Microsoft Security Essentials übersieht Malware WAJAM nicht

Peinliche Vorfälle für Hersteller von Virenscannern. Der Scanner bemerkt nicht, dass ein Virus auf dem PC ist. Wir schon!
Antworten
Benutzeravatar
Ralf
Inhaber HS
Beiträge: 10812
Registriert: 13.08.2005, 15:23

Microsoft Security Essentials übersieht Malware WAJAM nicht

Beitrag von Ralf » 14.04.2014, 16:44

Hallo,

ich hatte heuet einen Anruf von unseren Kunden Herr Parr (KD 18850).
Er hat eine Lizenz von DVR-Studio HD3 und das Programm lies sich nicht mehr starten, weil es keine Verbindung zu unserem Server aufbauen konnte.

Der Grund war nach einer Überprüfung seines PCs schnell gefunden:
Die Schadsoftware Wajam hatte alle SSL Aufrufe auf das eigene Zertifikat umgebogen.

Das hatte zu Folge, dass unser DVR-Studio HD3 keine Kontaktaufnahme zu unseren eigenen Server machen konnte. Der Programmstart wird in dem Fall einfach abgebrochen.

Diesen Test kann auch jeder von Euch machen:
Geht auf http://www.Haenlein-Software.com in den Online-Shop und ruft dort die Info zu dem Zertifikat der Website auf.
Es sollte das zurück kommen:
Bild

GeoTrust ist der Herausgeber unseres Zertifikats.

Unsere Produkte prüfen unsere Zertifikat auf seine Gültigkeit, bevor sie eine Verbindung zu dieser Seite zulassen.

HINWEIS: Es können auch andere Herausgeber für das Zertifikat ausgegeben werden. Das muss kein Fehler sein, denn auch Virenscanner schalten sich dazwischen und melden Ihr Zertifikat auch Herausgeber des Zertifikats. Solange die Scanner dabei nicht die Antwort zum Programm "verbiegen" wird DVR-Studio HD3 auch normal verwendbar sein.

Auf dem PC von Herrn Parr kam aber die Meldung, dass unser Zertifikat von Wajam ausgestellt sei.
Googelt mal nach Wajam kommt das raus:
Bild

Herr Parr hatte auf seinem PC den Virenscanner Microsoft Security Essentials im Einsatz. Nach seiner Aussage hatte er davor auch schon G-Data verwendet und nie eine Sicherheitswarnung bekommen.

Auf meinen Hinweis hin hat Herr Parr seinen PC mit einem Testtool untersuchen lassen.
Dabei wurde neben einigen anderen auch die Malware PUP.Optional.Wajam.A gefunden.


Die anderen gefundenen Malware Programme, kann sich jeder auch bei Google anzeigen lassen.

FAKT IST: Wir haben erneut Viren auf einem Kunden-PC mit DVR-Studio HD3 enttarnt.

Das peinliche dabei ist: Jeder Virenscanner könnte das eigentlich auch!

Es geht ganz einfach:
:arrow: Jeder Hersteller eines Virenscanners hat für seine eigene Website auch ein Sicherheitszertifikat.
:arrow: Beim Start des PCs wird auch der Virenscanner gestartet.
:arrow: Die erste Aktion des Scanners ist das Zertifikat seiner eigenen Homepage zu prüfen
:arrow: Kommst ein fremdes Zertifikat als Antwort, schlägt er Alarm und der Benutzer ist gewarnt.

Vorteil: Auf diese Weise würde auch sofort ein noch völlig neuer und unbekannter Virus enttarnt, denn ein Virus könnte nicht ein Zertifikat nachbilden.


Würden die Hersteller diese wirklich einfache Überprüfung machen, so wäre unserem Kunden Herrn Parr dieses Suchergebnis erspart geblieben:
Malwarebytes Anti-Malware
http://www.malwarebytes.org

Scan Date: 14.04.2014
Scan Time: 14:24:16
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.14.04
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Detlef

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 523151
Time Elapsed: 10 min, 34 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe, 3464, , [81bb48e23e3d1f1711f24367f31051af]

Modules: 0
(No malicious items detected)

Registry Keys: 136
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\APPID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}, , [25175fcb057674c263ca60ea0df518e8],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.Update3COMClassService, , [25175fcb057674c263ca60ea0df518e8],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.Update3COMClassService.1.0, , [25175fcb057674c263ca60ea0df518e8],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.Update3COMClassService, , [25175fcb057674c263ca60ea0df518e8],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.Update3COMClassService.1.0, , [25175fcb057674c263ca60ea0df518e8],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}, , [25175fcb057674c263ca60ea0df518e8],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9EA8702C-EEDB-4731-BE68-E9A167DD3597}, , [25175fcb057674c263ca60ea0df518e8],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [aa92af7bb1caf244087965e37c869967],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [aa92af7bb1caf244087965e37c869967],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\APPID\{D34F391D-4CB7-467F-A543-F583857C63B0}, , [75c7ee3c18630a2cb47d56f4887a7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc, , [75c7ee3c18630a2cb47d56f4887a7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0, , [75c7ee3c18630a2cb47d56f4887a7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc, , [75c7ee3c18630a2cb47d56f4887a7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassSvc.1.0, , [75c7ee3c18630a2cb47d56f4887a7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D34F391D-4CB7-467F-A543-F583857C63B0}, , [75c7ee3c18630a2cb47d56f4887a7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D34F391D-4CB7-467F-A543-F583857C63B0}, , [75c7ee3c18630a2cb47d56f4887a7a86],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, , [98a4df4bf487082e14473811d52d8b75],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, , [98a4df4bf487082e14473811d52d8b75],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\CLASSES\IESmartBar.BHO, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\IESmartBar.BHO, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.QuickShare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.QuickShare.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.QuickShare.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.QuickShare.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.QuickShare.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}, , [b7850c1e007ba6909e724ff90bf77090],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{118E1BF6-6279-432F-A285-373A77B90C7A}, , [c17b7caec2b91224ac78d87215ed7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.Update3WebSvc.1.0, , [c17b7caec2b91224ac78d87215ed7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.Update3WebSvc, , [c17b7caec2b91224ac78d87215ed7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.Update3WebSvc, , [c17b7caec2b91224ac78d87215ed7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.Update3WebSvc.1.0, , [c17b7caec2b91224ac78d87215ed7a86],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{806785D0-375F-4C2C-92E3-B8EE65D28E83}, , [b4885cce8deec57180ab7dcd03ffe31d],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A7CF66EF-4F0D-46B1-AF71-A500378D6C34}, , [89b3012995e6f343de50fc4e867c5ca4],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.CoreClass.1, , [89b3012995e6f343de50fc4e867c5ca4],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.CoreClass, , [89b3012995e6f343de50fc4e867c5ca4],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.CoreClass, , [89b3012995e6f343de50fc4e867c5ca4],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.CoreClass.1, , [89b3012995e6f343de50fc4e867c5ca4],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5D79F641-C168-40DF-A32F-BACEA7509E75}, , [9ba11b0fadce5dd9841029e83bc73dc3],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5D79F641-C168-40DF-A32F-BACEA7509E75}, , [9ba11b0fadce5dd9841029e83bc73dc3],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C98D5B61-B0EA-4D48-9839-1079D352D880}, , [ad8ff733b1ca2511f4a314fd8f73d22e],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C98D5B61-B0EA-4D48-9839-1079D352D880}, , [ad8ff733b1ca2511f4a314fd8f73d22e],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}, , [9d9f0b1f611af93d71278e8325dd4cb4],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}, , [9d9f0b1f611af93d71278e8325dd4cb4],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}, , [ed4fb476f7840a2c3aed82c8669cc23e],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLive.OneClickCtrl.9, , [ed4fb476f7840a2c3aed82c8669cc23e],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLive.OneClickCtrl.9, , [ed4fb476f7840a2c3aed82c8669cc23e],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}, , [ed4fb476f7840a2c3aed82c8669cc23e],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{33BAF587-9647-4281-A34F-F4830CDC1B9F}, , [ae8e161477046ec8ec3cef5b0df5f709],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLive.OneClickProcessLauncherMachine, , [ae8e161477046ec8ec3cef5b0df5f709],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0, , [ae8e161477046ec8ec3cef5b0df5f709],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLive.OneClickProcessLauncherMachine, , [ae8e161477046ec8ec3cef5b0df5f709],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLive.OneClickProcessLauncherMachine.1.0, , [ae8e161477046ec8ec3cef5b0df5f709],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C4BEF720-313C-420A-ACF6-77DD95D8F553}, , [a696d852314ac076b17f0347986af60a],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLive.Update3WebControl.3, , [a696d852314ac076b17f0347986af60a],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLive.Update3WebControl.3, , [a696d852314ac076b17f0347986af60a],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C4BEF720-313C-420A-ACF6-77DD95D8F553}, , [a696d852314ac076b17f0347986af60a],
PUP.Optional.InboxToolBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}, , [c8747eac7dfe1125a81bf4553dc57d83],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.CoreMachineClass, , [86b65bcf7902c37396964cfe946e56aa],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.CoreMachineClass.1, , [5fdd5cce4e2da39338f4b19936cc7987],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.CoreMachineClass, , [5fdd5cce4e2da39338f4b19936cc7987],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.CoreMachineClass.1, , [5fdd5cce4e2da39338f4b19936cc7987],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback, , [003cd55585f6f73f8ea11e2c0ff3ca36],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0, , [e4582109ef8cc76f929dd476a260c739],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback, , [e4582109ef8cc76f929dd476a260c739],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassMachineFallback.1.0, , [e4582109ef8cc76f929dd476a260c739],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.CredentialDialogMachine, , [c7752406d5a63501cc67cd7dc14153ad],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0, , [3a02ea40710a91a535fe3911679b3ac6],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.CredentialDialogMachine, , [3a02ea40710a91a535fe3911679b3ac6],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.CredentialDialogMachine.1.0, , [3a02ea40710a91a535fe3911679b3ac6],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.ProcessLauncher, , [df5dd05adf9cd46222030941ba48af51],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.ProcessLauncher.1.0, , [cf6d77b34a31ff37c65fb09a58aae020],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.ProcessLauncher, , [cf6d77b34a31ff37c65fb09a58aae020],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.ProcessLauncher.1.0, , [cf6d77b34a31ff37c65fb09a58aae020],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.Update3WebMachine, , [a79576b485f660d67da93a1032d045bb],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.Update3WebMachine.1.0, , [3b011416b4c762d49690e763837fb947],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.Update3WebMachine, , [3b011416b4c762d49690e763837fb947],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.Update3WebMachine.1.0, , [3b011416b4c762d49690e763837fb947],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine, , [75c741e97902c47284a693b7f70b6799],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0, , [fd3f72b8bfbc8caa53d7ae9ca161ff01],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine, , [fd3f72b8bfbc8caa53d7ae9ca161ff01],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.OnDemandCOMClassMachine.1.0, , [fd3f72b8bfbc8caa53d7ae9ca161ff01],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.CoCreateAsync, , [91abe9417a0165d1171b5eec37cb8d73],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.CoCreateAsync.1.0, , [94a89a901f5c3cfa0f233f0bf30fa55b],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.CoCreateAsync, , [94a89a901f5c3cfa0f233f0bf30fa55b],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.CoCreateAsync.1.0, , [94a89a901f5c3cfa0f233f0bf30fa55b],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.Update3WebMachineFallback, , [6bd1a48688f3261093a2e26857abc33d],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0, , [1a22e5457efdeb4b6cc946049e641ce4],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.Update3WebMachineFallback, , [1a22e5457efdeb4b6cc946049e641ce4],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\BonanzaDealsLiveUpdate.Update3WebMachineFallback.1.0, , [1a22e5457efdeb4b6cc946049e641ce4],
PUP.Optional.ShoppingChip, HKLM\SOFTWARE\CLASSES\ShoppingChip.ShoppingChip, , [4defe9410279b1856e70aaf7c34041bf],
PUP.Optional.ShoppingChip, HKLM\SOFTWARE\CLASSES\ShoppingChip.ShoppingChip.1.1, , [b983e248c7b4023408d6dec3f2117b85],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\CLASSES\APPID\BonanzaDealsLive.exe, , [87b542e83b4001353a0ce0b712f1ef11],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BonanzaDealsLive.exe, , [172584a6a4d79c9a71db851238cb7c84],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\BonanzaDealsLive, , [8bb166c473081c1ab695712614ef718f],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [54e80624ec8f39fd6e6db1c82ed43ec2],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, , [53e99b8f5427b6805eaa44661fe49a66],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\BONANZADEALS, , [f6461317ff7c5fd74cfec5d24cb7827e],
PUP.Optional.ShoppingChip, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShoppingChip.ShoppingChip, , [2517af7b65163501ecf2564b7a89619f],
PUP.Optional.ShoppingChip, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShoppingChip.ShoppingChip.1.1, , [84b8b8722259ba7c5d81f6ab3ac9de22],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\BonanzaDealsLive.exe, , [5fdd4bdf07744ee890b674231ee5ab55],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BonanzaDealsLive.exe, , [4cf079b147340a2c53f9ff983ec5669a],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.bdupdater.com/BonanzaDealsLive Update;version=3, , [3dffff2bdc9f72c49bb27621a1627e82],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.bdupdater.com/BonanzaDealsLive Update;version=9, , [99a352d83744979f75d8019658abfc04],
PUP.Optional.BonanzaDeals.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bonanzadealslive, , [d56757d3c1bab58165e98116c043f709],
PUP.Optional.BonanzaDeals.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\bonanzadealslivem, , [281483a7f18ad5615ef025724eb546ba],
PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Wajam Internet Enhancer Service, , [81bb48e23e3d1f1711f24367f31051af],
PUP.Optional.BonanzaDeals.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BonanzaDealsLive, , [0537b9714635072f5fea6d2ace35b947],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, , [102c6bbf7704350155a1b2dc8182c33d],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , [3309f7335e1d37ffda1b96f841c2a060],
PUP.Optional.LyricsSay.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\LyricsSay-15, , [e45841e99ae153e3cd909004a360ae52],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Plus-HD-1.6, , [db617bafb9c21521486996e531d102fe],
PUP.Optional.SProtector.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SProtector, , [e95368c25f1c26101193d4bd768d9967],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [94a8e446b7c4af870da5a003ca390af6],
PUP.Optional.Babylon.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , [18241d0d3744fe3835cab6d937cc8d73],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER, , [4fedbd6d8af1a195a6630a8656ada25e],
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, , [91abf337e497290d268dbcd918ebc838],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [8cb0e941c4b72e08ac36324661a1bd43],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [4af233f734472610e934cbc47c878977],
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [76c6df4b43385dd9077506975fa429d7],
PUP.Optional.Wajam.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, , [c17b54d62a51db5bdc9d6230f0137c84],
PUP.Optional.AmazonTB.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, , [a79534f677043df9f3c3e0b517ec26da],
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [c97351d9304bee48f785a2fb00033bc5],
PUP.Optional.AmazonTB.A, HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, , [65d73feb0b70a492bcfa296c877ca15f],
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Wajam, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.SearchNewTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],
PUP.Optional.SearchNewTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],
PUP.Optional.SearchNewTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],
PUP.Optional.SearchNewTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],
PUP.Optional.SearchNewTab.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],
PUP.Optional.SearchNewTab.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],
PUP.Optional.SearchNewTab.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],
PUP.Optional.SearchNewTab.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],
PUP.Optional.SearchNewTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],
PUP.Optional.SearchNewTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{F2B5A67E-BFBD-C00A-4CD1-EA3B8ACA167A}, , [81bb9c8e413ab58188f752d27a8abd43],

Registry Values: 6
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\BONANZADEALS|ChromeCrxPath, C:\Program Files (x86)\BonanzaDeals\BonanzaDeals.crx, , [f6461317ff7c5fd74cfec5d24cb7827e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CROSSRIDER|Verifier, 1117b9536de5d03fa3bdfca9a195bec3, , [4fedbd6d8af1a195a6630a8656ada25e]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0O1J1G2R, , [4af233f734472610e934cbc47c878977]
PUP.Optional.LiveSupport, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|LiveSupport, "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log, , [da626bbfb9c2b086bf6c37344cb656aa]
PUP.Optional.Wajam.A, HKU\S-1-5-21-579764356-2390363732-2144586493-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 6334, , [c17b54d62a51db5bdc9d6230f0137c84]
PUP.Optional.LiveSupport, HKU\S-1-5-21-579764356-2390363732-2144586493-1009-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|LiveSupport, "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log, , [58e47eac582393a35bd0115a09f905fb]

Registry Data: 1
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://websearch.searchguru.info/?pid=4 ... E&unqvl=43, Good: (http://www.google.com), Bad: (http://websearch.searchguru.info/?pid=4 ... E&unqvl=43),,[c47870ba3546f04673900f094bb922de]

Folders: 11
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.OpenCandy, C:\Users\Detlef\AppData\Roaming\OpenCandy, , [45f79e8c8deefb3b7ec3a7b457ab837d],
PUP.Optional.OpenCandy, C:\Users\Detlef\AppData\Roaming\OpenCandy\24A158EFC5D64714825F22D8C108C571, , [45f79e8c8deefb3b7ec3a7b457ab837d],
PUP.Optional.OpenCandy, C:\Users\Detlef\AppData\Roaming\OpenCandy\D50B18D973274BBC9EBBD152C885474B, , [45f79e8c8deefb3b7ec3a7b457ab837d],
PUP.Optional.OpenCandy, C:\Users\Detlef\AppData\Roaming\OpenCandy\FBE7496B56C64E5293F25273A3D3B9FC, , [45f79e8c8deefb3b7ec3a7b457ab837d],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam, , [4eee42e8f08b191d457f56068d75d828],

Files: 68
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe, , [81bb48e23e3d1f1711f24367f31051af],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\uninstall.exe, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\amazon.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\argos.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ask.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\bestbuy.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ebay.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\etsy.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\facebook.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\favicon.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\google.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\homedepot.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\ikea.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\imdb.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\lowes.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\mercado.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\mysearchweb.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\myshopping.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\searchresult.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\sears.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\setting.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\settings.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\shopping.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\target.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\tesco.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\tripadvisor.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\twitter.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\wajam.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\walmart.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\wiki.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\yahoo.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Logos\zalando.ico, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\FiddlerCore.dll, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\HtmlAgilityPack.dll, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\makecert.exe, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\Newtonsoft.Json.dll, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.Wajam.A, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, , [cb7104263a416ccaaa66a9b27290e61a],
PUP.Optional.OpenCandy, C:\Users\Detlef\AppData\Roaming\OpenCandy\24A158EFC5D64714825F22D8C108C571\version51030bc4470a0.exe, , [45f79e8c8deefb3b7ec3a7b457ab837d],
PUP.Optional.OpenCandy, C:\Users\Detlef\AppData\Roaming\OpenCandy\D50B18D973274BBC9EBBD152C885474B\4245.ico, , [45f79e8c8deefb3b7ec3a7b457ab837d],
PUP.Optional.OpenCandy, C:\Users\Detlef\AppData\Roaming\OpenCandy\D50B18D973274BBC9EBBD152C885474B\INTERNALWRAPPER.exe, , [45f79e8c8deefb3b7ec3a7b457ab837d],
PUP.Optional.OpenCandy, C:\Users\Detlef\AppData\Roaming\OpenCandy\D50B18D973274BBC9EBBD152C885474B\OCBrowserHelper_1.0.3.85.dll, , [45f79e8c8deefb3b7ec3a7b457ab837d],
PUP.Optional.OpenCandy, C:\Users\Detlef\AppData\Roaming\OpenCandy\FBE7496B56C64E5293F25273A3D3B9FC\DivXInstaller.exe, , [45f79e8c8deefb3b7ec3a7b457ab837d],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Settings.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Facebook.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Twitter.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Wajam Website.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Ask.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Google.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\IMDb.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Shopping.com.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\TripAdvisor.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Wikipedia.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search\Yahoo!.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Amazon.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Argos.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ebay.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Etsy.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\HomeDepot.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Ikea.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Lowe's.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Mercadolivre.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\MyShopping.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Sears.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Target.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Tesco.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Walmart.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping\Zalando.lnk, , [4eee42e8f08b191d457f56068d75d828],
PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam\uninstall.lnk, , [4eee42e8f08b191d457f56068d75d828],

Physical Sectors: 0
(No malicious items detected)
(end)
Herr Parr hat uns das Einverständnis gegeben seine Daten und Namen zu veröffentlichen.
Mit freundlichen Grüßen

Ralf

Gehe zu Facebook...
Über ein “Like” würden wir uns sehr freuen.
Bild
Vadin
Beiträge: 1
Registriert: 22.01.2015, 14:07

Re: Microsoft Security Essentials übersieht Malware WAJAM ni

Beitrag von Vadin » 22.01.2015, 14:09

Wajam ist nicht sehr gefährlich Adware.
Browser Zurücksetzen kann helfen, andere Methoden zu entfernen: http://soft2secure.com/knowledgebase/wajam
Antworten

Zurück zu „Haenlein-Software SSL-PRÜFUNG: TESTEN SIE, OB IHRE SSL VERBINDUNG VERÄNDERT WURDE“