mbam Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 24/08/2014
Suchlauf-Zeit: 15:25:05
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.08.24.02
Rootkit Datenbank: v2014.08.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Robert
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 335288
Verstrichene Zeit: 6 Min, 23 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 115
PUP.Optional.DealPly.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dealplylive, In Quarantäne, [4b17ca002b501d19a0bfaf7a50b10000],
PUP.Optional.DealPly.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\dealplylivem, In Quarantäne, [4b17ca002b501d19a0bfaf7a50b10000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\APPID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}, In Quarantäne, [1a488c3e473450e6fb4e476407fbfd03],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [1a488c3e473450e6fb4e476407fbfd03],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [1a488c3e473450e6fb4e476407fbfd03],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [1a488c3e473450e6fb4e476407fbfd03],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [1a488c3e473450e6fb4e476407fbfd03],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}, In Quarantäne, [1a488c3e473450e6fb4e476407fbfd03],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}, In Quarantäne, [1a488c3e473450e6fb4e476407fbfd03],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [d68c7e4c3447e84e40ae4c5e9072fb05],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [d68c7e4c3447e84e40ae4c5e9072fb05],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\APPID\{F48FC5B2-094A-44C7-B48C-289738C9582D}, In Quarantäne, [441edcee3a41d4622c1ee1ca936f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3COMClassService, In Quarantäne, [441edcee3a41d4622c1ee1ca936f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [441edcee3a41d4622c1ee1ca936f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3COMClassService, In Quarantäne, [441edcee3a41d4622c1ee1ca936f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [441edcee3a41d4622c1ee1ca936f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{F48FC5B2-094A-44C7-B48C-289738C9582D}, In Quarantäne, [441edcee3a41d4622c1ee1ca936f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}, In Quarantäne, [441edcee3a41d4622c1ee1ca936f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}, In Quarantäne, [1f4304c642391f17212ab2f94cb617e9],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [1f4304c642391f17212ab2f94cb617e9],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [1f4304c642391f17212ab2f94cb617e9],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [1f4304c642391f17212ab2f94cb617e9],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [1f4304c642391f17212ab2f94cb617e9],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}, In Quarantäne, [5f039535b9c268cea5a76843d62ced13],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [5f039535b9c268cea5a76843d62ced13],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine, In Quarantäne, [5f039535b9c268cea5a76843d62ced13],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine, In Quarantäne, [5f039535b9c268cea5a76843d62ced13],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [5f039535b9c268cea5a76843d62ced13],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}, In Quarantäne, [30320bbf3c3ff93da1ac0d9e0bf79a66],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [30320bbf3c3ff93da1ac0d9e0bf79a66],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoCreateAsync, In Quarantäne, [30320bbf3c3ff93da1ac0d9e0bf79a66],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoCreateAsync, In Quarantäne, [30320bbf3c3ff93da1ac0d9e0bf79a66],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [30320bbf3c3ff93da1ac0d9e0bf79a66],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}, In Quarantäne, [a6bc5278c9b2d56151fde3c8e31f3ec2],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [a6bc5278c9b2d56151fde3c8e31f3ec2],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback, In Quarantäne, [a6bc5278c9b2d56151fde3c8e31f3ec2],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback, In Quarantäne, [a6bc5278c9b2d56151fde3c8e31f3ec2],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [a6bc5278c9b2d56151fde3c8e31f3ec2],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}, In Quarantäne, [f9690dbd66156bcb7ed1c2e992706997],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreMachineClass.1, In Quarantäne, [f9690dbd66156bcb7ed1c2e992706997],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreMachineClass, In Quarantäne, [f9690dbd66156bcb7ed1c2e992706997],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreMachineClass, In Quarantäne, [f9690dbd66156bcb7ed1c2e992706997],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreMachineClass.1, In Quarantäne, [f9690dbd66156bcb7ed1c2e992706997],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}, In Quarantäne, [f66c12b8f388e84ee967fbb0966c01ff],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [f66c12b8f388e84ee967fbb0966c01ff],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.ProcessLauncher, In Quarantäne, [f66c12b8f388e84ee967fbb0966c01ff],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.ProcessLauncher, In Quarantäne, [f66c12b8f388e84ee967fbb0966c01ff],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [f66c12b8f388e84ee967fbb0966c01ff],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}, In Quarantäne, [bfa33b8f1566e84eb1a0a506b84aa55b],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [bfa33b8f1566e84eb1a0a506b84aa55b],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [bfa33b8f1566e84eb1a0a506b84aa55b],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [bfa33b8f1566e84eb1a0a506b84aa55b],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [bfa33b8f1566e84eb1a0a506b84aa55b],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}, In Quarantäne, [20426e5c5922cb6bba98a10af909a957],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}, In Quarantäne, [20426e5c5922cb6bba98a10af909a957],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLive.OneClickCtrl.9, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.OneClickCtrl.9, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLive.Update3WebControl.3, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.Update3WebControl.3, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}, In Quarantäne, [560cfbcf6a1189ad9cb89318e51d1ce4],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ae48ed75-5a56-4c5f-bbce-6f1ac3875f66}, In Quarantäne, [a4be705a2556a78f804f770160a2639d],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}, In Quarantäne, [a4be705a2556a78f804f770160a2639d],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}, In Quarantäne, [5a0873573e3d8caaa8ad8b20fa08629e],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [5a0873573e3d8caaa8ad8b20fa08629e],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine, In Quarantäne, [5a0873573e3d8caaa8ad8b20fa08629e],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine, In Quarantäne, [5a0873573e3d8caaa8ad8b20fa08629e],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [5a0873573e3d8caaa8ad8b20fa08629e],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C536F080-57B7-46D6-8894-C647553F2889}, In Quarantäne, [5a0873573e3d8caaa8ad8b20fa08629e],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}, In Quarantäne, [f36f804a2457a195b89e9d0e17ebf808],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreClass.1, In Quarantäne, [f36f804a2457a195b89e9d0e17ebf808],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.CoreClass, In Quarantäne, [f36f804a2457a195b89e9d0e17ebf808],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreClass, In Quarantäne, [f36f804a2457a195b89e9d0e17ebf808],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.CoreClass.1, In Quarantäne, [f36f804a2457a195b89e9d0e17ebf808],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}, In Quarantäne, [3d254288f08bed49e5721596f70b12ee],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [3d254288f08bed49e5721596f70b12ee],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebSvc, In Quarantäne, [3d254288f08bed49e5721596f70b12ee],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebSvc, In Quarantäne, [3d254288f08bed49e5721596f70b12ee],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [3d254288f08bed49e5721596f70b12ee],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}, In Quarantäne, [fb67b6146417ab8bef69cedd837f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [fb67b6146417ab8bef69cedd837f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\DealPlyLiveUpdate.Update3WebMachine, In Quarantäne, [fb67b6146417ab8bef69cedd837f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachine, In Quarantäne, [fb67b6146417ab8bef69cedd837f0000],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DealPlyLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [fb67b6146417ab8bef69cedd837f0000],
PUP.Optional.Babylon.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [1b473b8fb2c9f73fbcc0046dbe4415eb],
PUP.Optional.DealPly.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Dealply, In Quarantäne, [4b17a2281c5f181ef167dc4241bf52ae],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0033426.BHO, In Quarantäne, [93cfbd0d5a2181b5af968d60c43ebd43],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0033426.BHO.1, In Quarantäne, [aeb413b7710a72c45de841ac2ad8847c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0033426.Sandbox, In Quarantäne, [c0a21eacd7a4b1854302806d956da858],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0033426.Sandbox.1, In Quarantäne, [8ed49a304437171f5aeb8c6147bb629e],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\CLASSES\APPID\DealPlyLive.exe, In Quarantäne, [2042cdfdef8cf14560c3c26cb64e5aa6],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In Quarantäne, [f36f8a405b205bdb6d473cbd3cc644bc],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DealPly, In Quarantäne, [92d018b2b2c93df93fe8fffc699935cb],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DealPlyLive, In Quarantäne, [81e111b9582337ff6bb9fc327292916f],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\Plus-HD-2.3, In Quarantäne, [e1815773b8c3a492cb796aaf09fa29d7],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0033426.BHO, In Quarantäne, [2939b812f68575c1c77ef0fd738f48b8],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0033426.BHO.1, In Quarantäne, [9ac881499ae154e23f061ad362a0c43c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0033426.Sandbox, In Quarantäne, [aeb463670d6eb08674d1ac4182803ac6],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0033426.Sandbox.1, In Quarantäne, [cc9600ca80fbc27447fe38b5fb07c23e],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\DealPlyLive.exe, In Quarantäne, [40220dbd5a21de587ca7e945d62e47b9],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.dpliveupdate.com/DealPlyLive Update;version=3, In Quarantäne, [92d097330e6de5513ceac569917319e7],
PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.dpliveupdate.com/DealPlyLive Update;version=9, In Quarantäne, [f36fc00acdae5cda55d1bf6f5ba905fb],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, In Quarantäne, [293905c5a3d8a49233e74ae4f11352ae],
PUP.Optional.DealPly.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DealPlyLive, In Quarantäne, [4c16aa205a2191a56bbd9995f2129070],
PUP.Optional.PlusHD.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-2.3, In Quarantäne, [7fe361697605ca6cd10185847e8550b0],
PUP.Optional.DealPly.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY, In Quarantäne, [fa6821a96a118ea832f55cd26f95ef11],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [5a08b515b4c7191dfb85e1355ba89c64],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [382a4a807902ef47735276b653b1c63a],
PUP.Optional.BProtector.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, In Quarantäne, [461cd6f4760550e6d320909fee164eb2],
PUP.Optional.PlusHD.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Plus-HD-2.3, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
Registrierungswerte: 4
PUP.Optional.DealPly.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEALPLY|Partner, iron, In Quarantäne, [fa6821a96a118ea832f55cd26f95ef11]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0L1N1H2O1S, In Quarantäne, [382a4a807902ef47735276b653b1c63a]
PUP.BProtector, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E040DC85DEA51276&affID=119357&tt=040713_ctrl&tsp=4937, In Quarantäne, [e77bc505b7c449edc4dfd953e51fba46]
PUP.BProtector, HKU\S-1-5-21-3576039111-1821954588-2524210282-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [92d07852f08b0d29b6ee141835cff60a]
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 22
PUP.OPtional.Dealply.A, C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly, In Quarantäne, [530f42884932eb4baf6a7fadce36cb35],
PUP.Optional.DealPly.A, C:\ProgramData\DealPlyLive, In Quarantäne, [2b37c2087605e84e37d916a855adb749],
PUP.Optional.DealPly.A, C:\ProgramData\DealPlyLive\Update, In Quarantäne, [2b37c2087605e84e37d916a855adb749],
PUP.Optional.DealPly.A, C:\ProgramData\DealPlyLive\Update\Log, In Quarantäne, [2b37c2087605e84e37d916a855adb749],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Roaming\Dealply, In Quarantäne, [9dc52e9c8cefd462a9686757887aaa56],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Roaming\Dealply\UpdateProc, In Quarantäne, [9dc52e9c8cefd462a9686757887aaa56],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\CrashReports, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\Download, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\Install, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\Offline, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\Offline\{941A49CE-07D4-4943-B184-B3ABB66D0B36}, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\DealPlyLive, In Quarantäne, [dd8589412c4f1f17d194823c45bd7d83],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\DealPlyLive\CrashReports, In Quarantäne, [dd8589412c4f1f17d194823c45bd7d83],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf, In Quarantäne, [8ad8ad1d28535bdb507ad4eafa0829d7],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0, In Quarantäne, [8ad8ad1d28535bdb507ad4eafa0829d7],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\images, In Quarantäne, [8ad8ad1d28535bdb507ad4eafa0829d7],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.CrossRider.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0, In Quarantäne, [7be7f5d5a8d36fc7c7b6e9dde1213cc4],
PUP.Optional.CrossRider.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec, In Quarantäne, [0c5634968fecec4a275aa521ae54768a],
Dateien: 112
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\DealPlyLive.exe, In Quarantäne, [4b17ca002b501d19a0bfaf7a50b10000],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll, In Quarantäne, [20426e5c5922cb6bba98a10af909a957],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll, In Quarantäne, [76ece4e61d5e2e08a2b1f8b35aa832ce],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Roaming\Dealply\UpdateProc\UpdateTask.exe, In Quarantäne, [4b17a2281c5f181ef167dc4241bf52ae],
PUP.BundleInstaller.DW, C:\Users\Robert\Downloads\Californication.S06E06.HDTV.XviD-AFG.ger.subbed.exe, In Quarantäne, [b0b272580f6cd75f19db11ff9c6543bd],
PUP.Optional.DomaIQ.Gen, C:\Users\Robert\Downloads\Setup.exe, In Quarantäne, [00621fabcbb09d999e3b7e302cd5f709],
Trojan.Downloader, C:\Users\Robert\Downloads\java.exe, In Quarantäne, [055d45854a31fb3bfb451e8215ecb050],
Adware.InstallBrain, C:\Users\Robert\Downloads\VideoPerformerSetup.exe, In Quarantäne, [49190ebc9be0db5b0b1e997b90717a86],
PUP.Optional.DealPly.A, C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineCore, In Quarantäne, [99c9f8d21d5ecc6ae6d28a695aa80bf5],
PUP.Optional.DealPly.A, C:\Windows\System32\Tasks\DealPlyLiveUpdateTaskMachineUA, In Quarantäne, [0260ae1cc2b96bcba2167083020008f8],
PUP.Optional.BitGuard.A, C:\Windows\System32\Tasks\BitGuard, In Quarantäne, [600207c3c9b2cb6b7d3d42b15ea443bd],
PUP.Optional.Ciuvo.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage, In Quarantäne, [243e4486c7b4b77f8a0038bf05fd4ab6],
PUP.Optional.Ciuvo.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_api.ciuvo.com_0.localstorage-journal, In Quarantäne, [95cd29a115663006b2d85c9b4eb48977],
PUP.Optional.SelectNGo.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, In Quarantäne, [0161f1d917641f17e150ef0c5ba708f8],
PUP.Optional.SelectNGo.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, In Quarantäne, [0c56ddedb9c22d09e54c6e8dda2816ea],
PUP.Optional.LiveLyrics.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage, In Quarantäne, [d78b45853c3f89ad107114e84cb6718f],
PUP.Optional.LiveLyrics.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage-journal, In Quarantäne, [92d0fad0bbc045f1e1a0a3593cc646ba],
PUP.Optional.Superfish.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Löschen bei Neustart, [5c062f9b700be5516f1589754ab81fe1],
PUP.Optional.Superfish.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, Löschen bei Neustart, [6bf7b1199cdfba7cf49048b6877bf10f],
PUP.Optional.CrossRider.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0.localstorage, In Quarantäne, [570bae1c087380b614664eb9b54e49b7],
PUP.OPtional.Dealply.A, C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\Uninstall DealPly.lnk, In Quarantäne, [530f42884932eb4baf6a7fadce36cb35],
PUP.OPtional.Dealply.A, C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly Help.url, In Quarantäne, [530f42884932eb4baf6a7fadce36cb35],
PUP.OPtional.Dealply.A, C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly\DealPly.url, In Quarantäne, [530f42884932eb4baf6a7fadce36cb35],
PUP.Optional.DealPly.A, C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job, In Quarantäne, [3c261bafe09bfe38e2964de5ad57f30d],
PUP.Optional.DealPly.A, C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job, In Quarantäne, [e979ffcb196239fdaeca3ef4739135cb],
PUP.Optional.DealPly.A, C:\ProgramData\DealPlyLive\Update\Log\DealPlyLive.log, In Quarantäne, [2b37c2087605e84e37d916a855adb749],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Roaming\Dealply\UpdateProc\config.dat, In Quarantäne, [9dc52e9c8cefd462a9686757887aaa56],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Roaming\Dealply\UpdateProc\info.dat, In Quarantäne, [9dc52e9c8cefd462a9686757887aaa56],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Roaming\Dealply\UpdateProc\TTL.DAT, In Quarantäne, [9dc52e9c8cefd462a9686757887aaa56],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLive.exe, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveBroker.exe, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHandler.exe, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveHelper.msi, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\DealPlyLiveOnDemand.exe, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bn.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ca.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_cs.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_da.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_de.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_el.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en-GB.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_en.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es-419.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_es.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_et.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fa.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fi.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fil.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_fr.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_gu.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hr.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hu.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_id.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_is.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_it.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_iw.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ja.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_kn.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ko.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lt.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_lv.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ml.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_mr.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ms.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_nl.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_no.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdate.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_am.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ar.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-BR.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pt-PT.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ro.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sk.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sl.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sr.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sv.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_sw.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ta.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_te.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_th.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_tr.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_uk.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ur.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_vi.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-CN.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_zh-TW.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psuser.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_bg.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_hi.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_pl.dll, In Quarantäne, [93cf4684b1cafe38a969f9c5f30fa45c],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\background.js, In Quarantäne, [8ad8ad1d28535bdb507ad4eafa0829d7],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\info.txt, In Quarantäne, [8ad8ad1d28535bdb507ad4eafa0829d7],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\manifest.json, In Quarantäne, [8ad8ad1d28535bdb507ad4eafa0829d7],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\images\icon128.png, In Quarantäne, [8ad8ad1d28535bdb507ad4eafa0829d7],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\images\icon16.png, In Quarantäne, [8ad8ad1d28535bdb507ad4eafa0829d7],
PUP.Optional.DealPly.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.9.1.9_0\images\icon48.png, In Quarantäne, [8ad8ad1d28535bdb507ad4eafa0829d7],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3\33426.crx, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3\background.html, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3\Installer.log, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-buttonutil.dll, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-buttonutil64.dll, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-buttonutil64.exe, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-helper.exe, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3.ico, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.PlusHD.A, C:\Program Files (x86)\Plus-HD-2.3\Uninstall.exe, In Quarantäne, [c1a15179f289e15566aeeed7af53926e],
PUP.Optional.CrossRider.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\001831.ldb, In Quarantäne, [0c5634968fecec4a275aa521ae54768a],
PUP.Optional.CrossRider.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\001840.log, In Quarantäne, [0c5634968fecec4a275aa521ae54768a],
PUP.Optional.CrossRider.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\LOCK, In Quarantäne, [0c5634968fecec4a275aa521ae54768a],
PUP.Optional.CrossRider.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\LOG, In Quarantäne, [0c5634968fecec4a275aa521ae54768a],
PUP.Optional.CrossRider.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\MANIFEST-001838, In Quarantäne, [0c5634968fecec4a275aa521ae54768a],
PUP.Optional.Delta.A, C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: ( "homepage": "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E040DC85DEA51276&affID=119357&tt=040713_ctrl&tsp=4937",), Ersetzt,[d78b8347eb90d06686b721ef0ef753ad]
Physische Sektoren: 0
(No malicious items detected)
(end) AdwCleaner Code:
# AdwCleaner v3.308 - Bericht erstellt am 24/08/2014 um 16:01:42
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Robert - NOTEBOOK-ROBERT
# Gestartet von : C:\Users\Robert\Desktop\adwcleaner_3.308.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Robert\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Robert\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
***** [ Tasks ] *****
Task Gelöscht : BitGuard
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKCU\Software\e6dad9b735e545
Schlüssel Gelöscht : HKLM\SOFTWARE\e6dad9b735e545
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322342226}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346626}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344344426}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B424109-6F99-4306-8F2B-0B2BB1C8C415}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C0EB0A9-265F-4D9D-AF96-0EF2403A73E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DF046E1-80F7-43E0-80C0-0AD696799C8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0FD0502-5878-441D-A3C0-9A4531C526CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3E46008-1902-41A7-91C7-26EC6E0B66D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346626}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.17054
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v36.0.1985.143
[ Datei : C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Homepage] : hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=E040DC85DEA51276&affID=119357&tt=040713_ctrl&tsp=4937
Gelöscht [Extension] : mphpbdjcljebbcnfopfngmfdackbbdgf
Gelöscht [Extension] : omfoidjpeklpjhlhabhcomekbkclkbec
*************************
AdwCleaner[R0].txt - [3159 octets] - [24/08/2014 15:41:14]
AdwCleaner[R1].txt - [3219 octets] - [24/08/2014 15:57:45]
AdwCleaner[S0].txt - [3032 octets] - [24/08/2014 16:01:42]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3092 octets] ########## JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Robert on 24/08/2014 at 16:06:38.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3576039111-1821954588-2524210282-1002\Software\sweetim
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24/08/2014 at 16:14:01.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ neues FRST
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 02
Ran by Robert (administrator) on NOTEBOOK-ROBERT on 24-08-2014 16:17:54
Running from C:\Users\Robert\Downloads
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764032 2012-08-10] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-10] (Atheros Communications)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862928 2012-07-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [466944 2011-09-19] ()
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-23] (cyberlink)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [3417984 2012-08-28] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKU\S-1-5-21-3576039111-1821954588-2524210282-1002\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-13] ()
HKU\S-1-5-21-3576039111-1821954588-2524210282-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-21] (Electronic Arts)
HKU\S-1-5-21-3576039111-1821954588-2524210282-1002\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1339672 2013-11-04] (Comfort Software Group)
AppInit_DLLs: c:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit64.dll => c:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInit64.dll [21864 2012-08-28] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2011\mshaktuell.exe ()
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: AsusWSShellExt_U -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.transfermarkt.de/"
CHR DefaultSearchKeyword: babylon.com
CHR DefaultSearchProvider: Babylon
CHR DefaultSearchURL: hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss_sps&mntrId=E040DC85DEA51276&affID=119357&tt=040713_ctrl&tsp=4937
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (McAfee SecurityCenter) - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL No File
CHR Extension: (Google Docs) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-12]
CHR Extension: (Google Drive) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-12]
CHR Extension: (YouTube) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-12]
CHR Extension: (Google-Suche) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-12]
CHR Extension: (AdBlock) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-10]
CHR Extension: (Google Wallet) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Google Mail) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-12]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4741384 2014-08-01] (Emsisoft GmbH)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-14] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-08-01] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-05-17] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2014-01-07] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-08-01] (Emsisoft GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2014-01-07] (Emsisoft GmbH)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 msahci; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-24 16:17 - 2014-08-24 16:17 - 00000000 ____D () C:\Users\Robert\Downloads\FRST-OlderVersion
2014-08-24 16:14 - 2014-08-24 16:14 - 00000803 _____ () C:\Users\Robert\Desktop\JRT.txt
2014-08-24 16:06 - 2014-08-24 16:06 - 00000000 ____D () C:\Windows\ERUNT
2014-08-24 16:05 - 2014-08-24 16:05 - 01016261 _____ (Thisisu) C:\Users\Robert\Downloads\JRT.exe
2014-08-24 16:04 - 2014-08-24 16:04 - 00003180 _____ () C:\Users\Robert\Desktop\AdwCleaner[S0].txt
2014-08-24 15:41 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-24 15:40 - 2014-08-24 16:01 - 00000000 ____D () C:\AdwCleaner
2014-08-24 15:39 - 2014-08-24 15:39 - 01364531 _____ () C:\Users\Robert\Desktop\adwcleaner_3.308.exe
2014-08-24 15:38 - 2014-08-24 15:38 - 00040496 _____ () C:\Users\Robert\Desktop\mbam.txt
2014-08-24 15:23 - 2014-08-24 15:36 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 15:22 - 2014-08-24 15:22 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-24 15:22 - 2014-08-24 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-24 15:22 - 2014-08-24 15:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-24 15:22 - 2014-08-24 15:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-24 15:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-24 15:22 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-24 15:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-24 15:18 - 2014-08-24 15:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Robert\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-23 17:04 - 2014-08-23 17:04 - 00028381 _____ () C:\ComboFix.txt
2014-08-23 16:57 - 2014-08-23 16:57 - 00001125 _____ () C:\Users\Robert\Desktop\ComboFix - Verknüpfung.lnk
2014-08-23 12:51 - 2014-08-23 17:04 - 00000000 ____D () C:\Qoobox
2014-08-23 12:51 - 2014-08-23 17:03 - 00000000 ____D () C:\Windows\erdnt
2014-08-23 12:51 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-23 12:51 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-23 12:51 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-23 12:51 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-23 12:51 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-23 12:51 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-08-23 12:51 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-23 12:51 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-23 12:51 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-23 12:50 - 2014-08-23 12:50 - 05572006 ____R (Swearware) C:\Users\Robert\Downloads\ComboFix.exe
2014-08-21 21:38 - 2014-08-24 16:15 - 00000000 ____D () C:\Users\Robert\Desktop\Reinigung 2014
2014-08-21 21:15 - 2014-08-24 16:17 - 00015967 _____ () C:\Users\Robert\Downloads\FRST.txt
2014-08-21 21:15 - 2014-08-21 21:16 - 00034278 _____ () C:\Users\Robert\Downloads\Addition.txt
2014-08-21 21:14 - 2014-08-24 16:17 - 00000000 ____D () C:\FRST
2014-08-21 21:13 - 2014-08-24 16:17 - 02103296 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe
2014-08-14 22:58 - 2014-07-16 00:51 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2014-08-14 22:57 - 2014-06-11 00:44 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 22:57 - 2014-06-11 00:43 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 22:10 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 22:10 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 22:10 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 22:10 - 2014-07-24 14:10 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-08-14 22:10 - 2014-07-24 14:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 22:10 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 22:10 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 22:10 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 22:10 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 22:10 - 2014-07-24 12:52 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 22:10 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 22:10 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 22:10 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 22:10 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 22:10 - 2014-07-24 10:03 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-08-14 22:10 - 2014-06-13 03:57 - 01453400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 22:10 - 2014-06-13 03:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-08-14 22:09 - 2014-07-16 01:03 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 22:09 - 2014-07-16 00:55 - 04035072 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 22:09 - 2014-07-12 04:36 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 22:08 - 2014-08-07 08:33 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 22:08 - 2014-08-07 05:09 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 22:08 - 2014-06-05 19:30 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-08-14 22:08 - 2014-05-03 08:34 - 06974808 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-08-14 22:08 - 2014-05-03 08:33 - 01824808 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-14 22:08 - 2014-05-03 06:51 - 01408976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-14 22:08 - 2014-05-02 00:37 - 01023488 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-14 22:08 - 2014-04-30 00:32 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-14 22:08 - 2014-04-30 00:32 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-14 22:08 - 2014-04-24 01:51 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-08-14 22:08 - 2014-04-24 01:51 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-14 22:08 - 2014-04-24 01:38 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-08-14 22:08 - 2014-04-24 01:38 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-08-14 22:07 - 2014-06-20 01:35 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 22:07 - 2014-06-20 00:24 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 22:07 - 2014-06-05 19:56 - 00112984 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 22:07 - 2014-06-05 19:29 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 22:07 - 2014-06-05 19:29 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 22:07 - 2014-06-05 19:28 - 02306560 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 22:07 - 2014-06-05 19:28 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-14 22:07 - 2014-06-05 15:12 - 08857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-08-14 22:07 - 2014-06-05 15:11 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 22:07 - 2014-06-05 15:11 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 22:07 - 2014-06-05 15:10 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 22:07 - 2014-06-05 15:10 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-14 22:07 - 2014-05-29 06:04 - 00094552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2014-08-14 22:07 - 2014-05-08 03:34 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-08-06 22:53 - 2014-08-17 23:17 - 00293272 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-05 18:08 - 2014-08-05 18:08 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-01 16:05 - 2014-08-17 23:16 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 16:05 - 2014-08-17 23:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 16:05 - 2014-08-17 23:16 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 16:05 - 2014-08-17 23:16 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-01 16:05 - 2014-08-03 00:11 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 16:05 - 2014-08-03 00:11 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 16:05 - 2014-08-03 00:11 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 16:05 - 2014-08-03 00:11 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 16:05 - 2014-08-03 00:11 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-01 16:05 - 2014-08-03 00:11 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-01 16:05 - 2014-08-03 00:11 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 16:05 - 2014-08-03 00:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 16:05 - 2014-08-03 00:11 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-24 16:18 - 2014-08-21 21:15 - 00015967 _____ () C:\Users\Robert\Downloads\FRST.txt
2014-08-24 16:17 - 2014-08-24 16:17 - 00000000 ____D () C:\Users\Robert\Downloads\FRST-OlderVersion
2014-08-24 16:17 - 2014-08-21 21:14 - 00000000 ____D () C:\FRST
2014-08-24 16:17 - 2014-08-21 21:13 - 02103296 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe
2014-08-24 16:17 - 2013-01-13 15:18 - 00000000 ____D () C:\Users\Robert\AppData\Local\PMB Files
2014-08-24 16:15 - 2014-08-21 21:38 - 00000000 ____D () C:\Users\Robert\Desktop\Reinigung 2014
2014-08-24 16:14 - 2014-08-24 16:14 - 00000803 _____ () C:\Users\Robert\Desktop\JRT.txt
2014-08-24 16:13 - 2013-01-09 20:30 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3576039111-1821954588-2524210282-1002
2014-08-24 16:07 - 2012-08-03 01:02 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-08-24 16:07 - 2012-08-03 01:02 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-08-24 16:07 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-24 16:06 - 2014-08-24 16:06 - 00000000 ____D () C:\Windows\ERUNT
2014-08-24 16:05 - 2014-08-24 16:05 - 01016261 _____ (Thisisu) C:\Users\Robert\Downloads\JRT.exe
2014-08-24 16:05 - 2013-01-13 14:16 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-24 16:04 - 2014-08-24 16:04 - 00003180 _____ () C:\Users\Robert\Desktop\AdwCleaner[S0].txt
2014-08-24 16:03 - 2014-01-07 23:11 - 01691671 _____ () C:\Windows\WindowsUpdate.log
2014-08-24 16:03 - 2013-01-12 13:24 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 16:03 - 2013-01-09 20:23 - 00000401 _____ () C:\Users\Robert\AppData\Roaming\sp_data.sys
2014-08-24 16:02 - 2014-01-07 22:46 - 00040694 _____ () C:\Windows\PFRO.log
2014-08-24 16:02 - 2012-11-28 06:29 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-24 16:02 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-24 16:02 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-24 16:01 - 2014-08-24 15:40 - 00000000 ____D () C:\AdwCleaner
2014-08-24 16:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-08-24 15:39 - 2014-08-24 15:39 - 01364531 _____ () C:\Users\Robert\Desktop\adwcleaner_3.308.exe
2014-08-24 15:38 - 2014-08-24 15:38 - 00040496 _____ () C:\Users\Robert\Desktop\mbam.txt
2014-08-24 15:36 - 2014-08-24 15:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 15:34 - 2012-08-02 15:33 - 00000000 ____D () C:\Windows\Log
2014-08-24 15:22 - 2014-08-24 15:22 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-24 15:22 - 2014-08-24 15:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-24 15:22 - 2014-08-24 15:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-24 15:22 - 2014-08-24 15:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-24 15:21 - 2013-01-12 13:24 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 15:19 - 2014-08-24 15:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Robert\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-23 17:04 - 2014-08-23 17:04 - 00028381 _____ () C:\ComboFix.txt
2014-08-23 17:04 - 2014-08-23 12:51 - 00000000 ____D () C:\Qoobox
2014-08-23 17:04 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-08-23 17:03 - 2014-08-23 12:51 - 00000000 ____D () C:\Windows\erdnt
2014-08-23 17:03 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-08-23 16:57 - 2014-08-23 16:57 - 00001125 _____ () C:\Users\Robert\Desktop\ComboFix - Verknüpfung.lnk
2014-08-23 12:50 - 2014-08-23 12:50 - 05572006 ____R (Swearware) C:\Users\Robert\Downloads\ComboFix.exe
2014-08-22 16:24 - 2013-12-19 07:24 - 00000160 _____ () C:\Users\Robert\AppData\Roaming\WB.CFG
2014-08-22 16:24 - 2013-02-23 19:47 - 00000000 ____D () C:\Users\Robert\AppData\Local\CrashDumps
2014-08-21 21:16 - 2014-08-21 21:15 - 00034278 _____ () C:\Users\Robert\Downloads\Addition.txt
2014-08-18 00:57 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-08-17 23:17 - 2014-08-06 22:53 - 00293272 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 23:16 - 2014-08-01 16:05 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-17 23:16 - 2014-08-01 16:05 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-17 23:16 - 2014-08-01 16:05 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-17 23:16 - 2014-08-01 16:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-17 23:16 - 2014-07-22 08:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-17 23:16 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-08-17 23:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-08-17 23:16 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-16 01:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-08-14 23:02 - 2013-07-18 18:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 23:01 - 2013-01-10 22:23 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 21:22 - 2013-01-12 13:25 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-07 08:33 - 2014-08-14 22:08 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 05:09 - 2014-08-14 22:08 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 18:08 - 2014-08-05 18:08 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-03 00:11 - 2014-08-01 16:05 - 03286528 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-03 00:11 - 2014-08-01 16:05 - 01623040 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-03 00:11 - 2014-08-01 16:05 - 00773632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-03 00:11 - 2014-08-01 16:05 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-03 00:11 - 2014-08-01 16:05 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-08-03 00:11 - 2014-08-01 16:05 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-08-03 00:11 - 2014-08-01 16:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-03 00:11 - 2014-08-01 16:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-03 00:11 - 2014-08-01 16:05 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 10:16 - 2013-04-07 17:11 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-08-02 02:15 - 2012-07-26 10:14 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-02 02:15 - 2012-07-26 10:14 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
Some content of TEMP:
====================
C:\Users\Robert\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-24 10:46
==================== End Of Log ============================ --- --- --- |