF744909AC9617A38FBCBEC5F1F443547 ft=1 fh=6252101caa064134 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\smu.exe"
sh=36E6F05126DA02681AE87F22B9197A52B8BFD700 ft=1 fh=b0b547251788e6a0 vn="Variante von Win32/SBWatchman.K eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\SMUninstall.exe"
sh=B8EB5D2F520395ABB2CC687C9D2AE8CC05E5EECB ft=1 fh=c2c7e9809c253321 vn="Variante von Win64/SpeedBit.D eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\smw.sys"
sh=28C9AF78EE3847F775A4B8ECBD4B5FB7D911EEAA ft=1 fh=c71c001126cfa278 vn="Variante von Win32/Adware.Zdengo.E Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\updengine.exe"
sh=76F2808D639E0413E3B370D7650F48B6099B5AA0 ft=1 fh=e2d09406a3f81d84 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdengine.dll"
sh=98FFBB14C341CBBA43A6F9D47DB1D1B14895F969 ft=1 fh=81a9d127dd125eae vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdengine.exe"
sh=F81CD3415D58C85D232289336647C48FBE3ED11C ft=1 fh=704de8d2e8b5ef1b vn="Variante von Win64/Packed.Komodia.F verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdengine64.dll"
sh=F93A1DB013EA4BDC30E2A1920110DCDA7F3AA6C6 ft=1 fh=17a95bb268fa49a7 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdenginecert.dll"
sh=6C8FE05DBA0BBACD889B6EDB64D2E52DEAAD509A ft=1 fh=3b3c8e409f01d806 vn="Variante von Win32/RiskWare.Komodia.P Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdinstaller.exe"
sh=4B85671A0A372A935D4522CF9EE0E9AC2D8252DB ft=1 fh=226701b1eed5138e vn="Variante von Win32/RiskWare.Komodia.S Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdwfp.sys"
sh=623843773350AA5F780C19EC6022776FF20E37E0 ft=1 fh=90df97ff6331c41b vn="Variante von Win64/Riskware.Komodia.G Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdwfp64.sys"
sh=DC2A7FCA16E32BDB09B372377A1B242A6D2597D1 ft=1 fh=194c872ee1218536 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\ziengine.exe"
sh=2FED57C16BD2B44AEA8FE9167EF47DFBD77E8275 ft=1 fh=fa73adf04a43fdc0 vn="Variante von Win64/Packed.Komodia.D verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\ziengine64.exe"
sh=F07425B4E8C696F63ADE40F50DF97FEE41233CAA ft=1 fh=b447739edc938c93 vn="Variante von Win32/SpeedBit.AS eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\smci32.dll"
sh=6C8E997A4ED64F008D6621A031A52210AD4B83F7 ft=1 fh=ceaa452d36f52c19 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\smci64.dll"
sh=4A2488D43B8862E07213DA7DCE19CBEED0B1ACDA ft=1 fh=6252101c3804915c vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\smu.exe"
sh=C143C79D25F42BDD643BDE398D347782A0087E13 ft=1 fh=ddc00dc2c6ed8528 vn="Variante von Win32/SBWatchman.K eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\SMUninstall.exe"
sh=D22619BFCCB8677437EFD9C5012E1C35DB2AB11A ft=1 fh=b496d95a0445267e vn="Variante von Win64/SpeedBit.D eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\smw.sys"
sh=B7B026B1CE9C4AB6193FA9FE429BC52BFE6735CE ft=1 fh=16556512ee29f987 vn="Variante von Win32/Adware.Eszjuxuan.E Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\sfvngwhypqdkqzgjkbemsiwxrikxsuvv\svchost.exe"
sh=B306200E2B5410E93746ED061E66248D040B282D ft=1 fh=d892a395755f03cd vn="Variante von Win32/SpeedBit.AX eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\szovylwnvidvcueaqkuldcgmzmjjkmwz\48.0.0.0\updater.exe"
sh=8C861BA6F67B5455E787744720E69BCBB26CE772 ft=1 fh=5a66b0f4caa7c850 vn="Variante von Win32/Speedchecker.B eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uultmmefxfqlegjtqwrkeeyvjgugavdv\PCSUSD.exe"
sh=CDD586DF54134E12C80C4D432F3DDBDFABD5E58F ft=1 fh=0e6624e2656c8b93 vn="Variante von Win32/Speedchecker.C eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uultmmefxfqlegjtqwrkeeyvjgugavdv\PCSUService.exe"
sh=9B1F08431B8B0B259516C077B3360B8ED9DFDA0D ft=1 fh=95fadfb541ab9fba vn="Variante von Win32/Speedchecker.E eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uultmmefxfqlegjtqwrkeeyvjgugavdv\PCSUUCC.exe"
sh=80EB2F11A785212E07B021B69F349C45EF21A102 ft=1 fh=da540ca5ec3671e7 vn="Variante von MSIL/Injector.QTZ Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\vuheohaaqouhpvsvgtlkklhycylfrfqv\0879OZ.exe"
sh=C9AB37D07D289B7E2667D43CD081F93489D54CBE ft=1 fh=ce231fb71a269152 vn="Variante von MSIL/Adware.CsdiMonetize.E Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\vuheohaaqouhpvsvgtlkklhycylfrfqv\B81YMQDXYL.exe"
sh=C3D898183C6441FC2D95F70D4B9FCE4145F6FBAD ft=1 fh=00916eb39bedfbba vn="Variante von MSIL/Injector.QTZ Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\vuheohaaqouhpvsvgtlkklhycylfrfqv\uninstaller.exe"
sh=9D6F57B84399B5BBBDBF7E82E28F786644D50BF2 ft=1 fh=241dfd9748361e05 vn="Variante von Win32/SpeedBit.AS eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\waiunnhtdjnazkecekmtiqyygxviixoo\GNUpdate\smci32.dll"
sh=754AE20F48D2621ECA30FF494813463E589D7ED0 ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\xxtgmzenklhximnzkdhpijaqdxyduyrt\application.xap"
sh=764A021A60890EC6E7156C8AE5D9EC34A909A40C ft=1 fh=c71c001131ef779a vn="Variante von Win32/Adware.ConvertAd.AEX Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\yhigjdthrhplyazpbostucnguumvbpif\qnsxE425.tmp"
sh=FA0E376F07A07228969860985E41A0B3C771840B ft=1 fh=632a91d9111d7d05 vn="Win32/Adware.ConvertAd.AHL Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\yhigjdthrhplyazpbostucnguumvbpif\Uninstall.exe"
sh=C9AB37D07D289B7E2667D43CD081F93489D54CBE ft=1 fh=ce231fb71a269152 vn="Variante von MSIL/Adware.CsdiMonetize.E Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files\27HBITBKNS\DPJKEVKUO.exe"
sh=C9AB37D07D289B7E2667D43CD081F93489D54CBE ft=1 fh=ce231fb71a269152 vn="Variante von MSIL/Adware.CsdiMonetize.E Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files\V26YJC5Z3M\FU0ZRF7KW.exe"
sh=C8AC87A166CCC117D416FF561D894E27B489BDFA ft=1 fh=936a7a2cd7fbd029 vn="Variante von Win32/Adware.ConvertAd.AJQ.gen Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\ASPackage.exe"
sh=B90CA46D41C734DDFF2F91B9A1533C743A73A640 ft=1 fh=4aab14b3f1f9d23b vn="Variante von Win32/Adware.ConvertAd.AJI Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\kns7B86.tmp"
sh=57FAC918811D94BC22A9E92DF4E08B9FFE999490 ft=1 fh=1d84a27474ee6cd7 vn="Variante von Win32/Adware.ConvertAd.AJW Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\pro827B.tmp"
sh=41476EDCD80C118767310827E004219378B513C7 ft=1 fh=9ac28d7bf91eb5b1 vn="Win32/Adware.Agent.NRR Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\Uninstall.exe"
sh=8624204EC66C789071D322FADE3C2AE50A351943 ft=1 fh=5508d4898880be9a vn="Variante von Win32/Adware.SoSoEasy.B Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Toheshphfeied\ankVrf.dll"
sh=E3DED65A7361CE35C87F6047A56936058BA6E809 ft=1 fh=7f068463138f6510 vn="Variante von Win32/Adware.ELEX.CX Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Toheshphfeied\CrashReport.dll"
sh=E3602BF71E537C74E21373B5341A6112161000ED ft=1 fh=af4d8a987d155a57 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Windows\System32\BIT93F.tmp.xBAD"
sh=E3602BF71E537C74E21373B5341A6112161000ED ft=1 fh=af4d8a987d155a57 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Windows\System32\BITF6B1.tmp.xBAD"
sh=0750A5F94ED01472BF93E967AA3741A6A211D1BB ft=1 fh=ee192f248eaf3af7 vn="Variante von Win32/Adware.SoSoEasy.B Anwendung" ac=I fn="C:\Program Files (x86)\CDBurnerXP\MozillaThunderbirdCDBurnerXP.dll"
sh=BE11679F2FF9521AF65A53467856CD6B1E8BBBF5 ft=1 fh=64a3ccb09a073845 vn="Variante von Win32/Adware.SoSoEasy.B Anwendung" ac=I fn="C:\Program Files (x86)\epson\Overwolfepson.dll"
sh=BE11679F2FF9521AF65A53467856CD6B1E8BBBF5 ft=1 fh=64a3ccb09a073845 vn="Variante von Win32/Adware.SoSoEasy.B Anwendung" ac=I fn="C:\Program Files (x86)\VideoLAN\SteamVideoLAN.dll"
sh=C8AC87A166CCC117D416FF561D894E27B489BDFA ft=1 fh=936a7a2cd7fbd029 vn="Variante von Win32/Adware.ConvertAd.AJQ.gen Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\ASIns[1].exe"
sh=E5FC976B7C9D05517AFB830FB363D0655328E714 ft=1 fh=4c5b176335541c34 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\brastub6abb_trmbl_inst[1].exe"
sh=616FAD6D9761FC49B9ECB4B60AAB899F9EAC5A22 ft=1 fh=47ed0115368f79b9 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\brastub6ab_ftptn_inst[1].exe"
sh=7BF3DDDAB0180AF831534ED2EF434ADB899B55B9 ft=1 fh=9776102d408049fe vn="Variante von Win32/SpeedBit.AX eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\BrowserAirInst[1].exe"
sh=F63A852265F1191A29CEF1B1CC76FE4A88EB5EC4 ft=1 fh=c891b7f5960de1f0 vn="Variante von Win32/Adware.ConvertAd.AJW Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\dbwAhq[1].exe"
sh=9F650F399F426203134E0ED53BF37F438E8230BD ft=1 fh=2ea14636b02cec86 vn="Variante von MSIL/Adware.Imali.E Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\FinalInstaller_dotnet4[1].exe"
sh=736BBCE17AE2325B70E9CF256350D2B4626D1A79 ft=1 fh=a60b3d97b7a5fae6 vn="Variante von Win32/Adware.ELEX.EF Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\fss_zt[1].exe"
sh=C9674AF81DEFF97C2160158D5AACB136EEDE141E ft=1 fh=bc41d3b7005eef91 vn="Variante von MSIL/Adware.Imali.C Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\SilentInstaller_dotnet4[1].exe"
sh=7BF3DDDAB0180AF831534ED2EF434ADB899B55B9 ft=1 fh=9776102d408049fe vn="Variante von Win32/SpeedBit.AX eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\CAIAJ8IO\BrowserAir48Inst[2].exe"
sh=EA2CF0086C5DCA9746389E8F88B2ADB35AD51822 ft=1 fh=72257161793ef513 vn="Variante von Win32/Packed.NSISmod.AG verdächtige Datei" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\CAIAJ8IO\FixIt[1].exe"
sh=44642EF99565982D6AEBE7FA4D6C208BDC3DB08E ft=1 fh=e602273ad3e0e2d4 vn="Variante von Win32/Adware.ConvertAd.AJI Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\CAIAJ8IO\fueoP[1].exe"
sh=634A3A3ADFB0CFB08DDAE30CFAF8DCC9C4183682 ft=1 fh=cd0cb3fb12144371 vn="Variante von Win32/Adware.ConvertAd.AJQ.gen Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\CAIAJ8IO\yrPWp7n[1].exe"
sh=4FBC3896FFC3039E7E6D8C653392E911C5ACB338 ft=1 fh=39f78b08c8f9d663 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\UAXTQDE5\brastub6abb_trmbl_inst[1].exe"
sh=BE6D399053D989FB88497429BFDFB75D4273233D ft=1 fh=ab84becea3f36a61 vn="Variante von Win32/Packed.NSISmod.AE verdächtige Datei" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\UAXTQDE5\WBE_crypted_bundle_11.12.1.240.release[1].exe"
sh=6928922663BA69593D1F6B86D03E2F2725BE8CC3 ft=1 fh=fe9a2522552b76c0 vn="Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung" ac=I fn="F:\Downloads\11CT2776682_BrotherSoft_Extreme.exe"
sh=EDE0C0AB0A1D853FB47223B95B3C50B8758A9A55 ft=1 fh=6978c99c3b124e09 vn="Variante von Win32/KingSoft.D eventuell unerwünschte Anwendung" ac=I fn="F:\20.09\Downloads\writer_free.exe"
Code:
Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 111
Java version 32-bit out of Date!
Adobe Flash Player 23.0.0.162
Mozilla Thunderbird (45.6.0)
Google Chrome (55.0.2883.87)
Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
|
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
SecurityCheck und:
dann auf 
und dann auf 
. 