Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Incredibar - MyStart entfernen

Incredibar - MyStart entfernen


Log-Analyse und Auswertung: Incredibar - MyStart entfernen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 05.08.2012, 12:46   #1
SilviaM
 
Incredibar - MyStart entfernen - Standard

Incredibar - MyStart entfernen


Hallo Ihr Lieben,

vor einiger Zeit habe ich mir mit einem runtergeladenen Programm die Incredibar eingefangen, die sich trotz herausgenommenem Häkchen bei der Installation trotzdem mit installierte. Okay, die Incredibar wird mir im Firefox nicht mehr angezeigt, nachdem ich sie mit Hilfe von einer Anleitung aus dem Web aus den Addons und in der Systemsteuerung entfernt hatte. Auch das Problem, dass Incredibar MyStart sich auf jedem neuen Tab öffnete, habe ich noch in den Griff bekommen. Trotzdem scheint dieses "Ding" immer noch irgendwo zu sein. Denn wenn ich versehentlich oben in der Adressleiste das Stichwort, wozu ich Infos suche, eingebe, öffnet sich immer noch eine Suchseite Incredibar MyStart. Ja, und nun bin ich mit meinem Latein am Ende. Nun habe ich heraus gefunden, dass es sich dabei um einen Trojaner handeln soll und daher habe ich mich bei Euch registriert, um das Ding vielleicht doch noch unter fachkundiger Anleitung von meinem System runter zu kriegen.

Ich habe das Problem auf meinem Notebook, welches unter Win 7 64bit läuft.

Hier nun die Logdatei von OTL:

Code:
ATTFilter
OTL logfile created on: 05.08.2012 13:30:40 - Run 1
OTL by OldTimer - Version 3.2.56.0     Folder = C:\Users\waldfrau0309\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,92 Gb Total Physical Memory | 5,52 Gb Available Physical Memory | 69,77% Memory free
15,83 Gb Paging File | 13,42 Gb Available in Paging File | 84,75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 364,00 Gb Total Space | 266,23 Gb Free Space | 73,14% Space Free | Partition Type: NTFS
Drive D: | 544,34 Gb Total Space | 255,32 Gb Free Space | 46,90% Space Free | Partition Type: NTFS
Drive F: | 1397,26 Gb Total Space | 1284,02 Gb Free Space | 91,90% Space Free | Partition Type: NTFS
 
Computer Name: WALDFRAU0309-PC | User Name: waldfrau0309 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.05 13:04:48 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\waldfrau0309\Downloads\OTL.exe
PRC - [2012.07.19 10:00:53 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.06.06 09:14:32 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012.05.07 12:47:46 | 000,160,840 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe
PRC - [2012.03.16 18:46:34 | 002,805,328 | ---- | M] (SAMSUNG ELECTRONICS CO., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.09.28 07:23:10 | 005,458,312 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
PRC - [2011.09.06 16:36:42 | 002,275,408 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
PRC - [2011.09.06 16:35:54 | 001,087,056 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
PRC - [2011.08.19 12:36:46 | 000,784,976 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
PRC - [2011.08.17 09:19:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.07.30 07:47:22 | 003,395,664 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
PRC - [2011.06.24 10:52:30 | 004,403,280 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2011.06.05 01:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.05.05 14:44:54 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.05.05 14:44:52 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.03.30 14:01:10 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010.10.01 11:53:36 | 000,526,992 | ---- | M] (Corel, Inc.) -- C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2010.09.21 15:13:26 | 000,105,632 | ---- | M] (Corel) -- C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe
PRC - [2010.09.01 15:36:54 | 001,843,200 | ---- | M] (kaemsoft) -- C:\Program Files (x86)\BlueShot\BlueShot.exe
PRC - [2009.11.02 07:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.09.24 22:10:15 | 000,210,304 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
PRC - [2009.08.11 15:44:52 | 000,271,744 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
PRC - [2007.08.02 21:08:00 | 000,095,504 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
PRC - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.22 16:29:07 | 000,230,784 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
MOD - [2012.07.22 16:29:07 | 000,116,096 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
MOD - [2012.07.22 16:29:07 | 000,079,232 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImAppRU.dll
MOD - [2012.07.22 16:29:07 | 000,071,040 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
MOD - [2012.07.19 10:00:52 | 002,003,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.03.16 13:22:52 | 000,755,280 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMFuncDLL.dll
MOD - [2011.02.17 00:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
MOD - [2010.05.07 16:22:18 | 001,636,864 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2009.11.02 07:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 07:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2007.08.02 21:07:56 | 000,034,064 | ---- | M] () -- C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
MOD - [2006.08.12 11:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012.06.06 09:14:32 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV:64bit: - [2011.12.02 12:12:12 | 000,165,456 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\Windows\SysNative\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV:64bit: - [2009.08.10 20:58:06 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Profi Business 2011.SP2b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012.07.19 10:00:53 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.09 15:45:49 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.06.05 01:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.05.05 14:44:54 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.05.05 14:44:52 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.06.01 15:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.07.24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.07.03 09:16:26 | 000,335,288 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2012.05.09 05:18:34 | 000,280,912 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.10 14:28:16 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.08.23 05:12:56 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.08.17 09:19:38 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011.07.30 00:47:20 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2011.06.05 01:22:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.05.01 07:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.04.22 12:17:04 | 000,471,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.11 12:55:24 | 000,007,680 | ---- | M] (Phoenix Technologies Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SGDrv64.sys -- (SGDrv)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 01:11:54 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.20 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Profi Business 2011.SP2b\WNt500x64\Sandra.sys -- (SANDRA)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.01.09 12:53:54 | 000,015,144 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\rtport.sys -- (rtport)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {7e111a5c-3d11-4f56-9463-5310c3c69025} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..CT2736476.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb164/?loc=IB_DS&a=6R8zLJDjiz&&i=26&search="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.07.22 16:24:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.06 08:59:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.07.22 16:24:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.19 10:00:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.12 18:49:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.19 10:00:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.12 18:49:19 | 000,000,000 | ---D | M]
 
[2012.03.26 18:04:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\waldfrau0309\AppData\Roaming\mozilla\Extensions
[2012.08.02 11:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\waldfrau0309\AppData\Roaming\mozilla\Firefox\Profiles\538ijjuc.default\extensions
[2012.08.02 11:12:24 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Users\waldfrau0309\AppData\Roaming\mozilla\Firefox\Profiles\538ijjuc.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2012.04.13 15:05:35 | 000,000,000 | ---D | M] (HP Detect) -- C:\Users\waldfrau0309\AppData\Roaming\mozilla\Firefox\Profiles\538ijjuc.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
[2012.07.22 16:24:02 | 000,002,203 | ---- | M] () -- C:\Users\waldfrau0309\AppData\Roaming\Mozilla\Firefox\Profiles\538ijjuc.default\searchplugins\MyStart Search.xml
[2012.05.02 00:04:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.06 08:59:30 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.07.22 16:24:07 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2012.07.19 10:00:54 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.03.13 07:23:34 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.13 07:06:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.13 07:23:34 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.13 07:23:34 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.13 07:23:34 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.13 07:23:34 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Corel File Shell Monitor] C:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe File not found
O4 - HKLM..\Run: [Standby] C:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe (Corel)
O4 - HKCU..\Run: [Corel Photo Downloader] C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{160AE765-A3A4-4DD1-A45F-199A78E3282A}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A9C25AC-30C1-4408-9A5E-D0AD46F95E8E}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.05 12:20:40 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{26A98385-DA7A-4475-BD9E-FDF1C5E07BD6}
[2012.08.05 12:20:20 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{45249AEC-5919-4CBE-86EE-D4B51A056A8A}
[2012.08.04 17:20:16 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{20C1A6E1-77E6-4AEE-A1F0-BC9ECCCD3468}
[2012.08.04 17:19:54 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{56C47CBC-EE80-4BA4-B7AC-60BA0F4BD609}
[2012.08.04 17:07:11 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{D71D2AB9-5EDD-4486-B8B4-67AFF4E2E27C}
[2012.08.04 13:47:08 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{F6566B25-B9FE-420B-A6B1-4F75562A54AF}
[2012.08.03 20:23:49 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{758C25D4-2D6F-4DE9-9BC6-DBF89B9CE584}
[2012.08.03 20:23:27 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{5F7BDC54-4AD5-468C-81C1-84D7BA2A535A}
[2012.08.03 13:08:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alien Skin
[2012.08.01 21:03:33 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{9AD8294A-B3B3-49AE-8ACA-73405177FF22}
[2012.08.01 21:03:11 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{5763A34A-36FD-4F5B-9128-850517FFE59B}
[2012.07.30 15:41:54 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{06348135-8053-4ABC-A1F4-8681CE39E85A}
[2012.07.30 15:41:32 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{EF0025D8-0440-4B28-A6C1-8C9FBD8EE150}
[2012.07.26 16:17:16 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\Desktop\Bastelwald
[2012.07.25 12:58:51 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{68BACF72-74A5-4938-BE5B-C56E4324FBA7}
[2012.07.25 12:58:39 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\{CADE3891-6303-4962-8452-C8FDE121CB08}
[2012.07.25 12:57:40 | 000,000,000 | ---D | C] -- C:\windows\de
[2012.07.25 12:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2012.07.25 12:16:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2012.07.24 17:15:23 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2012.07.24 17:15:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Paint Shop Pro X
[2012.07.24 17:12:27 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\Documents\Meine PSP-Dateien
[2012.07.23 16:05:20 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\Corel
[2012.07.22 18:06:24 | 000,845,184 | ---- | C] (IncrediMail, Ltd.) -- C:\windows\System\ImUtilsU.dll
[2012.07.22 18:06:24 | 000,730,496 | ---- | C] (IncrediMail, Ltd.) -- C:\windows\System\ImMangrU.dll
[2012.07.22 16:56:04 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Roaming\Malwarebytes
[2012.07.22 16:55:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.22 16:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.22 16:55:54 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012.07.22 16:55:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.22 16:30:41 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\AppData\Local\IM
[2012.07.22 16:30:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
[2012.07.22 16:30:23 | 000,000,000 | ---D | C] -- C:\ProgramData\IncrediMail
[2012.07.22 16:30:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IncrediMail
[2012.07.22 16:30:23 | 000,000,000 | ---D | C] -- C:\ProgramData\IM
[2012.07.22 16:24:07 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012.07.22 16:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YourFileDownloader
[2012.07.22 16:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mandala 4
[2012.07.22 16:09:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mandala
[2012.07.20 12:44:22 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\Documents\Corel PaintShop Photo Project Creator
[2012.07.20 10:33:00 | 000,000,000 | ---D | C] -- C:\windows\RegisteredPackages
[2012.07.20 10:32:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2012.07.20 10:27:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Media Components
[2012.07.20 10:14:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Protexis
[2012.07.20 10:12:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Photo Pro X3
[2012.07.20 10:10:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Corel
[2012.07.19 22:24:56 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2012.07.12 21:38:53 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\Desktop\My PSP Files
[2012.07.12 20:28:46 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\Desktop\dll-Dateien
[2012.07.12 11:37:49 | 000,000,000 | ---D | C] -- C:\Users\waldfrau0309\Desktop\schwungrahmen
[2012.07.09 15:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012.07.09 15:49:49 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\spool
[2012.07.09 15:48:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.07.09 15:48:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS3
[2012.07.09 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Macrovision Shared
[2012.03.26 20:23:55 | 000,465,264 | ---- | C] (Corel) -- C:\Program Files (x86)\Common Files\AppFramework.dll
[2012.03.26 20:23:55 | 000,332,144 | ---- | C] (Corel) -- C:\Program Files (x86)\Common Files\MediaOrganizer.dll
[2012.03.26 20:23:55 | 000,033,136 | ---- | C] (Corel-V1E) -- C:\Program Files (x86)\Common Files\FlickrProvider.dll
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.05 13:11:17 | 000,000,000 | ---- | M] () -- C:\Users\waldfrau0309\defogger_reenable
[2012.08.05 13:09:58 | 000,000,781 | ---- | M] () -- C:\Users\waldfrau0309\Desktop\Defogger.exe - Verknüpfung.lnk
[2012.08.05 12:26:40 | 000,003,766 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012.08.05 12:26:19 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.05 12:26:19 | 000,020,992 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.05 12:15:52 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012.08.05 12:15:42 | 4204,314,623 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.03 19:00:44 | 000,000,381 | ---- | M] () -- C:\windows\BlacBox2.INI
[2012.08.03 11:15:17 | 000,004,608 | ---- | M] () -- C:\Users\waldfrau0309\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.08.02 19:07:07 | 001,498,506 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012.08.02 19:07:07 | 000,654,166 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012.08.02 19:07:07 | 000,616,008 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012.08.02 19:07:07 | 000,130,006 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012.08.02 19:07:07 | 000,106,388 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012.07.24 17:15:39 | 000,000,952 | -HS- | M] () -- C:\windows\SysWow64\KGyGaAvL.sys
[2012.07.24 17:15:16 | 000,002,031 | ---- | M] () -- C:\Users\Public\Desktop\Corel Paint Shop Pro X.lnk
[2012.07.23 22:50:23 | 002,377,448 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012.07.23 16:05:20 | 000,001,300 | ---- | M] () -- C:\Users\Public\Desktop\Corel PaintShop Photo Pro X3.lnk
[2012.07.22 16:56:52 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.22 16:30:32 | 000,001,973 | ---- | M] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2012.07.22 16:24:15 | 000,000,447 | ---- | M] () -- C:\user.js
[2012.07.22 16:09:10 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Mandala.lnk
[2012.07.20 12:44:00 | 000,000,008 | RHS- | M] () -- C:\ProgramData\4E23C579DA.sys
[2012.07.20 10:27:51 | 000,001,192 | ---- | M] () -- C:\Users\Public\Desktop\Corel PaintShop Photo Project Creator.lnk
[2012.07.12 11:46:24 | 000,580,508 | ---- | M] () -- C:\Users\waldfrau0309\Desktop\diamonds.psd
[2012.07.10 15:31:51 | 000,002,564 | ---- | M] () -- C:\Users\waldfrau0309\Desktop\Adobe Photoshop CS3.lnk
[2012.07.08 23:40:19 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00000DA4.LCS
[2012.07.08 22:04:14 | 000,074,240 | ---- | M] () -- C:\Users\waldfrau0309\Documents\venlo_01-05-2012.jpg
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.05 13:11:17 | 000,000,000 | ---- | C] () -- C:\Users\waldfrau0309\defogger_reenable
[2012.08.05 13:09:58 | 000,000,781 | ---- | C] () -- C:\Users\waldfrau0309\Desktop\Defogger.exe - Verknüpfung.lnk
[2012.08.03 19:00:01 | 000,000,381 | ---- | C] () -- C:\windows\BlacBox2.INI
[2012.08.03 18:59:01 | 000,150,016 | ---- | C] () -- C:\windows\SysWow64\ASStuf32.DLL
[2012.08.03 18:58:46 | 000,150,016 | ---- | C] () -- C:\windows\SysNative\ASStuf32.DLL
[2012.08.03 13:09:43 | 000,000,824 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Nature Manual.lnk
[2012.08.03 13:08:54 | 000,001,010 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5 Impact Manual.lnk
[2012.08.03 12:54:29 | 000,000,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eye Candy 5.0 Textures Manual.lnk
[2012.07.25 12:57:21 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2012.07.25 12:57:04 | 000,001,334 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2012.07.25 12:56:46 | 000,001,418 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2012.07.25 12:56:28 | 000,002,446 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[2012.07.24 17:15:38 | 000,000,952 | -HS- | C] () -- C:\windows\SysWow64\KGyGaAvL.sys
[2012.07.24 17:15:16 | 000,002,031 | ---- | C] () -- C:\Users\Public\Desktop\Corel Paint Shop Pro X.lnk
[2012.07.23 16:05:20 | 000,001,300 | ---- | C] () -- C:\Users\Public\Desktop\Corel PaintShop Photo Pro X3.lnk
[2012.07.22 16:55:56 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.22 16:30:32 | 000,001,985 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
[2012.07.22 16:30:32 | 000,001,973 | ---- | C] () -- C:\Users\Public\Desktop\IncrediMail.lnk
[2012.07.22 16:24:14 | 000,000,447 | ---- | C] () -- C:\user.js
[2012.07.22 16:09:10 | 000,000,901 | ---- | C] () -- C:\Users\Public\Desktop\Mandala.lnk
[2012.07.20 12:44:00 | 000,000,008 | RHS- | C] () -- C:\ProgramData\4E23C579DA.sys
[2012.07.20 10:27:50 | 000,001,192 | ---- | C] () -- C:\Users\Public\Desktop\Corel PaintShop Photo Project Creator.lnk
[2012.07.12 11:46:24 | 000,580,508 | ---- | C] () -- C:\Users\waldfrau0309\Desktop\diamonds.psd
[2012.07.10 15:31:09 | 000,002,564 | ---- | C] () -- C:\Users\waldfrau0309\Desktop\Adobe Photoshop CS3.lnk
[2012.07.09 15:52:40 | 002,463,976 | ---- | C] () -- C:\windows\SysWow64\NPSWF32.dll
[2012.07.08 22:04:14 | 000,074,240 | ---- | C] () -- C:\Users\waldfrau0309\Documents\venlo_01-05-2012.jpg
[2012.06.26 13:01:00 | 000,108,032 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2012.06.26 12:49:09 | 000,165,376 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2012.06.23 14:34:09 | 000,149,880 | ---- | C] () -- C:\windows\wiainst64.exe
[2012.06.16 16:00:24 | 000,004,096 | -H-- | C] () -- C:\Users\waldfrau0309\AppData\Local\keyfile3.drm
[2012.06.14 17:50:36 | 011,059,200 | ---- | C] () -- C:\Users\waldfrau0309\AppData\Roaming\Sandra.mdb
[2012.05.20 11:36:24 | 000,000,862 | ---- | C] () -- C:\Users\waldfrau0309\AppData\Local\recently-used.xbel
[2012.04.13 15:27:22 | 000,366,080 | ---- | C] () -- C:\windows\multiflexio.dll
[2012.04.13 15:27:22 | 000,235,008 | ---- | C] () -- C:\windows\scsicomm.dll
[2012.04.13 15:27:22 | 000,231,936 | ---- | C] () -- C:\windows\netcomm.dll
[2012.04.13 15:27:22 | 000,226,304 | ---- | C] () -- C:\windows\hppcompiocomm.dll
[2012.04.06 23:17:30 | 000,069,632 | ---- | C] () -- C:\windows\SysWow64\xmltok.dll
[2012.04.06 23:17:30 | 000,036,864 | ---- | C] () -- C:\windows\SysWow64\xmlparse.dll
[2012.04.05 23:39:25 | 000,000,034 | ---- | C] () -- C:\windows\cdplayer.ini
[2012.03.30 01:29:15 | 000,000,400 | ---- | C] () -- C:\windows\ODBC.INI
[2012.03.28 17:42:54 | 001,500,444 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012.03.26 20:23:55 | 000,402,800 | ---- | C] () -- C:\Program Files (x86)\Common Files\facebook.dll
[2012.03.26 20:23:55 | 000,148,177 | ---- | C] () -- C:\Program Files (x86)\Common Files\BookViewer.xap
[2012.03.26 20:23:55 | 000,130,416 | ---- | C] () -- C:\Program Files (x86)\Common Files\PluginCommon.dll
[2012.03.26 20:19:55 | 000,004,608 | ---- | C] () -- C:\Users\waldfrau0309\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.26 20:19:47 | 000,003,766 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2012.03.26 19:38:12 | 000,210,944 | R--- | C] () -- C:\windows\SysWow64\MSVCRT10.DLL
[2012.03.26 19:38:12 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\icmfilter.dll
[2012.01.10 14:27:24 | 000,963,884 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012.01.10 14:27:24 | 000,221,264 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012.01.10 14:16:52 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012.01.10 13:29:52 | 013,904,384 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2011.12.02 12:12:10 | 000,260,688 | ---- | C] () -- C:\windows\SUPDRun.exe
[2011.10.11 04:28:02 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2011.10.11 03:27:55 | 000,002,292 | ---- | C] () -- C:\windows\HotFixList.ini
[2011.07.21 07:51:12 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
 
========== LOP Check ==========
 
[2012.08.05 12:27:19 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\Alien Skin
[2012.06.14 19:54:43 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\AMPSoft
[2012.06.19 23:19:21 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\Azureus
[2012.05.08 00:53:12 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\BitTorrent
[2012.05.10 15:01:23 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\BlueShot
[2012.04.19 00:45:11 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\dataWeb
[2012.06.07 22:01:56 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\DAZ 3D
[2012.07.26 16:33:06 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\FileZilla
[2012.04.23 10:31:33 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\Flo & Seb Engineering
[2012.05.11 19:32:28 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\hdbADS
[2012.03.26 20:14:17 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\Jasc
[2012.03.26 18:16:38 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\LibreOffice
[2012.04.09 21:49:49 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\Mp3tag
[2012.05.11 19:32:56 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\MrJobs
[2012.04.16 00:47:40 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\MysteryStudio
[2012.06.11 19:31:44 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\NexusFont
[2012.07.03 09:16:16 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\ProtectDisc
[2012.04.13 15:01:00 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\SkyMonk
[2012.03.28 21:54:31 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\SoftGrid Client
[2012.04.07 16:40:58 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\streamripper
[2012.03.28 17:43:32 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\TP
[2012.04.16 00:55:31 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\Ubisoft
[2012.07.20 12:44:28 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\Ulead Systems
[2012.04.02 05:21:16 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\WebApp
[2012.03.27 11:07:06 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\Windows Live Writer
[2012.06.10 00:33:32 | 000,000,000 | ---D | M] -- C:\Users\waldfrau0309\AppData\Roaming\YourFileDownloader
[2012.06.28 18:34:10 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Eine Extras.txt hat mir das Programm nach dem Durchlauf leider nicht erstellt. Muss ich da bei den Einstellungen vielleicht irgend etwas beachten?

Ich würde mich sehr freuen, wenn Ihr mir hier helfen könntet, damit ich dieses Ding endlich wieder los werde.

Liebe Grüße
SilviaM

Alt 09.08.2012, 20:06   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Incredibar - MyStart entfernen - Standard

Incredibar - MyStart entfernen


Mal wieder ist Malwarebytes installiert und die Logs fehlen - warum?
__________________

__________________
Alt 10.08.2012, 10:51   #3
SilviaM
 
Incredibar - MyStart entfernen - Standard

Incredibar - MyStart entfernen


Warum? Ganz einfach, weil ich mich nach der Anleitung hier im Forum gerichtet habe und ich leider auch nicht allwissend bin. Wäre ich das, hätte ich mich nicht hier an dieses Forum wenden brauchen, dann hätte ich das auch alleine schaffen können. Aber danke für die Antwort.

Zumal mir meine Frage wg. der Extra.txt nicht beantwortet wurde. Tschüs, Beitrag kann geschlossen werden. Suche mir woanders Hilfe. Wo man mir nicht so unfreundlich daher kommt ...
__________________
Alt 11.08.2012, 15:24   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Incredibar - MyStart entfernen - Standard

Incredibar - MyStart entfernen


Ach verstehe, es ist ja auch zu abwegig bei einem offensichtlich Schädlingsproblem gleich den Helfern die Logs aller Virenscanner zu posten, da kann man ja auch als Laie nicht drauf kommen

Lieber antwortet man pikiert auf eine ganz normale Frage
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Incredibar - MyStart entfernen
antivirus, autorun, bho, bonjour, candy, einstellungen, entfernen, firefox, format, helper, home, installation, logfile, mozilla, mp3, msvcrt, nvpciflt.sys, plug-in, problem, programm, realtek, registry, scan, software, stichwort, symantec, trojaner, wildtangent games, win 7 64bit, windows


« Der Computer ist für die Verletzung der Gesetze der Republik Österreich gesperrt worden. | GVU Trojaner & Konsequenzen »


Ähnliche Themen: Incredibar - MyStart entfernen


  1. Mystart incredibar entfernen
    Plagegeister aller Art und deren Bekämpfung - 17.11.2012 (1)
  2. Mystart.incredibar entfernen
    Plagegeister aller Art und deren Bekämpfung - 28.10.2012 (24)
  3. Mystart.incredibar entfernen
    Plagegeister aller Art und deren Bekämpfung - 17.10.2012 (31)
  4. Mystart Incredibar Entfernen
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (26)
  5. MyStart by incredibar entfernen
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (2)
  6. MyStart Incredibar entfernen
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (5)
  7. (2x) mystart incredibar entfernen
    Mülltonne - 04.09.2012 (1)
  8. Mystart incredibar entfernen
    Plagegeister aller Art und deren Bekämpfung - 30.08.2012 (17)
  9. Mystart incredibar entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.08.2012 (14)
  10. Mystart incredibar Entfernen
    Plagegeister aller Art und deren Bekämpfung - 16.08.2012 (44)
  11. MyStart by Incredibar - entfernen!
    Log-Analyse und Auswertung - 05.08.2012 (11)
  12. mystart.incredibar.com entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.08.2012 (32)
  13. Mystart.incredibar entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.08.2012 (40)
  14. MyStart IncrediBar entfernen
    Anleitungen, FAQs & Links - 30.07.2012 (0)
  15. Mystart incredibar entfernen
    Log-Analyse und Auswertung - 30.07.2012 (1)
  16. Mystart incredibar entfernen
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (6)
  17. MyStart Incredibar entfernen
    Log-Analyse und Auswertung - 14.07.2012 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Incredibar - MyStart entfernen - Hallo Ihr Lieben, vor einiger Zeit habe ich mir mit einem runtergeladenen Programm die Incredibar eingefangen, die sich trotz herausgenommenem Häkchen bei der Installation trotzdem mit installierte. Okay, die Incredibar - Incredibar - MyStart entfernen...
Archiv
Du betrachtest: Incredibar - MyStart entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19