Lieber Schrauber, hier sind alle Logfiles. Deine Hilfe ist wirklich klasse :)
MBAM: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 04.08.2015
Suchlaufzeit: 14:06
Protokolldatei: mbam.txt
Administrator: Ja
Version: 2.1.8.1057
Malware-Datenbank: v2015.08.04.03
Rootkit-Datenbank: v2015.08.03.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: *****
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 386418
Abgelaufene Zeit: 30 Min., 20 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 1
PUP.Optional.RGMUpdater.A, C:\Users\*****\AppData\Local\RGMService\RGMUpdater.exe, 2644, Löschen bei Neustart, [dff414f0f596d85e1c2d3aef39ca0ff1]
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 45
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass, In Quarantäne, [e6ed20e4ccbff343bc33eb67af5411ef],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass.1, In Quarantäne, [28abb54f1378cb6bb23d3121ce351de3],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0D6231EE-339E-4E61-9A43-BF166ED9FFCC}, In Quarantäne, [b51ea65e563578be5bede4bb8e7629d7],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86C4B838-8A72-4E5B-9502-981DFB34E3FF}, In Quarantäne, [538020e4a8e335015aefbce3e91b8a76],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0023C9E-77D0-42C5-A130-CBD60F1D5EB6}, In Quarantäne, [716260a444472d098ebca0ff7d87619f],
PUP.Optional.RollAround.A, HKLM\SOFTWARE\WOW6432NODE\RollAround, In Quarantäne, [805381832566ea4c038170af04ffe020],
Adware.SmartBar, HKLM\SOFTWARE\WOW6432NODE\Smartbar, In Quarantäne, [7d5607fd1d6ead8909fe915dcf34946c],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass, In Quarantäne, [60735ca89bf0b482fff02e24ab58df21],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass.1, In Quarantäne, [617256aeb7d43402bc3354fe3dc616ea],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0D6231EE-339E-4E61-9A43-BF166ED9FFCC}, In Quarantäne, [f3e056ae513a64d201474a555fa54cb4],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86C4B838-8A72-4E5B-9502-981DFB34E3FF}, In Quarantäne, [6073877dc2c9f93d1534faa5e61e3ec2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0023C9E-77D0-42C5-A130-CBD60F1D5EB6}, In Quarantäne, [8a4921e3107b6cca2624dfc0857f9e62],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, In Quarantäne, [4093a75d701b88aea6206924ef1535cb],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, In Quarantäne, [5c77de265734cf67a81fe2ab2cd8d52b],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=3, In Quarantäne, [05ce32d2fc8f8da969df1d0ba75c42be],
PUP.Optional.PriceMeter.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=9, In Quarantäne, [5a79857f5635e74fc78114149d668b75],
PUP.Optional.RGMUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RGMUpdater, In Quarantäne, [dff414f0f596d85e1c2d3aef39ca0ff1],
PUP.Optional.PriceMeter.A, HKU\S-1-5-18\SOFTWARE\PriceMeterLiveUpdate, In Quarantäne, [646ffb09c1cafa3c98b13eeafa09b947],
PUP.Optional.PriceMeter.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\PriceMeter, In Quarantäne, [32a1e420d8b35cdae11189c9cd36e21e],
PUP.Optional.PriceMeter.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\PriceMeterLiveUpdate, In Quarantäne, [567d25df9eed79bd98b1cb5d1de652ae],
PUP.Optional.RGMUpdater.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\RGMService, In Quarantäne, [efe4a95bed9e9c9ac3889e8bb74cfd03],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0D6231EE-339E-4E61-9A43-BF166ED9FFCC}, In Quarantäne, [02d1768e5932a29414311a857e86ab55],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11657F3A-28B4-4FC6-A5B7-2533253121DF}, In Quarantäne, [8152ec18d7b439fda3a4237ca262837d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{16164737-1155-4AFF-B75B-4DE69E396D5B}, In Quarantäne, [ffd4b94b2f5c1422c87f237cc044a858],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1E5BC901-7BD2-4BF3-9E6F-B222F269BDD0}, In Quarantäne, [f3e0a16304876cca3016e6b9a46006fa],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F098944-BE8F-469E-B4F5-51CCB18A9AB2}, In Quarantäne, [8a4914f0c9c29a9c3d09e1be877d40c0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{595FDBBB-61FC-411B-A877-79BAF06F73DC}, In Quarantäne, [9043f212018aaa8c81c5237c0103c53b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EB09BF6-5932-4AB7-BB19-C65727FA3BE7}, In Quarantäne, [1bb8c4401a71e3539babbce329db768a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6EB01D42-1B53-4670-8CA6-AFA1C769B7C7}, In Quarantäne, [9d368b7997f4db5b58ee554a15ef9868],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{76428FBB-3F9E-49DB-89B6-40EBB9FC1E42}, In Quarantäne, [9241da2abecd0630e661445b0301a55b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77DC45E3-E7CF-4155-9744-2352A1B85636}, In Quarantäne, [d2017d879deefa3c1e29722d3ec6619f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86C4B838-8A72-4E5B-9502-981DFB34E3FF}, In Quarantäne, [9f34cf35c2c9a88e66e0504f11f328d8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B88C850-C938-4B1E-9A32-81656F74D354}, In Quarantäne, [d4ff1ee6f39862d488bf8d12d43020e0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95CF049E-A18B-4E72-854A-47B27EE7E15E}, In Quarantäne, [6d66b94bacdf989e7fc799060202946c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1A6A6A8-221C-4C40-89BA-D45E781E47D9}, In Quarantäne, [ece7f60ecfbc2d09eb5c3e61fd07a759],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3E8286D-97D4-4A6F-A0C6-C1BB2197F0C2}, In Quarantäne, [51824fb5810a8babe660efb00afa39c7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B5D854D4-93B8-4348-9AF2-BDCF55F4A577}, In Quarantäne, [be1524e0ccbf38fe48fef2add62ec33d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B6BA199F-609A-42E0-8BD1-E95A6498BD66}, In Quarantäne, [fdd645bfa9e270c6c087762949bbd32d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BB0D7951-D7EB-49D6-89B6-64925C18A513}, In Quarantäne, [0ec5e4206b2070c6d96d683726de7b85],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C26C76D1-FFF0-4638-9DBC-225EBE9E7539}, In Quarantäne, [14bf49bb7318d75f4cfa910e7490ca36],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C9DEBD17-6164-43BC-A77D-5052D1CB7F17}, In Quarantäne, [2fa409fbc1ca1d19d077b6e9f4108d73],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CFCF0822-929B-41DB-BE68-DC7BA8CDD4BD}, In Quarantäne, [a23114f0711ae74fb3930798966e659b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA0D2AC6-AFB1-459E-A7E7-7DE2EC8CE72C}, In Quarantäne, [4291a163addecd695ee87e21030145bb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DDF4EEEB-518A-4126-8266-5984119B1E7A}, In Quarantäne, [2ea5877d464542f4e85e0f90db298b75],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0023C9E-77D0-42C5-A130-CBD60F1D5EB6}, In Quarantäne, [745fa064454656e0c4837827c73dc43c],
Registrierungswerte: 32
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0d6231ee-339e-4e61-9a43-bf166ed9ffcc}|AppName, Radio Canyon-bg.exe, In Quarantäne, [b51ea65e563578be5bede4bb8e7629d7]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86c4b838-8a72-4e5b-9502-981dfb34e3ff}|AppName, Radio Canyon-buttonutil.exe, In Quarantäne, [538020e4a8e335015aefbce3e91b8a76]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e0023c9e-77d0-42c5-a130-cbd60f1d5eb6}|AppName, Radio Canyon-codedownloader.exe, In Quarantäne, [716260a444472d098ebca0ff7d87619f]
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [6172f70d8902a5918020a29601029769]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0d6231ee-339e-4e61-9a43-bf166ed9ffcc}|AppName, Radio Canyon-bg.exe, In Quarantäne, [f3e056ae513a64d201474a555fa54cb4]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86c4b838-8a72-4e5b-9502-981dfb34e3ff}|AppName, Radio Canyon-buttonutil.exe, In Quarantäne, [6073877dc2c9f93d1534faa5e61e3ec2]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e0023c9e-77d0-42c5-a130-cbd60f1d5eb6}|AppName, Radio Canyon-codedownloader.exe, In Quarantäne, [8a4921e3107b6cca2624dfc0857f9e62]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In Quarantäne, [577c74905239bf77366a62d6bb48c33d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0d6231ee-339e-4e61-9a43-bf166ed9ffcc}|AppName, Radio Canyon-bg.exe, In Quarantäne, [02d1768e5932a29414311a857e86ab55]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{11657F3A-28B4-4FC6-A5B7-2533253121DF}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-codedownloader.exe, In Quarantäne, [8152ec18d7b439fda3a4237ca262837d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{16164737-1155-4AFF-B75B-4DE69E396D5B}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-codedownloader.exe, In Quarantäne, [ffd4b94b2f5c1422c87f237cc044a858]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1E5BC901-7BD2-4BF3-9E6F-B222F269BDD0}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [f3e0a16304876cca3016e6b9a46006fa]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3F098944-BE8F-469E-B4F5-51CCB18A9AB2}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [8a4914f0c9c29a9c3d09e1be877d40c0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{595FDBBB-61FC-411B-A877-79BAF06F73DC}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [9043f212018aaa8c81c5237c0103c53b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EB09BF6-5932-4AB7-BB19-C65727FA3BE7}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [1bb8c4401a71e3539babbce329db768a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6EB01D42-1B53-4670-8CA6-AFA1C769B7C7}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [9d368b7997f4db5b58ee554a15ef9868]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{76428FBB-3F9E-49DB-89B6-40EBB9FC1E42}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-codedownloader.exe, In Quarantäne, [9241da2abecd0630e661445b0301a55b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77DC45E3-E7CF-4155-9744-2352A1B85636}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-codedownloader.exe, In Quarantäne, [d2017d879deefa3c1e29722d3ec6619f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86c4b838-8a72-4e5b-9502-981dfb34e3ff}|AppName, Radio Canyon-buttonutil.exe, In Quarantäne, [9f34cf35c2c9a88e66e0504f11f328d8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B88C850-C938-4B1E-9A32-81656F74D354}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-codedownloader.exe, In Quarantäne, [d4ff1ee6f39862d488bf8d12d43020e0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95CF049E-A18B-4E72-854A-47B27EE7E15E}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [6d66b94bacdf989e7fc799060202946c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1A6A6A8-221C-4C40-89BA-D45E781E47D9}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-codedownloader.exe, In Quarantäne, [ece7f60ecfbc2d09eb5c3e61fd07a759]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A3E8286D-97D4-4A6F-A0C6-C1BB2197F0C2}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [51824fb5810a8babe660efb00afa39c7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B5D854D4-93B8-4348-9AF2-BDCF55F4A577}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [be1524e0ccbf38fe48fef2add62ec33d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B6BA199F-609A-42E0-8BD1-E95A6498BD66}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-codedownloader.exe, In Quarantäne, [fdd645bfa9e270c6c087762949bbd32d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BB0D7951-D7EB-49D6-89B6-64925C18A513}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [0ec5e4206b2070c6d96d683726de7b85]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C26C76D1-FFF0-4638-9DBC-225EBE9E7539}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [14bf49bb7318d75f4cfa910e7490ca36]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C9DEBD17-6164-43BC-A77D-5052D1CB7F17}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-codedownloader.exe, In Quarantäne, [2fa409fbc1ca1d19d077b6e9f4108d73]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CFCF0822-929B-41DB-BE68-DC7BA8CDD4BD}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [a23114f0711ae74fb3930798966e659b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA0D2AC6-AFB1-459E-A7E7-7DE2EC8CE72C}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [4291a163addecd695ee87e21030145bb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DDF4EEEB-518A-4126-8266-5984119B1E7A}|AppName, 455afca5-26ca-45b2-84e5-d2fd635e48b0-2.exe-buttonutil.exe, In Quarantäne, [2ea5877d464542f4e85e0f90db298b75]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e0023c9e-77d0-42c5-a130-cbd60f1d5eb6}|AppName, Radio Canyon-codedownloader.exe, In Quarantäne, [745fa064454656e0c4837827c73dc43c]
Registrierungsdaten: 6
PUP.Optional.HelperBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}),Ersetzt,[993acd376d1e39fd28f7c37b26dfb54b]
PUP.Optional.HelperBar.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}),Ersetzt,[d201b4501f6c15217da3f8462ed7a35d]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtJ3gILTS72qyIqtNrYISgKIjEhVWUGi2nzZ2-aAe3n2BGPVycHg5eXxHC9qnrdbhBghcEC8gUGruIxF2qNDBP0FNoA_bHa3g,,, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtJ3gILTS72qyIqtNrYISgKIjEhVWUGi2nzZ2-aAe3n2BGPVycHg5eXxHC9qnrdbhBghcEC8gUGruIxF2qNDBP0FNoA_bHa3g,,),Ersetzt,[17bc36ce5d2ed264b071fb4317ee847c]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}),Ersetzt,[805360a4addee155dc47e8569e6752ae]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}),Ersetzt,[0ac9f4103e4df343899a54ea719440c0]
PUP.Optional.HelperBar.A, HKU\S-1-5-21-3953084721-4149993371-4048356371-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StMBGUhCtXlT7G1muS_BRDXuH_N6QVFdlkuDDcdAb4E14yOyN2v4NyMz_CcRF8kjjj-tqIk9z_h7A2xrBMlXAohzjYmDjX4zIAwRAS2KtFs4dStiUDBHivlSAWIKsyhJHUgA3TpmLfmo4yDHxQxCcAapuO7PVumHyxW7iTr0PSYCut9XJlmuIboEBlm7dsPo2L7v8pQw,,&q={searchTerms}),Ersetzt,[943f768e7318ce68002061ddec1910f0]
Ordner: 25
PUP.Optional.OpenCandy, C:\Users\*****\AppData\Roaming\OpenCandy, In Quarantäne, [577c35cf1576fc3a24964f8e2cd64cb4],
PUP.Optional.OpenCandy, C:\Users\*****\AppData\Roaming\OpenCandy\53E4E9988B0F444E9F2004898BE89823, In Quarantäne, [577c35cf1576fc3a24964f8e2cd64cb4],
PUP.Optional.OpenCandy, C:\Users\*****\AppData\Roaming\OpenCandy\B466ED95AA9442DCB1E4722D1311E659, In Quarantäne, [577c35cf1576fc3a24964f8e2cd64cb4],
PUP.Optional.PriceMeter.A, C:\Users\*****\AppData\Local\PriceMeter, In Quarantäne, [ad26a85cd3b8e65088dc4a99b25054ac],
PUP.Optional.OnlySearch, C:\Users\*****\AppData\Local\onlysearch, In Quarantäne, [1cb77b89335865d14ae5ce2858aaf20e],
PUP.Optional.OnlySearch, C:\Users\*****\AppData\Local\onlysearch\onlysearch, In Quarantäne, [1cb77b89335865d14ae5ce2858aaf20e],
PUP.Optional.OnlySearch, C:\Users\*****\AppData\Local\onlysearch\onlysearch\1.3.12.9, In Quarantäne, [1cb77b89335865d14ae5ce2858aaf20e],
PUP.Optional.RadioCanyon.A, C:\Users\*****\AppData\LocalLow\Radio Canyon, In Quarantäne, [fdd6e321662578befbf6de1cef13d927],
PUP.Optional.PriceMeter.A, C:\Users\*****\AppData\Local\PriceMeterLiveUpdate, In Quarantäne, [8d469d67d7b43ff714a9d42e867d8779],
PUP.Optional.PriceMeter.A, C:\Users\*****\AppData\Local\PriceMeterLiveUpdate\CrashReports, In Quarantäne, [8d469d67d7b43ff714a9d42e867d8779],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\DE, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.Delta.ShrtCln, C:\Users\*****\AppData\LocalLow\Delta\delta, In Quarantäne, [3d96699b2c5f46f09b2194777093956b],
Dateien: 67
PUP.Optional.Babylon.A, C:\Users\*****\AppData\Roaming\OpenCandy\B466ED95AA9442DCB1E4722D1311E659\DeltaTB.exe, In Quarantäne, [18bb16ee1d6e51e54bf9b0372bd5d828],
PUP.Optional.PriceMeter.A, C:\Users\*****\AppData\Roaming\RHEng\27A5E098BA0441FB89A5B4FA09CE0969\pm.exe, In Quarantäne, [399a0301cebd6dc9551486992bd68e72],
PUP.Optional.PriceMeter.A, C:\Users\*****\AppData\Local\PriceMeter\pricemeterd.exe, In Quarantäne, [e4efb1537615290dd79501205ea3ea16],
PUP.Optional.SmartBar.A, C:\Users\*****\AppData\Local\RGMService\qtrtk.dll, In Quarantäne, [30a3ef157417999d9b4c4412758b2bd5],
Adware.Linkular, C:\Users\*****\AppData\Local\RGMService\jrimov\zrgde.dll, In Quarantäne, [e9eae91b95f62d09652647dc9c6957a9],
PUP.Optional.SnapDo.A, C:\Windows\Installer\1097eda.msi, In Quarantäne, [dcf72cd8395241f514f659d354ad43bd],
PUP.Optional.VeriStaff, C:\Windows\Installer\1097ee0.msi, In Quarantäne, [61721de7eba0c76f32668ab5f709ed13],
PUP.Optional.BProtector.A, C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\2xjsixb8.default\bProtector_extensions.rdf, In Quarantäne, [8350fb09acdf78be3673da3cc43f728e],
PUP.Optional.BProtector.A, C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\2xjsixb8.default\bProtector_extensions.sqlite, In Quarantäne, [6c6754b03358c076f3b633e3a261f907],
PUP.Optional.BProtector.A, C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\2xjsixb8.default\bprotector_prefs.js, In Quarantäne, [a033ce36c4c7de58c3e66caa7b88758b],
PUP.Optional.RGMUpdater.A, C:\Users\*****\AppData\Local\RGMService\RGMUpdater.exe, Löschen bei Neustart, [dff414f0f596d85e1c2d3aef39ca0ff1],
PUP.Optional.OpenCandy, C:\Users\*****\AppData\Roaming\OpenCandy\53E4E9988B0F444E9F2004898BE89823\TuneUpUtilities2013-2200217_de-DE.exe, In Quarantäne, [577c35cf1576fc3a24964f8e2cd64cb4],
PUP.Optional.PriceMeter.A, C:\Users\*****\AppData\Local\PriceMeter\icon.ico, In Quarantäne, [ad26a85cd3b8e65088dc4a99b25054ac],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\BG\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\CZ\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\EN\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\ES\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\FR\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\HE\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\IT\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\RU\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\SK\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\Configuration.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\OptionDlg.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\RegionalSettings.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\ProgramData\ICQ\ICQToolbar\XML\TR\UserInterface.xml, In Quarantäne, [ddf62bd9b2d976c0e66414f32dd66e92],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\config.xml, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\Icons.bmp, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\icq6Toolbar.ico, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ICQUnToolbar.exe, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\logo_small.gif, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\ServiceStarter.exe, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\short.wav, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
PUP.Optional.ICQToolbar.A, C:\Program Files (x86)\ICQ6Toolbar\Version.txt, In Quarantäne, [23b0bd4763280333fb50c74005fefc04],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) AdwCleaner: Code:
# AdwCleaner v4.208 - Bericht erstellt 04/08/2015 um 16:31:39
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-01.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : ***** - *****-VAIO
# Gestarted von : C:\Users\*****\Desktop\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : Application Hosting
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Application Hosting
Ordner Gelöscht : C:\Program Files (x86)\ProductUI
Ordner Gelöscht : C:\Users\*****\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\*****\AppData\Local\RGMService
Ordner Gelöscht : C:\Users\*****\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\RHEng
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMeter
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\2xjsixb8.default\invalidprefs.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\5353db8bbc69b946
Schlüssel Gelöscht : HKLM\SOFTWARE\5353db8bbc69b946
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{45F8961E-1314-421E-9F00-BDDE18CF8EA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5B60D1C0-453A-485D-AE91-61FAC9203719}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22E9CC7A-04B2-4558-A993-763395274E42}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{506DDB16-455A-4746-AD77-D23228955FD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30D1E30D-B7F5-4C7A-8EDA-9F02966538A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89449F37-4AB2-46ED-A566-BB3A7797701B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{22E9CC7A-04B2-4558-A993-763395274E42}
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\safefinder.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.safefinder.com
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17909
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
-\\ Mozilla Firefox v39.0 (x86 de)
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.engineVerified", false);
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options");
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.history", "nokia%20ovi%20suitnokia%20ovi%20mapsikea%20spacemakerscout24uni%20bonnnokia%20c6%20produktinformationennokia%20c6uni%20lageplan%20bonnuniplan%20bonnp[...]
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.installTime", "1282575072");
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.newtab_state", "1");
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.previousFFVersion", "3.6.10");
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.suggestions", false);
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.uninstStatSent", true);
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.uniqueID", "128239418612823943331282575072451");
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1285679930);
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[2xjsixb8.default\prefs.js] - Zeile Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
-\\ Google Chrome v
*************************
AdwCleaner[R0].txt - [7110 Bytes] - [04/08/2015 16:29:53]
AdwCleaner[S0].txt - [6868 Bytes] - [04/08/2015 16:31:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6927 Bytes] ########## Junkware Removal Tool: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by ***** on 04.08.2015 at 16:46:08,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
Successfully deleted: [File] C:\Windows\SysWOW64\sho34F3.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho5CEA.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6973.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho85DE.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoC5EF.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoCB18.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoD860.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoD92C.tmp
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\*****\AppData\Roaming\productdata
~~~ FireFox
Successfully deleted the following from C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\2xjsixb8.default\prefs.js
user_pref(extensions.delta.admin, false);
user_pref(extensions.delta.aflt, babsst);
user_pref(extensions.delta.appId, {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3});
user_pref(extensions.delta.autoRvrt, false);
user_pref(extensions.delta.dfltLng, de);
user_pref(extensions.delta.excTlbr, false);
user_pref(extensions.delta.ffxUnstlRst, true);
user_pref(extensions.delta.id, 8e5b8ee70000000000007edd08d0d08b);
user_pref(extensions.delta.instlDay, 15898);
user_pref(extensions.delta.instlRef, sst);
user_pref(extensions.delta.newTab, false);
user_pref(extensions.delta.prdct, delta);
user_pref(extensions.delta.prtnrId, delta);
user_pref(extensions.delta.rvrt, false);
user_pref(extensions.delta.smplGrp, none);
user_pref(extensions.delta.tlbrId, base);
user_pref(extensions.delta.tlbrSrchUrl, );
user_pref(extensions.delta.vrsn, 1.8.21.5);
user_pref(extensions.delta.vrsnTs, 1.8.21.513:09:42);
user_pref(extensions.delta.vrsni, 1.8.21.5);
user_pref(extensions.delta_i.babExt, );
user_pref(extensions.delta_i.babTrack, affID=121563&tsp=4941);
user_pref(extensions.delta_i.srcExt, ss);
Emptied folder: C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\2xjsixb8.default\minidumps [440 files]
~~~ Chrome
[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\*****\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.08.2015 at 16:55:25,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |