| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google Chrome öffnet falsche Webseiten.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.03.2013, 16:29
| #1 |
 |  Google Chrome öffnet falsche Webseiten. Hallo liebe Community. Ich habe seit geraumer Zeit das Problem das ich mit Google Chrome vermehrt auf falsche Webseiten geleitet werde. Ich habe dazu auch schon viel hier im Forum gelesen. Ich habe schon verschiedene Tools probiert Norton Power-Eraser, Spybot und wie die nicht alle heißen. Haben auch alle was gefunden und gelöscht, nur Chrome leitet noch immer falsch. Habe auch schon einen Boot CD von Avira und von Bitdefender laufen lassen, auch da Funde und auch gelöscht, dennoch keine Besserung. Jetzt bin ich mit meinem Latein am Ende und hoffe auf eure Hilfe. Meine Vermutung wäre noch ein Plugin eventuell, da unter Firefox noch nicht solche Weiterleitungen passiert sind. Bitte helft mir Jungs und Mädels ich wäre euch auf ewig Dankbar. Geändert von SuperMerkel (26.03.2013 um 16:55 Uhr) |
|
26.03.2013, 17:31
| #2 | ||
| /// TB-Ausbilder   | Google Chrome öffnet falsche Webseiten. Hallo,
__________________Zitat:
Zitat:
Schauen wir mal rein: Schritt 1 Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.
Bitte poste in deiner nächsten Antwort:
__________________ |
|
26.03.2013, 18:20
| #3 |
| | Google Chrome öffnet falsche Webseiten. Hi, ich habe grade mehrfach versucht zu scannen...jedoch stürzt das Programm immer bei den Firefox-settings ab. Liegt es an 64 bit Habe Windows 7 Home Premium 64 Bit. Kann ich auch ein Log von HijackThis geben?
__________________ |
|
26.03.2013, 18:26
| #4 |
| /// TB-Ausbilder | Google Chrome öffnet falsche Webseiten. Das bleibt ab und zu bei den Firefox Settings hängen, ja. Versuch es bitte nochmals, sonst auch mal im abgesicherten Modus. (Mit HijackThis können wir nichts mehr anfangen, das ist von vorgestern.  )
__________________ cheers, Leo |
|
26.03.2013, 19:25
| #5 |
| | Google Chrome öffnet falsche Webseiten. Hier sind die Logs habe im Abgesicherten Modus gestartet und gescannt. Blieb wieder bei Firefox hängen habe Firefox deinstalliert, dann hat es geklappt. Andere Logs von den anderen Programmen habe ich nicht mehr. Anhang 52205 Hier die OTL (ist zu groß für den Anhang)OTL Logfile: Code:
ATTFilter OTL logfile created on: 26.03.2013 18:40:22 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Mona\System\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,97 Gb Total Physical Memory | 7,17 Gb Available Physical Memory | 89,98% Memory free 15,94 Gb Paging File | 15,18 Gb Available in Paging File | 95,26% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 677,36 Gb Total Space | 511,21 Gb Free Space | 75,47% Space Free | Partition Type: NTFS Computer Name: xxx | User Name: xxx | Logged in as Administrator. Boot Mode: SafeMode | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.03.26 18:03:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mona\System\Desktop\OTL.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2012.08.06 13:27:08 | 000,156,672 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:64bit: - [2012.05.29 12:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp) SRV:64bit: - [2012.04.16 07:44:49 | 000,235,520 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013.03.12 19:21:12 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.03.07 00:32:44 | 000,045,248 | ---- | M] (AVAST Software) [Auto | Stopped] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.12.24 04:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ccSvcHst.exe -- (N360) SRV - [2012.12.18 06:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.10.26 09:44:28 | 001,286,784 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Update\VUAgent.exe -- (VUAgent) SRV - [2012.10.12 14:02:44 | 000,054,760 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService) SRV - [2012.09.28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Disabled | Stopped] -- C:\Program Files (x86)\PANDORA.TV\PanService\PandoraService.exe -- (PanService) SRV - [2012.05.29 12:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2012.05.29 12:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2012.03.30 12:27:14 | 000,237,328 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe -- (McComponentHostServiceSony) SRV - [2012.03.26 08:24:10 | 000,978,056 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService) SRV - [2012.03.21 16:08:20 | 000,112,256 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe -- (DCDhcpService) SRV - [2012.03.07 17:57:46 | 000,065,464 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service) SRV - [2012.02.21 11:41:12 | 000,473,960 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2012.02.09 08:43:45 | 002,429,544 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R) SRV - [2012.02.07 16:53:34 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.02.07 16:53:32 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.02.07 16:52:04 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service) SRV - [2012.02.07 16:27:24 | 000,121,344 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R) SRV - [2012.02.02 21:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Stopped] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2012.01.19 13:40:32 | 000,158,880 | ---- | M] (Atheros) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent) SRV - [2012.01.19 13:22:08 | 000,106,144 | ---- | M] (Atheros Commnucations) [Disabled | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc) SRV - [2012.01.10 12:45:32 | 000,535,688 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV - [2012.01.06 15:44:28 | 000,074,904 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2012.01.06 15:44:26 | 000,138,392 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2011.12.29 15:10:08 | 000,960,160 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2011.12.21 12:55:14 | 000,382,720 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV - [2011.12.21 12:15:06 | 000,550,128 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV - [2011.12.01 09:04:56 | 000,289,952 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV - [2011.11.29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2011.08.26 17:47:26 | 000,101,600 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2011.02.23 13:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.05.14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0) SRV - [2006.12.19 17:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService) ========== Driver Services (SafeList) ========== DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard) DRV:64bit: - [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm) DRV:64bit: - [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr) DRV:64bit: - [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt) DRV:64bit: - [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2013.02.06 07:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) DRV:64bit: - [2013.02.06 07:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) DRV:64bit: - [2013.01.31 04:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symnets.sys -- (SymNetS) DRV:64bit: - [2013.01.31 04:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symefa64.sys -- (SymEFA) DRV:64bit: - [2013.01.29 02:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\srtsp64.sys -- (SRTSP) DRV:64bit: - [2013.01.29 02:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\srtspx64.sys -- (SRTSPX) DRV:64bit: - [2013.01.22 03:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\symds64.sys -- (SymDS) DRV:64bit: - [2013.01.06 20:41:38 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:64bit: - [2013.01.05 11:22:08 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:64bit: - [2012.11.26 18:05:24 | 000,075,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) DRV:64bit: - [2012.11.16 03:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\ironx64.sys -- (SymIRON) DRV:64bit: - [2012.11.16 03:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\1403000.024\ccsetx64.sys -- (ccSet_N360) DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:64bit: - [2012.08.23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV:64bit: - [2012.06.21 15:04:52 | 000,549,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SRS_AE_amd64.sys -- (SRS_AE_Service) DRV:64bit: - [2012.04.16 07:49:00 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService) DRV:64bit: - [2012.04.16 07:45:19 | 000,328,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2012.04.16 07:45:15 | 010,729,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2012.03.15 03:42:06 | 000,421,648 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.02.27 08:34:27 | 000,787,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc) DRV:64bit: - [2012.02.27 08:34:19 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub) DRV:64bit: - [2012.02.27 08:34:16 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs) DRV:64bit: - [2012.02.21 22:27:36 | 002,807,808 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2012.02.16 15:14:57 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:64bit: - [2012.02.09 08:43:54 | 000,340,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR) DRV:64bit: - [2012.02.09 06:34:36 | 000,565,352 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2012.01.19 13:29:32 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV:64bit: - [2012.01.16 10:01:14 | 000,014,336 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2011.11.21 11:52:50 | 000,199,752 | ---- | M] (1&1 Internet AG) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\ui11rdr.SYS -- (ui11rdr) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.11.21 04:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.05.26 13:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV - [2013.02.16 13:04:08 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130325.024\ex64.sys -- (NAVEX15) DRV - [2013.02.16 13:04:08 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\VirusDefs\20130325.024\eng64.sys -- (NAVENG) DRV - [2013.02.05 09:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2013.01.16 03:51:11 | 001,388,120 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\20130301.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2013.01.06 21:07:46 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2013.01.04 16:28:04 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\20130323.001\IDSviA64.sys -- (IDSVia64) DRV - [2012.10.24 15:05:28 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2011.09.22 17:10:46 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=N360&pvid=6.0.0.145 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=N360&pvid=6.0.0.145 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=N360&pvid=6.0.0.145 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=N360&pvid=6.0.0.145 IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data] IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.de/ IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\..\SearchScopes\{20CF68C2-38E5-4F02-99D2-A588ECFABA66}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q212&_nkw={searchTerms} IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language} IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files (x86)\Picasa2\npPicasa2.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Picasa2\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: File not found FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: C:\Users\Mona\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( ) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Mona\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Mona\AppData\Local\Google\Update\1.3.21.129\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\coFFPlgn\ [2013.03.26 18:32:12 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\IPSFFPlgn\ [2013.01.06 20:45:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013.03.16 19:45:02 | 000,000,000 | ---D | M] [2012.07.21 10:34:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mona\AppData\Roaming\mozilla\Extensions ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = https://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs CHR - default_search_provider: suggest_url = https://www.google.com/complete/search?q={searchTerms}, CHR - homepage: hxxp://home.sweetim.com/?crg=3.1010000&st=12&barid={0FB7145D-931B-47EE-BAD5-52F3CCDA1FEF} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mona\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Mona\AppData\Local\Google\Chrome\Application\25.0.1364.97\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Mona\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Mona\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll CHR - plugin: Wajam (Enabled) = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0\plugins/PriamNPAPI.dll CHR - plugin: Norton Confidential (Enabled) = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.5.11_0\npcoplgn.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Picasa2\npPicasa2.dll CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Picasa2\npPicasa3.dll CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Mona\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: Google Translate = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\ CHR - Extension: IconSmash - Kostenlose Icons = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahphhkpleajnegckhjiogcpojdjimcob\1.0.2.1_0\ CHR - Extension: Live Online TV 24/7 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpdghbhngcicphgfmefdjhcdflpjhdi\1.0_0\ CHR - Extension: Facebook Video Downloader Pro = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf\1.3_0\ CHR - Extension: TV = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\ CHR - Extension: Sothink Flash Downloader for Chrome = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\biceobciobbhhkplgocbaigojbnepcoi\1.0.24_0\ CHR - Extension: YouTube = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Custom Facebook Covers = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnndmembfcdblfnoeloeanfaopbmkgep\1.23_0\ CHR - Extension: Adblock Plus = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ CHR - Extension: Earth for Chrome = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiocoehplocalbhdpckfoiameeefkna\1.4_0\ CHR - Extension: PutlockerDownloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjemlkofidkigbdjmchocinknjllbalk\1.4_0\ CHR - Extension: Image Downloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\ CHR - Extension: Google-Suche = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Web Video Downloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibgkpdedblklkogkjnndhcbgobpkpjj\2.2_0\ CHR - Extension: Google+ = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.0.1.424_0\ CHR - Extension: Sketch Toy = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ednofnkligfbacmlfggaccfhpkfopojb\1.2.0_0\ CHR - Extension: Best Movies = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbdamfeeecmpbegnfnagmniapfiidmmc\1.1.1_0\ CHR - Extension: YouTube to MP3 Converter = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhehheceoogcikdekoompmiohddknahi\0.1.6_0\ CHR - Extension: SmileysWeLove - Fantastic Smileys f\u00FCr jeden Anlass = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.0.0.0_0\ CHR - Extension: HD Tv = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdphnleahbbooddgjimkaoibgpipekml\3.7.6_0\ CHR - Extension: Vimeo\u2122 Download Videos = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\geeljcibkkackafmeepgadbfgmpjmdeg\2.4_0\ CHR - Extension: Social Translate = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\giljlmclogpacbccpelmggfcjnickhhf\1.0.4_0\ CHR - Extension: i2Symbol - Emoticons, Smileys, Symbols = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\gponajbpomilcmbmfoipobkikeopjjhp\2.2_0\ CHR - Extension: YouTube to MP3 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\hogedjehjoddkhhdemenmmbcfmmipplf\1.0_0\ CHR - Extension: avast! WebRep = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\ CHR - Extension: Wood-7 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieinhcgomaoikbidgmbhjkcedelgipmi\1.0_0\ CHR - Extension: Social Fixer for Facebook = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb\7.501_0\ CHR - Extension: instant translate = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke\1.7.3_0\ CHR - Extension: National Geographic - Photo of the day = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\illknggkfnjpkignckhmeiibfmeobfng\2.0_0\ CHR - Extension: Quick Earth = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\khodocggeplgfhppgagfdpbjkniadmdh\3.6_0\ CHR - Extension: Google Play = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\ CHR - Extension: Free Tv = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\laadlihencjdilggiacoacaleijdfjkm\1.0.0_0\ CHR - Extension: FVD Video Downloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.0.3_0\ CHR - Extension: Facebook\u2122 Video Download = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfolichbbjjndhfjhjnahjhkjmfdkahi\3.0.0.0_0\ CHR - Extension: Google Maps = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\ CHR - Extension: Space TV = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\mclkmgodgigjnbfkbobclaaafjmldcdo\1.1_0\ CHR - Extension: Web Noire = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdijlebpdiimcjojcbkpmcpfabignf\7_0\ CHR - Extension: Google Mail-Checker = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\ CHR - Extension: Norton Identity Protection = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0\ CHR - Extension: Email Backgrounds, Email Stationery = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nepmejfbdnfgkkeklbhejggabembdfmo\1_0\ CHR - Extension: YouTube MP3 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmghicmdofaaocopbneacnhbkpdcieo\2.0_0\ CHR - Extension: PhotoFunia = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnehienhdpajabikpikmifcdmnddjol\1_0\ CHR - Extension: Synology Download Station for Google Chrome\u2122 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhbegdkgonhlokobjefolhpoidcnida\1.6.2_0\ CHR - Extension: Facebook Chat Smiley = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pijhmhknlfbdliicpolmamkgppljfpgp\2.3_0\ CHR - Extension: Speichern Sie Ihre Videos = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pipiejpiplliidbnncmckaljhhchoihc\1.2_0\ CHR - Extension: Google Mail = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: Youtube Video Downloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkjmcemfclknickphlnildkminphlcmf\1.2_0\ CHR - Extension: Google Translate = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\ CHR - Extension: IconSmash - Kostenlose Icons = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahphhkpleajnegckhjiogcpojdjimcob\1.0.2.1_0\ CHR - Extension: Live Online TV 24/7 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpdghbhngcicphgfmefdjhcdflpjhdi\1.0_0\ CHR - Extension: Facebook Video Downloader Pro = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\amjcoehkcacocffpmhnefgoeanepjfkf\1.3_0\ CHR - Extension: TV = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\ CHR - Extension: Sothink Flash Downloader for Chrome = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\biceobciobbhhkplgocbaigojbnepcoi\1.0.24_0\ CHR - Extension: YouTube = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Custom Facebook Covers = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnndmembfcdblfnoeloeanfaopbmkgep\1.23_0\ CHR - Extension: Adblock Plus = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0\ CHR - Extension: Earth for Chrome = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiocoehplocalbhdpckfoiameeefkna\1.4_0\ CHR - Extension: PutlockerDownloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjemlkofidkigbdjmchocinknjllbalk\1.4_0\ CHR - Extension: Image Downloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj\1.3_0\ CHR - Extension: Google-Suche = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Web Video Downloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\dibgkpdedblklkogkjnndhcbgobpkpjj\2.2_0\ CHR - Extension: Google+ = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm\1.0.1.424_0\ CHR - Extension: Sketch Toy = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ednofnkligfbacmlfggaccfhpkfopojb\1.2.0_0\ CHR - Extension: Best Movies = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbdamfeeecmpbegnfnagmniapfiidmmc\1.1.1_0\ CHR - Extension: YouTube to MP3 Converter = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhehheceoogcikdekoompmiohddknahi\0.1.6_0\ CHR - Extension: SmileysWeLove - Fantastic Smileys f\u00FCr jeden Anlass = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl\3.0.0.0_0\ CHR - Extension: HD Tv = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdphnleahbbooddgjimkaoibgpipekml\3.7.6_0\ CHR - Extension: Vimeo\u2122 Download Videos = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\geeljcibkkackafmeepgadbfgmpjmdeg\2.4_0\ CHR - Extension: Social Translate = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\giljlmclogpacbccpelmggfcjnickhhf\1.0.4_0\ CHR - Extension: i2Symbol - Emoticons, Smileys, Symbols = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\gponajbpomilcmbmfoipobkikeopjjhp\2.2_0\ CHR - Extension: YouTube to MP3 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\hogedjehjoddkhhdemenmmbcfmmipplf\1.0_0\ CHR - Extension: avast! WebRep = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\8.0.1483_0\ CHR - Extension: Wood-7 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieinhcgomaoikbidgmbhjkcedelgipmi\1.0_0\ CHR - Extension: Social Fixer for Facebook = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb\7.501_0\ CHR - Extension: instant translate = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke\1.7.3_0\ CHR - Extension: National Geographic - Photo of the day = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\illknggkfnjpkignckhmeiibfmeobfng\2.0_0\ CHR - Extension: Quick Earth = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\khodocggeplgfhppgagfdpbjkniadmdh\3.6_0\ CHR - Extension: Google Play = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\ CHR - Extension: Free Tv = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\laadlihencjdilggiacoacaleijdfjkm\1.0.0_0\ CHR - Extension: FVD Video Downloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.0.3_0\ CHR - Extension: Facebook\u2122 Video Download = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfolichbbjjndhfjhjnahjhkjmfdkahi\3.0.0.0_0\ CHR - Extension: Google Maps = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.7_0\ CHR - Extension: Space TV = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\mclkmgodgigjnbfkbobclaaafjmldcdo\1.1_0\ CHR - Extension: Web Noire = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhpdijlebpdiimcjojcbkpmcpfabignf\7_0\ CHR - Extension: Google Mail-Checker = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\ CHR - Extension: Norton Identity Protection = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0\ CHR - Extension: Email Backgrounds, Email Stationery = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nepmejfbdnfgkkeklbhejggabembdfmo\1_0\ CHR - Extension: YouTube MP3 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlmghicmdofaaocopbneacnhbkpdcieo\2.0_0\ CHR - Extension: PhotoFunia = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\obnehienhdpajabikpikmifcdmnddjol\1_0\ CHR - Extension: Synology Download Station for Google Chrome\u2122 = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhbegdkgonhlokobjefolhpoidcnida\1.6.2_0\ CHR - Extension: Facebook Chat Smiley = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pijhmhknlfbdliicpolmamkgppljfpgp\2.3_0\ CHR - Extension: Speichern Sie Ihre Videos = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pipiejpiplliidbnncmckaljhhchoihc\1.2_0\ CHR - Extension: Google Mail = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ CHR - Extension: Youtube Video Downloader = C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkjmcemfclknickphlnildkminphlcmf\1.2_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\20.3.0.36\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft Device Center\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000..\Run: [1&1_1&1 Upload-Manager] C:\Program Files (x86)\1&1\1&1 Upload-Manager\DAVSRV.EXE (1&1 Internet AG) O4 - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000..\Run: [Epson Stylus Photo PX720WD(Netzwerk)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGYE.EXE /FU "C:\Windows\TEMP\E_S709D.tmp" /EF "HKCU" File not found O4 - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung) O4 - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe () O4 - HKU\.DEFAULT..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found O4 - HKU\.DEFAULT..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f File not found O4 - HKU\S-1-5-18..\RunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\S-1-5-21-3659533354-3359810710-1487815128-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A1A82B1-60C5-495A-9BEB-E44748905A2E}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2013.03.02 22:02:06 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (sdnclean64.exe) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.26 18:03:48 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mona\System\Desktop\OTL.exe [2013.03.26 16:00:54 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{F105C3F2-7894-4FF5-AB26-B10D8AED6E1E} [2013.03.25 13:46:37 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{8E02D474-F1B4-4804-B06D-3B0EEDC82EC8} [2013.03.24 20:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123 Free Solitaire [2013.03.24 20:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\123 Free Solitaire [2013.03.23 18:09:30 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{E97489DB-F39B-47D1-8502-D3FE4D627CDA} [2013.03.22 11:06:57 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{E671EEEF-74B4-4EDD-AD27-E2DC2774296D} [2013.03.21 20:01:25 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{F0910553-D6EF-4BFF-B232-E356CCC006BB} [2013.03.21 08:01:14 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{8484016B-56B5-4351-AEC7-B677B3B2BC77} [2013.03.20 20:16:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2013.03.20 20:00:26 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{102B011D-35EA-46CC-85AE-CF2C53A0A13B} [2013.03.20 08:00:14 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{D121274C-4FCF-4A58-8001-05282FCA62E7} [2013.03.19 16:07:13 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{0C5D38F2-18A3-4A86-B758-85435E6295CD} [2013.03.17 21:33:25 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{FA617DCB-43CA-461E-937A-383C129FF4DB} [2013.03.17 20:57:25 | 000,000,000 | ---D | C] -- C:\Users\Mona\Galaxy S III - Backup [2013.03.17 19:55:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2013.03.17 19:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec [2013.03.17 19:55:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec [2013.03.17 19:53:45 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe [2013.03.16 19:45:33 | 000,033,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.03.16 19:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2013.03.16 19:45:32 | 000,377,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.03.16 19:45:29 | 000,070,992 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.03.16 19:45:26 | 001,025,808 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.03.16 19:45:26 | 000,068,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.03.16 19:45:11 | 000,287,840 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.03.16 19:45:11 | 000,080,816 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.03.16 19:44:54 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2013.03.16 19:44:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2013.03.16 19:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2013.03.16 19:05:22 | 000,000,000 | ---D | C] -- C:\Users\Mona\Start Menu [2013.03.16 07:30:42 | 004,546,560 | ---- | C] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2013.03.15 13:35:45 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{34B77892-4542-4C53-8F7E-63F7E6470726} [2013.03.14 20:22:39 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{52A72912-B91E-4F24-9AE8-9E4624F9106B} [2013.03.14 19:38:33 | 000,000,000 | ---D | C] -- C:\Users\Mona\Apps [2013.03.14 17:32:52 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.03.14 17:32:40 | 000,000,000 | ---D | C] -- C:\JRT [2013.03.14 16:53:35 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Roaming\Malwarebytes [2013.03.14 16:53:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.14 08:22:28 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{27EAE630-CFCB-41E4-8E57-3D3D44BE300F} [2013.03.12 11:12:56 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{3A675186-60B1-422A-AD47-457668025C7A} [2013.03.11 17:51:46 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{2A211EAF-C4CF-4BE0-81D6-0CC6F48E7F85} [2013.03.10 16:55:43 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{177A7C30-CDAD-4731-B695-C6F86D2ED56F} [2013.03.10 16:31:49 | 000,000,000 | ---D | C] -- C:\Users\Mona\Programme [2013.03.09 17:50:38 | 000,000,000 | ---D | C] -- C:\Users\Mona\Favoriten [2013.03.09 17:37:48 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{A7342111-866E-4924-908B-644B28120B52} [2013.03.08 22:05:31 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{C66A4697-CCF9-4390-88AD-D6B76C1949A4} [2013.03.08 10:05:21 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{8D971786-9FE5-48C8-863B-A9F4589BEB3A} [2013.03.07 17:13:54 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{8F4AA8B4-C80E-488B-B9AA-B3B84E6EFCE7} [2013.03.06 21:21:01 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{85974784-5B28-4207-8E53-4BA0D5FD8A62} [2013.03.06 09:20:50 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{9F6AB67A-F36B-4479-A231-EB0A4C0C4C10} [2013.03.05 16:09:03 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{D83D2CBC-0ACD-420C-A41B-83887F0469A5} [2013.03.05 07:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\adaware [2013.03.04 21:54:26 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{55D4DAD3-9C45-4439-9435-2CFB84E79396} [2013.03.04 20:27:33 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Roaming\IObit [2013.03.04 20:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit [2013.03.04 19:47:46 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Roaming\FreeFixer [2013.03.04 09:54:15 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{6475C432-A331-454B-B1B8-83EBAE8F9DCE} [2013.03.03 19:32:46 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{F21B973B-BA2E-4C23-B919-E488BB12DE97} [2013.03.02 23:03:40 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\Programs [2013.03.02 18:23:03 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{2ACA7170-A8D6-4D0F-824E-5B3EBADE6F19} [2013.03.02 12:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony [2013.03.02 12:37:27 | 000,000,000 | RH-D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care [2013.03.01 20:03:46 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{31988FAC-FE57-4520-904B-42D25CA90BA0} [2013.03.01 08:03:36 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{A9710DF1-625A-4571-9C7A-54254BFFB9A0} [2013.02.28 11:46:20 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{FD518DFE-74EB-4B28-984F-E798F1F54C12} [2013.02.28 10:56:04 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll [2013.02.28 10:56:04 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msmpeg2vdec.dll [2013.02.28 10:56:04 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll [2013.02.28 10:56:04 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll [2013.02.28 10:56:02 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll [2013.02.28 10:56:02 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll [2013.02.28 10:56:01 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2013.02.28 10:56:01 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.02.28 10:56:01 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.02.28 10:56:01 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll [2013.02.28 10:56:01 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll [2013.02.28 10:56:01 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll [2013.02.28 10:56:01 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll [2013.02.28 10:56:01 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll [2013.02.28 10:56:01 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll [2013.02.28 10:56:01 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll [2013.02.28 10:56:01 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.28 10:56:01 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.28 10:56:01 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.28 10:56:01 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.28 10:56:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.28 10:56:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.28 10:56:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.28 10:56:01 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.28 10:56:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.28 10:56:01 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.28 10:56:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.28 10:56:01 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.28 10:56:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.28 10:56:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.28 10:56:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.28 10:56:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.28 10:56:01 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.28 10:56:01 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.28 10:56:00 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2013.02.28 10:56:00 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll [2013.02.28 10:56:00 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2013.02.28 10:56:00 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.02.28 10:56:00 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll [2013.02.28 10:56:00 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll [2013.02.28 10:56:00 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll [2013.02.28 10:54:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.02.28 10:54:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.02.28 10:54:20 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.02.28 10:54:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.02.28 10:54:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.02.28 10:54:19 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.02.28 10:54:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.02.28 10:54:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.02.28 10:54:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.02.28 10:54:18 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.02.28 10:54:18 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.02.28 10:54:18 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.02.28 10:54:17 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.02.28 10:54:17 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.02.28 10:54:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.02.27 12:37:54 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{C4DDA094-CA17-4976-8CCB-14FC3CE0FBBE} [2013.02.26 19:23:04 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{A223D947-5285-4EB7-96AB-A3C7C9762485} [2013.02.26 07:22:52 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{4B9DA2A7-F04C-47EC-A2D2-93D42E5DD440} [2013.02.25 12:46:23 | 000,000,000 | ---D | C] -- C:\Users\Mona\AppData\Local\{9A10287A-CC84-4D7B-9BD5-3BCA93BBDD4F} [2012.08.22 22:56:22 | 000,729,088 | ---- | C] (BMI-Rechner.net) -- C:\Program Files (x86)\BMI-Rechner.exe [2012.07.21 16:23:48 | 006,108,728 | ---- | C] (Google Inc.) -- C:\Program Files (x86)\picasaweb-current-setup.exe [2012.07.21 16:23:24 | 001,291,624 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\wlsetup-web.exe [2002.12.27 10:47:26 | 001,059,840 | ---- | C] (Auto FX Software) -- C:\Program Files (x86)\DS_Bonus_Plugin.8bf [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.26 18:37:11 | 001,622,792 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.03.26 18:37:11 | 000,700,694 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.03.26 18:37:11 | 000,655,406 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.03.26 18:37:11 | 000,149,490 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.03.26 18:37:11 | 000,122,278 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.03.26 18:32:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.26 18:32:50 | 2124,173,311 | -HS- | M] () -- C:\hiberfil.sys [2013.03.26 18:18:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.26 18:03:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mona\System\Desktop\OTL.exe [2013.03.26 15:46:52 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.26 15:46:52 | 000,020,992 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.18 19:30:56 | 000,002,176 | ---- | M] () -- C:\{BD1E3629-F38D-4513-B927-4B28CA591C1E} [2013.03.18 19:28:58 | 000,002,496 | ---- | M] () -- C:\{E01207F1-FD85-442F-95F1-CBDE4440BDAB} [2013.03.18 08:33:09 | 001,856,619 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403000.024\Cat.DB [2013.03.17 20:00:22 | 001,643,706 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.03.16 21:16:22 | 000,002,664 | ---- | M] () -- C:\{33F4B9A3-839B-4601-8392-DD94646E5AB9} [2013.03.16 19:45:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2013.03.16 18:56:27 | 002,919,896 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.03.16 18:55:24 | 002,047,238 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB [2013.03.16 07:30:42 | 004,546,560 | ---- | M] (Google Inc.) -- C:\Windows\SysWow64\GPhotos.scr [2013.03.12 19:20:55 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.03.12 19:20:55 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.03.07 00:33:21 | 001,025,808 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2013.03.07 00:33:21 | 000,377,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2013.03.07 00:33:21 | 000,178,624 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.03.07 00:33:21 | 000,070,992 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2013.03.07 00:33:21 | 000,068,920 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2013.03.07 00:33:21 | 000,065,336 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.03.07 00:33:20 | 000,080,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2013.03.07 00:33:20 | 000,033,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2013.03.07 00:32:51 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2013.03.07 00:32:22 | 000,287,840 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2013.03.06 08:56:55 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\N360x64\1403000.024\VT20130115.021 [2013.03.02 23:40:48 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.02 23:40:48 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.02 22:02:06 | 000,000,000 | ---- | M] () -- C:\autoexec.bat [2013.02.28 10:59:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.24 20:45:15 | 000,001,009 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\123 Free Solitaire.lnk [2013.03.18 19:30:54 | 000,002,176 | ---- | C] () -- C:\{BD1E3629-F38D-4513-B927-4B28CA591C1E} [2013.03.18 19:28:55 | 000,002,496 | ---- | C] () -- C:\{E01207F1-FD85-442F-95F1-CBDE4440BDAB} [2013.03.17 19:53:45 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll [2013.03.17 19:53:45 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys [2013.03.16 21:15:55 | 000,002,664 | ---- | C] () -- C:\{33F4B9A3-839B-4601-8392-DD94646E5AB9} [2013.03.16 19:45:26 | 000,178,624 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys [2013.03.16 19:45:17 | 000,065,336 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys [2013.03.16 19:45:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2013.03.15 09:00:40 | 002,047,238 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB [2013.03.02 22:02:06 | 000,000,000 | ---- | C] () -- C:\autoexec.bat [2013.03.02 12:37:27 | 000,002,017 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care.lnk [2013.02.28 10:59:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_dc3d_01011.Wdf [2012.09.27 15:55:45 | 000,003,584 | ---- | C] () -- C:\Users\Mona\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.27 15:14:12 | 093,976,064 | ---- | C] () -- C:\Program Files (x86)\Samsung Kies.msi [2012.09.27 15:14:12 | 000,021,494 | ---- | C] () -- C:\Program Files (x86)\0x0409.ini [2012.09.27 15:14:12 | 000,003,584 | ---- | C] () -- C:\Program Files (x86)\1033.MST [2012.09.16 19:59:50 | 002,300,672 | ---- | C] () -- C:\Windows\SysWow64\libintl-8.dll [2012.09.16 19:59:50 | 000,289,739 | ---- | C] () -- C:\Windows\SysWow64\libmp3splt-0.dll [2012.09.16 19:59:50 | 000,261,438 | ---- | C] () -- C:\Windows\SysWow64\libsplt_mp3-0.dll [2012.09.16 19:59:50 | 000,197,337 | ---- | C] () -- C:\Windows\SysWow64\libmad-0.dll [2012.09.16 19:59:50 | 000,174,716 | ---- | C] () -- C:\Windows\SysWow64\libid3tag.dll [2012.09.16 19:59:50 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\mp3splt.exe [2012.09.16 19:59:50 | 000,061,211 | ---- | C] () -- C:\Windows\SysWow64\libltdl-7.dll [2012.09.16 19:59:50 | 000,045,245 | ---- | C] () -- C:\Windows\SysWow64\mp3wrap.exe [2012.08.28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2012.08.28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2012.08.28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2012.08.28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2012.08.28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2012.07.24 21:52:41 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI [2012.07.24 09:15:16 | 000,002,131 | ---- | C] () -- C:\Program Files (x86)\Epson Easy Photo Print.lnk [2012.07.24 09:10:33 | 000,000,858 | ---- | C] () -- C:\Program Files (x86)\Print CD.lnk [2012.07.24 09:03:32 | 000,000,934 | ---- | C] () -- C:\Program Files (x86)\EPSON Scan.lnk [2012.07.21 16:22:27 | 006,379,344 | ---- | C] () -- C:\Program Files (x86)\EssentialPIM4.exe [2012.07.21 15:21:44 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll [2012.07.21 11:22:59 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat [2012.07.21 11:22:59 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat [2012.05.02 03:28:02 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll [2012.05.02 01:40:26 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.04.16 08:11:19 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.04.16 08:11:19 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.04.16 08:11:19 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.02.02 21:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll [2012.02.02 20:29:52 | 000,066,688 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll [2012.02.02 20:29:48 | 000,061,568 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84 @Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:C64BF02A @Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:DFC5A2B2 < End of report > |
|
26.03.2013, 19:35
| #6 | |
| /// TB-Ausbilder | Google Chrome öffnet falsche Webseiten. Uff, da sind ja viele Chrome Extensions.. Jetzt schauen wir zuerst, ob die Ursache sonst wo liegt und sonst müssen wir dann wirklich diese Extensions und Plugins genauer unter die Lupe nehmen.. (Wieder im normalen Modus ausführen.) Schritt 1 Downloade dir bitte AdwCleaner und speichere es auf deinen Desktop.
Schritt 2 Warnung für Mitleser: Combofix sollte nur dann ausgeführt werden, wenn dies explizit von einem Teammitglied angewiesen wurde! Downloade dir bitte Combofix.
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
Schritt 3 Starte bitte die OTL.exe.
Bitte poste in deiner nächsten Antwort:
__________________ --> Google Chrome öffnet falsche Webseiten. |
|
26.03.2013, 21:04
| #7 |
| | Google Chrome öffnet falsche Webseiten. Hier die Logs Combofix ist über 1 MB groß und hat ein haufen gelöscht hier geht grade garnix mehr. AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.115 - Datei am 26/03/2013 um 19:49:07 erstellt
# Aktualisiert am 17/03/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : xxx
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Mona\System\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage
Datei Gelöscht : C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_home.sweetim.com_0.localstorage-journal
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16464
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Google Chrome v25.0.1364.97
Datei : C:\Users\Mona\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.3774] : homepage = "hxxp://home.sweetim.com/?crg=3.1010000&st=12&barid={0FB7145D-931B-47EE-BAD5-52F3CCDA[...]
-\\ Opera v12.0.1467.0
Datei : C:\Users\Mona\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [2393 octets] - [26/03/2013 19:49:07]
########## EOF - C:\AdwCleaner[S1].txt - [2453 octets] ##########
|
|
26.03.2013, 21:49
| #8 |
| /// TB-Ausbilder | Google Chrome öffnet falsche Webseiten. Hallo, hast du das Combofix-Log? Kannst du es posten? (Wenn es zu gross ist, dann in ein zip-File packen und anhängen.)
__________________ cheers, Leo |
|
27.03.2013, 10:18
| #9 |
| | Google Chrome öffnet falsche Webseiten. Ja gute Idee, das ich da nicht darauf gekommen bin. Es hat alles verändert habe einen Wiederherstellungspunkt geladen, den vor der Scannerei. Wie kann ich das mit Combofix rückgänig machen? Die Log-Datei ist im Anhang. |
|
27.03.2013, 10:32
| #10 |
| /// TB-Ausbilder | Google Chrome öffnet falsche Webseiten. Ja, da hat sich Combofix gewaltig vertan.. Wie ist denn jetzt die Situation nach der Rücksetzung auf den Wiederherstellungspunkt? Funktioniert alles wieder? Oder fehlen weiterhin all die gelöschten Dateien?
__________________ cheers, Leo |
|
27.03.2013, 11:17
| #11 |
| | Google Chrome öffnet falsche Webseiten. Ja es fehlt ein haufen Zeug. Bilder sind doppelt und jedes Bild in einen eigenen Ordner. Die Musik hat zum Teil keine Endung mehr (kann man ja .MP3 anfügen was auch klappt). Im moment ist hier absolutes Chaos. Ich versuche es noch über "Ordner Vorgängerversion wiederherstellen" vielleicht geht das. Hast du sonst noch eine Idee. |
|
27.03.2013, 11:31
| #12 |
| /// TB-Ausbilder | Google Chrome öffnet falsche Webseiten. Bitte ab jetzt keine Alleingänge ohne Absprache mehr!! Wenn Combofix einen Fehler macht, dann kann ich das problemlos wieder rückgängig machen. Sobald du aber beginnst, selber Dinge zu verändern und Systemwiederherstellungen durchzuführen, wird es sehr viel schwieriger für mich. Deshalb bitte die Ruhe bewahren und nur noch jeweils die Situation und die Probleme, die du bemerkst, schildern, ohne sie gleich selbst beheben zu wollen. Wir versuchen jetzt zuerst mal was. Tauchen danach die verschwundenen Files wieder auf? Schritt 1 Hinweis für Mitleser: Folgendes ComboFix Skript ist ausschliesslich für diesen User in dieser Situtation erstellt worden. Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________ cheers, Leo |
|
27.03.2013, 11:36
| #13 |
| | Google Chrome öffnet falsche Webseiten. Systemwiederherstellung ist bereits getan. Wurde gestern gleich als erstes gemacht. |
|
27.03.2013, 11:39
| #14 | |
| /// TB-Ausbilder | Google Chrome öffnet falsche Webseiten.Zitat:
Was passiert, wenn du den angegebenen Schritt durchführst?
__________________ cheers, Leo |
|
27.03.2013, 11:41
| #15 |
| | Google Chrome öffnet falsche Webseiten. Habe ich noch nicht ausgeführt. |
|
| Themen zu Google Chrome öffnet falsche Webseiten. |
| avira, bitdefender, boot, defender, falsche, firefox, forum, gelöscht, gen, google, helft, hoffe, latein, laufen, liebe, norton, plugin, problem, spybot, tools, vermehrt, verschiedene, webseite, webseiten, öffnet |
Linear-Darstellung
