Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Google verweist auf falsche Seiten

Google verweist auf falsche Seiten


Plagegeister aller Art und deren Bekämpfung: Google verweist auf falsche Seiten

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 06.11.2012, 18:09   #1
Thure
 
Google verweist auf falsche Seiten - Standard

Google verweist auf falsche Seiten


Also. Mein Google verweist mich auf komplett andere Seiten, wenn ich etwas Suche und das Ergebnis anklicke. Sehr makaber.

Mal der OTL-Bericht:

Code:
ATTFilter
OTL logfile created on: 06.11.2012 17:59:45 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Florian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,33 Gb Available Physical Memory | 79,27% Memory free
15,96 Gb Paging File | 14,23 Gb Available in Paging File | 89,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,95 Gb Total Space | 360,09 Gb Free Space | 78,98% Space Free | Partition Type: NTFS
Drive D: | 456,46 Gb Total Space | 283,47 Gb Free Space | 62,10% Space Free | Partition Type: NTFS
Drive E: | 1,99 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: FLORIAN-PC | User Name: Florian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.06 17:59:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe
PRC - [2012.09.07 19:26:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.07 19:25:55 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.09.07 19:25:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.07.27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012.06.11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2012.06.08 08:02:24 | 000,521,344 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe
PRC - [2012.05.01 13:31:14 | 000,185,856 | ---- | M] () -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe
PRC - [2012.02.26 15:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2011.10.12 11:22:02 | 000,218,408 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
PRC - [2011.10.12 11:22:01 | 000,321,832 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
PRC - [2011.10.12 11:22:00 | 000,214,312 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe
PRC - [2011.08.31 11:35:01 | 000,185,640 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
PRC - [2011.08.11 04:58:26 | 000,627,304 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
PRC - [2011.06.17 18:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2011.05.30 03:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2011.04.22 17:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2011.04.02 22:34:42 | 000,340,848 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
PRC - [2011.03.29 03:49:06 | 000,408,432 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2011.03.29 03:48:54 | 000,202,608 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2011.03.23 23:20:24 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.12.20 11:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.20 11:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.05.04 20:07:22 | 000,503,080 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2009.09.28 14:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) -- C:\OSGeo4W\apache\bin\httpd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.10.12 11:22:01 | 000,321,832 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
MOD - [2011.10.12 11:22:00 | 000,370,984 | ---- | M] () -- C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2011.08.11 04:58:26 | 000,627,304 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MOD - [2011.08.11 04:57:22 | 000,151,656 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.10.27 14:50:49 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 22:15:15 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.07 19:26:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.07 19:25:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.27 12:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.11 15:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.06.11 15:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012.06.08 08:02:24 | 000,521,344 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe -- (ogmservice)
SRV - [2012.06.07 08:15:34 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2012.05.01 13:31:14 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2011.06.17 18:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2011.05.30 03:54:14 | 000,036,456 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2011.05.05 21:36:05 | 000,022,528 | ---- | M] () [Auto | Running] -- D:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe -- (DAZContentManagementService)
SRV - [2011.04.22 17:44:14 | 000,244,624 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Live Updater Service)
SRV - [2011.04.02 22:09:38 | 000,173,424 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.23 23:20:24 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.12.20 11:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.20 11:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.11.05 23:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.06.01 23:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.05.04 20:07:22 | 000,503,080 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.28 14:41:12 | 000,024,645 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\OSGeo4W\apache\bin\httpd.exe -- (ApacheOSGeo4WWebServer)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.07 19:26:05 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.09.07 19:26:05 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.09.07 19:26:05 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.03.08 23:05:17 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012.03.08 23:05:17 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.11 05:04:46 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2011.07.11 05:04:46 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2011.07.11 05:04:46 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2011.06.30 07:03:04 | 000,054,784 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2011.06.30 07:03:02 | 000,077,696 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.05.16 15:55:28 | 000,533,096 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.03 16:59:18 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.05 23:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.19 09:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 04 00 EF 03 0B 00 00 00 1A F3 A1 3C 01 00 00 80 06 00 EF 03 00 00 00 00  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.chatzum.com/?q={searchTerms}
IE - HKCU\..\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}: "URL" = hxxp://search.chatzum.com/?q={SearchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6OyB8dUZAu&i=26
IE - HKCU\..\SearchScopes\{F65F8403-4D74-486C-943A-923EACE894D1}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=4274AF66-C60F-4AA6-964D-B3547E23C949&apn_sauid=DB91E342-445C-4F24-8BC2-D91B8D73F021
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..CT2319825.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB10&ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://gmx.de/"
FF - prefs.js..extensions.enabledAddons: de-ade@fehler-haft.de:16.0.a
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.05.07 12:39:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.05.07 12:39:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 14:50:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.06 17:43:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 14:50:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.06 17:43:07 | 000,000,000 | ---D | M]
 
[2012.02.24 15:23:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions
[2012.10.23 10:10:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\9o5jh1ci.default\extensions
[2012.10.12 08:22:15 | 000,271,375 | ---- | M] () (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\extensions\de-ade@fehler-haft.de.xpi
[2012.07.26 08:19:22 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.12 06:26:54 | 000,000,853 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\11-suche.xml
[2012.08.11 06:41:27 | 000,002,396 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\askcom.xml
[2012.10.10 17:15:26 | 000,000,907 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\conduit.xml
[2012.09.12 06:26:54 | 000,002,209 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\englische-ergebnisse.xml
[2012.09.12 06:26:54 | 000,010,506 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\gmx-suche.xml
[2012.09.12 06:26:54 | 000,002,368 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\lastminute.xml
[2012.05.07 12:39:50 | 000,002,203 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\MyStart Search.xml
[2012.10.11 10:06:06 | 000,000,642 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\search-safer.xml
[2012.05.14 07:53:24 | 000,003,915 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\sweetim.xml
[2012.09.12 06:26:54 | 000,005,489 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\9o5jh1ci.default\searchplugins\webde-suche.xml
[2012.10.27 14:50:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.27 14:50:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.27 14:50:49 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.12 08:21:54 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.25 13:37:38 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.10.12 08:21:54 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.12 08:21:54 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.12 08:21:54 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.12 08:21:54 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.12 08:21:54 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Florian\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Florian\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.4\PriceGongIE.dll (PriceGong)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll File not found
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [nwck] C:\Users\Florian\AppData\Roaming\netsh7.dll ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.7.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{89F662B5-5A2B-4305-A594-BE258A5B8915}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.05.13 01:06:56 | 000,000,027 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{ae2af745-1611-11e1-9e28-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{ae2af745-1611-11e1-9e28-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2008.07.16 18:13:53 | 052,428,800 | R--- | M] (Alcachofa Soft                                              )
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.06 17:59:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe
[2012.11.06 17:38:26 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Malwarebytes
[2012.11.06 17:38:05 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.06 17:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.06 17:38:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.06 17:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.06 08:22:07 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{8BB0765B-612E-4A74-9C8C-463073049AC6}
[2012.11.05 13:10:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbo Pizza
[2012.11.05 13:10:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Turbo Pizza
[2012.11.05 11:44:21 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Skunk Studios
[2012.11.05 08:05:23 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux Family Secrets - Das Buch der Orakel
[2012.11.05 08:05:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flux Family Secrets - Das Buch der Orakel
[2012.11.05 08:05:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Flux Family Secrets - Das Buch der Orakel
[2012.11.05 07:17:04 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{4FC5F8C7-BF75-4A05-AEDC-7F5A10E8B171}
[2012.11.04 21:07:04 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012.11.04 21:06:51 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alcachofa Soft
[2012.11.04 21:03:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcachofa Soft
[2012.11.04 15:03:54 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Der Clou!2
[2012.11.04 08:45:03 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{F7D5EB79-46E1-4EDC-B30C-CB79C1F8E80E}
[2012.11.03 16:11:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Der Clou!2
[2012.11.03 16:11:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\neoSoftware
[2012.11.03 15:53:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A Vampyre Story
[2012.11.03 15:51:09 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\A Vampyre Story
[2012.11.03 07:56:05 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{483C9580-DC03-42AD-A784-C88EBEC70A37}
[2012.11.02 13:15:42 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Infected - Der Zwillings - Impfstoff Sammleredition
[2012.11.02 13:15:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infected - Der Zwillings - Impfstoff Sammleredition
[2012.11.02 13:15:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Infected - Der Zwillings - Impfstoff Sammleredition
[2012.11.02 07:14:35 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{5A8A4A1A-9879-4521-BA7D-A47331A0AFA3}
[2012.11.01 07:30:01 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{0120BC14-ED20-4CCB-BA5E-3D1760B7998E}
[2012.10.31 09:23:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Twisted Lands 3 - Der Anfang
[2012.10.31 07:29:05 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{AB06A187-4FF2-4701-AAD9-F4FC691CC00C}
[2012.10.30 07:28:09 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{079F70B4-63FC-414D-B1BC-3D73BB53673C}
[2012.10.29 15:27:54 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Alawar Stargaze
[2012.10.29 14:39:54 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sierra
[2012.10.29 14:33:43 | 000,000,000 | ---D | C] -- C:\Sierra
[2012.10.29 13:29:46 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Seven Sails
[2012.10.29 07:27:14 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{80C34741-802F-43F3-BBCD-5C00B6CB0295}
[2012.10.28 07:26:18 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{78917704-0D65-45C3-918E-B16EADB4B87C}
[2012.10.27 14:50:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.27 11:46:47 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\URSE Games
[2012.10.27 07:25:26 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{532F1F3D-239E-45C9-B02B-360B46777930}
[2012.10.26 10:41:14 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\GameDevo
[2012.10.26 06:09:58 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{C0EBB2BD-1043-49BC-A9C2-E8EA69729DF9}
[2012.10.25 06:09:02 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{2077E936-048A-497B-B30D-A794C2516B10}
[2012.10.24 09:34:49 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Camel101
[2012.10.24 09:34:44 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\GarageGames
[2012.10.24 06:08:17 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{C643ECE5-8C3E-4764-892F-B5D4266105EE}
[2012.10.23 11:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DEUTSCHLAND SPIELT
[2012.10.23 06:07:32 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{4E9451E5-BBDE-4AEF-8B87-1CD069A97FBD}
[2012.10.22 06:06:09 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{6D130683-65CF-471D-A686-05754ED7FC1D}
[2012.10.21 07:16:38 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{42809043-1FCA-4571-97B3-C8D8CABB1A6F}
[2012.10.20 07:15:39 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{627A8CF7-69EF-4192-8CE1-2B9C3AF16ED1}
[2012.10.19 06:40:15 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{89D958E8-2F54-4A9B-AE48-CB635F6FF23C}
[2012.10.18 07:53:48 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{356393C4-5CE4-448B-8971-635C418BA357}
[2012.10.17 10:10:21 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\Programs
[2012.10.17 07:52:52 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{B3F4062F-26A2-466C-B1C5-59BBAB88336F}
[2012.10.16 07:51:56 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{88513993-0B9D-45BF-BEC5-95EF3EC0E3B9}
[2012.10.15 08:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2012.10.15 07:51:00 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{77C8A824-6CFC-473B-AFD7-2867A6F00111}
[2012.10.14 07:50:02 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{906F9CB3-969B-49AA-8787-042833C68BDE}
[2012.10.13 07:49:11 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{C86B4A8B-9037-4430-A82B-99BDF2C313AE}
[2012.10.12 10:31:37 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{BE29A690-9CA9-43AC-9E82-4245E669B134}
[2012.10.11 10:30:41 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{02E8CAA3-70DB-4112-8635-DD5B1D299470}
[2012.10.10 10:29:46 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{CAC0630B-8EA8-4450-BE14-37DEC826B1A6}
[2012.10.09 22:29:22 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{9355DEC7-612C-4B77-A9EF-A1A2E3E76E8C}
[2012.10.09 08:03:25 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{6058EB6F-CED5-44B8-B30D-D2DD455CA67A}
[2012.10.08 15:50:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bridge Constructor
[2012.10.08 08:02:29 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\{C8C21C4E-21BA-4F0B-B003-F3F705E8D48A}
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.06 17:59:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe
[2012.11.06 17:59:01 | 000,000,000 | ---- | M] () -- C:\Users\Florian\defogger_reenable
[2012.11.06 17:58:48 | 000,050,477 | ---- | M] () -- C:\Users\Florian\Desktop\Defogger.exe
[2012.11.06 17:51:38 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.06 17:51:38 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.06 17:50:40 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.06 17:50:40 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.06 17:50:40 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.06 17:50:40 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.06 17:50:40 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.06 17:44:29 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.06 17:44:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.06 17:44:13 | 2131,955,711 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.06 17:41:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.06 17:15:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.06 15:18:37 | 000,106,496 | RHS- | M] () -- C:\Users\Florian\AppData\Roaming\netsh7.dll
[2012.11.05 13:13:00 | 000,052,748 | ---- | M] () -- C:\Windows\wininit.ini
[2012.11.05 13:10:09 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Spiel Turbo Pizza.lnk
[2012.11.05 08:05:55 | 000,002,208 | ---- | M] () -- C:\Users\Public\Desktop\Spiel Flux Family Secrets - Das Buch der Orakel.lnk
[2012.11.04 21:07:04 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012.11.04 17:35:52 | 000,021,840 | ---- | M] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012.11.04 17:35:52 | 000,017,212 | ---- | M] () -- C:\Windows\SysWow64\SIntf32.dll
[2012.11.04 17:35:52 | 000,012,067 | ---- | M] () -- C:\Windows\SysWow64\SIntf16.dll
[2012.11.02 13:16:36 | 000,002,256 | ---- | M] () -- C:\Users\Public\Desktop\Spiel Infected - Der Zwillings - Impfstoff Sammleredition.lnk
[2012.10.31 12:22:17 | 000,001,237 | ---- | M] () -- C:\Users\Public\Desktop\Burger Bustle.lnk
[2012.10.23 11:33:09 | 000,001,297 | ---- | M] () -- C:\Users\Public\Desktop\Jojo’s Fashion Show 2.lnk
[2012.10.11 10:12:57 | 000,001,381 | ---- | M] () -- C:\Users\Public\Desktop\Das Buch der Dunklen Träume.lnk
[2012.10.10 17:15:24 | 000,000,009 | ---- | M] () -- C:\END
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.06 17:59:01 | 000,000,000 | ---- | C] () -- C:\Users\Florian\defogger_reenable
[2012.11.06 17:58:48 | 000,050,477 | ---- | C] () -- C:\Users\Florian\Desktop\Defogger.exe
[2012.11.06 15:18:37 | 000,106,496 | RHS- | C] () -- C:\Users\Florian\AppData\Roaming\netsh7.dll
[2012.11.05 13:10:09 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Spiel Turbo Pizza.lnk
[2012.11.05 08:05:55 | 000,002,208 | ---- | C] () -- C:\Users\Public\Desktop\Spiel Flux Family Secrets - Das Buch der Orakel.lnk
[2012.11.02 13:16:36 | 000,002,256 | ---- | C] () -- C:\Users\Public\Desktop\Spiel Infected - Der Zwillings - Impfstoff Sammleredition.lnk
[2012.10.31 12:22:17 | 000,001,237 | ---- | C] () -- C:\Users\Public\Desktop\Burger Bustle.lnk
[2012.10.29 14:58:12 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012.10.29 14:58:12 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012.10.29 14:58:12 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012.10.23 11:33:09 | 000,001,297 | ---- | C] () -- C:\Users\Public\Desktop\Jojo’s Fashion Show 2.lnk
[2012.10.11 10:12:57 | 000,001,381 | ---- | C] () -- C:\Users\Public\Desktop\Das Buch der Dunklen Träume.lnk
[2012.10.10 17:15:24 | 000,000,009 | ---- | C] () -- C:\END
[2012.10.09 22:10:53 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.09 14:53:24 | 000,001,001 | ---- | C] () -- C:\Users\Florian\AppData\Local\RT2070_{4BB48026-ECDF-4993-B3DD-4E8D867FECB1}_wsc
[2012.08.21 16:16:12 | 000,002,086 | ---- | C] () -- C:\Users\Florian\.recently-used.xbel
[2012.08.11 15:19:25 | 001,641,574 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.11 10:00:03 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2012.07.11 09:59:55 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\nvPhotoshopUtil.dll
[2012.07.11 09:59:55 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2012.06.21 13:33:56 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2012.06.21 13:33:56 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2012.06.21 13:28:53 | 000,877,218 | ---- | C] () -- C:\Windows\RON 2010 GERMAN Uninstaller.exe
[2012.05.21 13:34:39 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012.05.20 20:20:23 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012.05.13 07:39:48 | 000,093,748 | ---- | C] () -- C:\Users\Florian\Afri.jpg
[2012.04.04 12:46:40 | 000,083,968 | ---- | C] () -- C:\Windows\UnGins.exe
[2012.04.04 12:46:35 | 000,473,600 | ---- | C] () -- C:\Windows\SysWow64\Harmony.dll
[2012.04.04 12:46:35 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\Unlha32.dll
[2012.03.21 22:35:05 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll
[2012.03.21 22:35:05 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\RGSS104J.dll
[2012.03.21 22:35:05 | 000,758,272 | ---- | C] () -- C:\Windows\SysWow64\RGSS104E.dll
[2012.03.21 22:35:04 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll
[2012.03.21 22:35:04 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll
[2012.03.21 22:35:04 | 000,685,056 | ---- | C] () -- C:\Windows\SysWow64\RGSS103J.dll
[2012.03.01 10:04:35 | 000,052,748 | ---- | C] () -- C:\Windows\wininit.ini
[2012.02.29 21:16:59 | 000,000,298 | ---- | C] () -- C:\Windows\vtmb.ini
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.03.31 20:44:32 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\.marble
[2012.08.03 12:49:01 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\4 Friends Games
[2012.09.19 21:16:29 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Ahnenblatt
[2012.09.17 10:58:31 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Alawar
[2012.10.29 15:27:54 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Alawar Stargaze
[2012.09.29 10:03:43 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\AlawarEntertainment
[2012.06.27 16:37:24 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Amaranth Games
[2012.07.21 13:17:28 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Artifex Mundi
[2012.10.12 14:05:15 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Artogon
[2012.08.10 13:43:11 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Az-Art
[2012.03.25 13:37:36 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Babylon
[2012.06.11 08:58:34 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Big Fish Games
[2012.03.27 18:19:02 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Black Sea Studios
[2012.10.22 10:49:25 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\BlamGames
[2012.10.16 08:39:07 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Blue Tea Games
[2012.08.04 14:06:55 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Boomzap
[2012.10.24 09:34:49 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Camel101
[2012.08.30 09:11:31 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\CasualMechanics
[2012.04.12 09:31:05 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\cerasus.media
[2012.08.15 09:52:39 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Chayowo Games
[2012.06.24 09:08:01 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\clear.fi
[2012.03.25 13:38:00 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Complitly
[2012.08.13 10:17:22 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Daedalic Entertainment
[2012.09.15 15:30:31 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\DailyMagic
[2012.07.07 15:13:50 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Dark Blue Games
[2012.06.02 14:42:27 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\DAZ 3D
[2012.10.02 14:55:05 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Deep Shadows
[2012.06.05 13:31:32 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Digital Quarter
[2012.09.10 12:23:47 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Eipix
[2012.05.16 08:50:12 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\EleFun Games
[2012.09.11 10:18:04 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Elephant Games
[2012.05.14 11:39:42 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Enki Games
[2012.06.13 11:05:08 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Enlightenus
[2012.07.12 11:42:23 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\EntwinedSoD
[2012.09.19 13:45:15 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\ERS Game Studios
[2012.09.13 18:44:13 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\FileZilla
[2012.08.21 12:34:39 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Flood Light Games
[2012.03.26 08:45:54 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Floodlight Games
[2012.09.05 09:28:43 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\FlowerOfImmortality
[2012.03.01 15:06:36 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\FoozKids
[2012.08.21 07:53:45 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Freeze Tag
[2012.06.04 07:25:46 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Friday's games
[2012.09.20 09:30:41 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Funlinker
[2012.08.13 07:15:39 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Fuzzy Bug Interactive
[2012.10.26 10:41:14 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\GameDevo
[2012.07.06 14:51:53 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\GameInvest
[2012.09.07 07:00:03 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Gamelab
[2012.08.10 13:54:34 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\GameMill Entertainment
[2012.03.08 23:06:42 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Games
[2012.10.24 09:34:44 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\GarageGames
[2012.05.21 13:34:39 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Ghost Ship Studios
[2012.05.31 08:07:14 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\GO Games
[2012.11.02 10:36:50 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Gogii
[2012.08.21 16:16:12 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\gtk-2.0
[2012.08.10 08:34:49 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Gunnar Games
[2012.03.27 11:07:25 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\HitPoint Studios
[2012.03.23 13:39:14 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\inkscape
[2012.08.23 13:23:46 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Jane s Hotel 3
[2012.08.23 11:31:51 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Jetdogs Studios
[2012.03.20 11:24:22 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\JoyBits
[2012.08.18 13:30:57 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Lazy Turtle Games
[2012.03.17 18:26:26 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Leadertech
[2012.04.28 12:37:01 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\LucasArts
[2012.07.21 11:34:24 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\MA2
[2012.09.14 08:30:15 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Mad Head Games
[2012.03.28 08:50:28 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\MagicIndie
[2012.04.03 10:24:42 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Mariaglorum
[2012.08.04 06:30:23 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Meridian93
[2012.10.23 07:53:05 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\MumboJumbo
[2012.08.02 10:54:15 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\My Games
[2012.08.04 13:53:01 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Namco
[2012.08.09 11:16:41 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Natural Threat.Ominous Shores
[2012.04.27 19:29:52 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Notepad++
[2012.09.11 11:36:42 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Oberon Games
[2012.09.24 13:44:36 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Oberon Media
[2012.02.24 15:20:12 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\OEM
[2012.05.07 12:47:18 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\OpenCandy
[2012.02.24 16:53:48 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\OpenOffice.org
[2012.05.05 21:16:39 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Opera
[2012.08.18 10:54:11 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Orneon
[2012.05.21 10:32:34 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\PlayFavoriteGames
[2012.09.27 12:53:21 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\PlayPond
[2012.09.11 11:25:21 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\PoBros
[2012.10.02 13:35:08 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Princess Isabella
[2012.05.25 18:42:41 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\RenPy
[2012.10.02 17:59:08 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\SecondLife
[2012.08.18 10:56:00 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\sekrbfgde
[2012.10.29 13:29:46 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Seven Sails
[2012.07.30 17:13:28 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\ShamanGS
[2012.10.29 11:43:16 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Silverback Productions
[2012.11.05 11:44:21 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Skunk Studios
[2012.10.01 17:15:53 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\SMIGames
[2012.09.25 09:29:00 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Specialbit
[2012.10.25 10:14:46 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\SulusGames
[2012.08.31 10:03:08 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Supermarket Mania 2
[2012.10.22 12:26:53 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\tabagames
[2012.08.06 13:20:03 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Ten Heavens
[2012.05.14 09:15:05 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Top Evidence
[2012.09.21 09:18:59 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\TrickySoftware
[2012.04.19 13:35:29 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Trillian
[2012.04.05 13:21:18 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Twilight Games
[2012.10.27 11:46:47 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\URSE Games
[2012.06.01 09:21:21 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\VampireSagaHL
[2012.10.27 12:01:07 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Vast Studios
[2012.04.04 09:34:20 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\VendelGAMES
[2012.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Vogat Interactive
[2012.09.05 11:47:21 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\WildTangent
[2012.03.14 13:21:59 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Windows Live Writer
[2012.09.26 13:12:37 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\World-LooM
[2012.03.20 11:45:04 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\YoudaGames
[2012.08.30 08:06:46 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\YourFileDownloader
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:5E9B629B
@Alternate Data Stream - 378 bytes -> C:\ProgramData\Temp:98838593
@Alternate Data Stream - 350 bytes -> C:\ProgramData\Temp:804A4210
@Alternate Data Stream - 155 bytes -> C:\ProgramData\Temp:AD2DB2F9
@Alternate Data Stream - 154 bytes -> C:\ProgramData\Temp:AC64D9E9
@Alternate Data Stream - 154 bytes -> C:\ProgramData\Temp:80253E8D
@Alternate Data Stream - 154 bytes -> C:\ProgramData\Temp:35501BA4
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:5A9F1AE5
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:319D783D
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:DF5ABA3D
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:823606DE
@Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:84C34762
@Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:1604D047
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:2F474C84
@Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:02CC0035
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:2CB9631F
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:7BFFC6A9
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:43F5FA9D
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:4244811A
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:2A874675
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:FD7DCDA6
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:E6B95E40
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:D1FD226D
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:C900B47A
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:244E4E3A
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:1CD511E5
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:0F64164E
@Alternate Data Stream - 146 bytes -> C:\ProgramData\Temp:00D99749
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:DB2748F7
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:3F266659
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:27A88EF2
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:ED51D3ED
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:FFC3922F
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:FDEE14AC
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:C178954A
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:5FC043A8
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:4A8EB1C4
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:E265ED33
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:94A31742
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:8F76671E
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:6896CCCE
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:164561C8
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:C43C957E
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:4D8FCBEF
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:3D4B733E
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:393F7B1E
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:795F6DEC
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:6CF828C2
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:183A9046
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:0ED1C542
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:041C0562
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:FD11E093
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:BCFEA004
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:B3211C67
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:A798AA1A
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:6ECE93A8
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:62AF94A0
@Alternate Data Stream - 139 bytes -> C:\ProgramData\Temp:5E148FDA
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:BA24E689
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:B139DDF3
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:70BDB805
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:1C201DEB
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:9195103F
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:5E73E1C2
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:BE0654D6
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:78857621
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:474022C7
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:FC70A22A
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:BEF18713
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:BECA50FF
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:A88BE334
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:98CD9221
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:77B64C59
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:3D922890
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:092BD83A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E1410612
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:AABECEFB
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:8855A119
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:404908B5
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:B8791731
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:A819A132
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:A2B3764A
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:9338F136
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:6AF6BB0E
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:53F09A92
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:0860D6D6
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:CB8C8B5D
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:C82CA1C0
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:BBC9C1EB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:52C24010
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:2AE74FF9
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:0C1258F3
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:F68CB1A4
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:C3A047E3
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:1E942FB9
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:120B3AFD
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:EC0279DC
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:D6D084A5
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:A8ADEA55
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:2C86E2AD
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:2A615C9C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:6F0B6A5A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:56FBA78D
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:398EFF0F
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:2F70C0B4
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:12D21A9A
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:114C90CA
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:D621CFB8
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:B3A5945E
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:905BCB57
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:48862C37
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:F9F58B80
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:F89F2593
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:EE2DD6CC
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:B1786630
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:206470A5
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:18E3BAF3
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:12258D63
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:96372A73
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:363E775E
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:2B40A7DB
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:1B96CF22
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:16F4BC64
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:A02025CE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:95079543
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:43CBFAB2
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:32EA849C
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:11590865
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:F860DBFD
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:E3615992
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:6A9CA6CB
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:021703B2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:E8AEB2BF
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:97AAB7F2
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:3C4BD225
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:A42FABF7
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:65137F0D
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:86B7FDDB
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:774A0E14
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:70989864
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:4D551822
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:E8B61305
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:C2F24DB5
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:927EC486
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:E40AB54F
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:A4241298
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:702A7F20
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:6677D85A
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:2BBC2A87
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:15752405
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:1A5822A3
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:10D98D98
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:3D36932D

< End of report >

 

Themen zu Google verweist auf falsche Seiten
adobe, antivir, autorun, avg, avira, babylontoolbar, bho, bingbar, black, dealply, error, explorer, firefox, flash player, format, freeze, google, helper, home, logfile, mozilla, online games, plug-in, realtek, registry, scan, secrets, security, software, symantec, temp, windows


« McAfee Viren,Trojaner Isolieren Fehlgeschlagen Löschen ist nicht möglich C:Windows\assembly\GAC_32\Desktop.ini | Skriptfehler beim anschließen der externen Festplatte »


Ähnliche Themen: Google verweist auf falsche Seiten


  1. Google öffnet falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 20.01.2013 (20)
  2. Google öffnet falsche Seiten
    Log-Analyse und Auswertung - 08.01.2013 (18)
  3. (2x) Google läd falsche Seiten
    Mülltonne - 15.08.2012 (1)
  4. google leitet mich auf falsche Seiten um (google redirect?)
    Log-Analyse und Auswertung - 14.08.2012 (20)
  5. Google verlinkt auf falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 24.12.2011 (4)
  6. google verweist auf falsche seiten
    Log-Analyse und Auswertung - 15.09.2011 (1)
  7. Google lenkt auf falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 27.05.2011 (1)
  8. Google verweist auf falsche Seiten / Block durch Firefox
    Log-Analyse und Auswertung - 15.12.2010 (19)
  9. Google verweist auf falsche Seiten
    Log-Analyse und Auswertung - 15.04.2010 (2)
  10. Google öffnet falsche Seiten
    Log-Analyse und Auswertung - 13.08.2009 (2)
  11. Google verlinkt auf falsche Seiten (auch p****seiten)T_T
    Plagegeister aller Art und deren Bekämpfung - 22.05.2009 (2)
  12. Google zeigt falsche Seiten an
    Log-Analyse und Auswertung - 15.02.2009 (3)
  13. Falsche Seiten bei Google und Co
    Mülltonne - 21.12.2008 (0)
  14. Google verweist auf falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 21.12.2008 (1)
  15. Google verlinkt auf falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 03.12.2008 (11)
  16. Falsche Seiten bei Google
    Log-Analyse und Auswertung - 14.08.2007 (1)
  17. Falsche Seiten bei Google
    Mülltonne - 14.08.2007 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Google verweist auf falsche Seiten - Also. Mein Google verweist mich auf komplett andere Seiten, wenn ich etwas Suche und das Ergebnis anklicke. Sehr makaber. Mal der OTL-Bericht: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created - Google verweist auf falsche Seiten...
Archiv
Du betrachtest: Google verweist auf falsche Seiten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131