Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
claro search bei google chrom

claro search bei google chrom


Plagegeister aller Art und deren Bekämpfung: claro search bei google chrom

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 19.04.2013, 15:40   #1
carolus
 
claro search bei google chrom - Icon19

claro search bei google chrom


Hallo liebes Helferteam,

Aller guten Dinge sind ZWEI, es ist zum Heulen:


Nachdem man mir hier am vergangenen Wochenende mit viel Aufwand den Plagegeist Win32/Zbot.gen!Y wieder vom Hals geschafft hat, hat sich zwischenzeitlich der "claro-search" als feste Instanz im Google Chrome eingenistet. Keine Ahnung, wie das passiert ist. Ich füge schon mal vorsorglich einen "OTL Plot" bei (man kennt das ja!) und bitte freundlichst um Rückmeldung zwecks weiteren Vorgehens.


Code:
ATTFilter
OTL logfile created on: 19.04.2013 16:33:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\karl cornelius\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,87 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 61,13% Memory free
7,73 Gb Paging File | 6,02 Gb Available in Paging File | 77,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 460,81 Gb Total Space | 283,28 Gb Free Space | 61,48% Space Free | Partition Type: NTFS
Drive D: | 359,37 Gb Total Space | 340,09 Gb Free Space | 94,64% Space Free | Partition Type: NTFS
Drive F: | 97,66 Gb Total Space | 51,63 Gb Free Space | 52,87% Space Free | Partition Type: NTFS
Drive G: | 97,66 Gb Total Space | 79,61 Gb Free Space | 81,52% Space Free | Partition Type: NTFS
Drive H: | 48,83 Gb Total Space | 5,12 Gb Free Space | 10,49% Space Free | Partition Type: NTFS
Drive X: | 488,28 Gb Total Space | 441,91 Gb Free Space | 90,50% Space Free | Partition Type: NTFS
Drive Y: | 199,09 Gb Total Space | 189,18 Gb Free Space | 95,02% Space Free | Partition Type: NTFS
Drive Z: | 97,66 Gb Total Space | 32,46 Gb Free Space | 33,24% Space Free | Partition Type: NTFS
 
Computer Name: ACER | User Name: karl cornelius | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.19 16:31:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\karl cornelius\Downloads\OTL.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.20 11:04:50 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.20 11:04:32 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.20 11:04:31 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.01.15 17:35:31 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.16 17:28:42 | 008,167,336 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
PRC - [2012.07.16 17:28:42 | 002,416,040 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2009.12.22 20:28:16 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
PRC - [2009.12.22 20:11:42 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
PRC - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () -- C:\OEM\USBDECTION\USBS3S4Detection.exe
PRC - [2009.10.13 21:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.10.13 21:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.10 15:42:30 | 000,349,480 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
PRC - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
PRC - [2009.08.18 09:27:26 | 000,629,280 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
PRC - [2009.08.13 01:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2009.08.13 00:58:28 | 000,261,888 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2009.08.04 07:09:34 | 000,199,464 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
PRC - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.08.18 09:31:22 | 000,163,840 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
MOD - [2009.08.18 09:27:26 | 000,629,280 | ---- | M] () -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MOD - [2009.02.03 03:33:56 | 000,460,199 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.04.15 18:07:45 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.15 17:56:01 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.20 11:04:50 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.20 11:04:32 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.16 17:28:42 | 002,416,040 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.10.22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.07.09 16:27:02 | 000,159,336 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Windows\SysWOW64\nvvsvc.exe -- (nvsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.09 11:24:16 | 000,076,320 | ---- | M] () [Auto | Running] -- C:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection)
SRV - [2009.10.13 21:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009.09.30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.09.30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.09.10 15:42:46 | 000,305,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009.08.28 11:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.08.25 20:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.08.13 01:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.07.04 04:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013.03.20 11:04:53 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.20 11:04:53 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.20 11:04:53 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.18 09:22:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013.02.13 12:12:06 | 000,076,648 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2012.12.03 08:12:12 | 000,159,232 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.10.13 21:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.23 11:11:04 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.02 13:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.02 13:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.02 13:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 B5 AB D2 E2 B3 CA 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{01C57C48-DAAD-4A04-BEE4-AC717AA2B980}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{28C6345B-761C-40F0-9F5A-D06BDEB04414}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{3ECF5866-6788-41E2-AD4A-109B90C894E1}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368DE368
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = hxxp://search.kikin.com/search/?q={searchTerms}
IE - HKCU\..\SearchScopes\{FF85658B-4123-4FFA-87BE-7B72C5F6E463}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.03.29 11:08:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.06.09 09:04:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 17:56:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.17 14:27:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.03.29 11:08:34 | 000,000,000 | ---D | M]
 
[2012.03.13 15:27:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\Extensions
[2012.03.13 15:27:14 | 000,000,000 | -HSD | M] (No name found) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\Extensions\.BackupManager
[2013.04.14 19:27:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\Firefox\Profiles\fxhi1oxm.default\extensions
[2013.04.04 17:52:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions
[2013.04.04 17:52:05 | 000,000,000 | ---D | M] (Cookie Monster) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{45d8ff86-d909-11db-9705-005056c00008}
[2013.04.04 17:52:06 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\https-everywhere@eff.org
[2013.04.02 13:17:44 | 000,142,907 | ---- | M] () (No name found) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\unplug@compunach.xpi
[2013.04.02 13:17:42 | 000,718,382 | ---- | M] () (No name found) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi
[2013.04.02 13:17:42 | 000,531,916 | ---- | M] () (No name found) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.04.02 13:17:42 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.02 13:17:42 | 000,048,875 | ---- | M] () (No name found) -- C:\Users\karl cornelius\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi
[2013.04.15 17:55:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.15 17:56:01 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.03.12 15:15:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.03.12 15:15:08 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.12 15:15:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.12 15:15:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.12 15:15:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.12 15:15:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Claro Search (Enabled)
CHR - default_search_provider: search_url = hxxp://www.claro-search.com/?q={searchTerms}&affID=114508&tt=4512_6&babsrc=SP_clro&mntrId=646c603600000000000090fba62bf7de
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.claro-search.com/?affID=114508&tt=4512_3&babsrc=HP_clro&mntrId=646c603600000000000090fba62bf7de
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
 
O1 HOSTS File: ([2013.04.14 19:43:52 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\Office10\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A09CCEAA-D877-4711-BE5A-4E8F3FA1C611}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.19 10:35:48 | 002,347,384 | ---- | C] (ESET) -- C:\Users\karl cornelius\Desktop\esetsmartinstaller_enu.exe
[2013.04.19 10:21:17 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{8E9F7C2E-20EF-4B68-95AB-DAE76B331CD6}
[2013.04.18 11:15:41 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\Documents\JABO G 33
[2013.04.18 10:44:44 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{5C8A4850-2338-437B-BAD3-69A9DA893A1A}
[2013.04.17 12:03:49 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Roaming\Q-Dir
[2013.04.17 12:03:45 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\Documents\Favorites_Q_Dir
[2013.04.17 08:55:35 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{810C1699-3C8A-4CEB-9A22-E4106B47E0B3}
[2013.04.16 14:25:32 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{D265D746-7433-4485-98F8-71F4F143AF7B}
[2013.04.15 17:55:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.15 16:13:25 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.04.15 16:10:40 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.04.15 09:05:29 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{4DBDEDA0-5140-4BDB-816A-26BCE442A6C6}
[2013.04.14 21:01:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.04.14 20:26:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Acer
[2013.04.14 19:32:59 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.04.14 10:03:26 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{9FE48701-39D3-44AF-9FAD-7B7FBE3DF5C6}
[2013.04.13 12:14:13 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{29447A18-300D-4E4C-B269-B8276F84AFC5}
[2013.04.12 10:34:19 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{3F25FF70-6578-4C60-89CC-6D33EB29B65B}
[2013.04.11 19:44:14 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\Desktop\Anti  Malware
[2013.04.11 18:56:27 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Roaming\Malwarebytes
[2013.04.11 18:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.04.11 18:56:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.04.11 18:56:22 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.11 18:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.04.11 18:55:51 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\Programs
[2013.04.11 09:17:48 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{DF707174-E292-4BD3-9014-8DA610FB86AA}
[2013.04.10 11:14:42 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{BA5147D2-5770-4158-B5D6-DD873C9E5F8B}
[2013.04.09 16:12:15 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{E3CC361F-8E4B-403A-ACAD-18CA23B17C45}
[2013.04.09 11:46:40 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{A67617E7-1C5E-46E4-BA37-7A4D28CE07E5}
[2013.04.08 16:42:03 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{922956E3-3E64-40CB-BDC7-CF0658FCDC3C}
[2013.04.08 14:52:03 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{50E7D4EF-4033-46B0-AAB6-72F5C1CF3C01}
[2013.04.07 10:44:41 | 000,679,936 | ---- | C] (Flightradar24 AB) -- C:\Users\karl cornelius\Desktop\fr24feed.exe
[2013.04.07 10:14:59 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{F18DB0F2-082D-434F-B811-1DB1E1380E81}
[2013.04.07 09:12:14 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{FA3C843D-CF90-4B30-832A-BB6E46154DF1}
[2013.04.06 09:47:04 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{93614486-D6DB-496A-82E3-88F739A5BAC5}
[2013.04.05 15:08:37 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{E455DF25-62AC-4C3C-A6F4-3326E12425D9}
[2013.04.04 17:52:06 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JonDoFox
[2013.04.04 17:31:23 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JAP
[2013.04.04 17:26:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JAP
[2013.04.04 09:27:54 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{465367AD-69E8-4159-8139-F57948E19BB6}
[2013.04.03 14:21:21 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{5F5CB8B7-E034-4645-BE60-5851977101DA}
[2013.04.02 15:31:20 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{31F03B17-2A5F-45AA-8E42-717CDEA8FE10}
[2013.04.02 11:30:37 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{F89CD984-1B67-4ECF-BB71-5B77CBBAEB2E}
[2013.04.01 08:57:25 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{5F738DE7-ED01-4A76-983C-3B0C2B4018CB}
[2013.03.31 09:37:20 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{F2FE3A5A-7CF7-44C0-8961-7F22683DF0CF}
[2013.03.30 11:20:39 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{54FC3EE9-5854-4A33-91C6-8A7F5AC4A014}
[2013.03.29 10:50:05 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{4D131BDB-C7CF-4EE5-AA3C-EA711FA16A21}
[2013.03.28 11:20:54 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{AF5A2A88-2D53-4D28-A04D-B74125358822}
[2013.03.27 10:27:07 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{7019495A-211F-4EC5-AC45-D4FDDDDC3DD7}
[2013.03.26 10:15:06 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{1F1DAFC5-3E89-4EF2-A223-BA3FE036C4C5}
[2013.03.25 10:13:03 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{174B9EB4-C0B8-48B3-9DAE-044E82384996}
[2013.03.24 09:56:32 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{D3063562-4696-4418-85FC-28054074EABA}
[2013.03.23 13:28:35 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{56B7C5C4-5F7D-4F81-936E-34F094B2F0B4}
[2013.03.22 10:39:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.22 10:12:15 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{37D3B76B-E91F-48E8-AE6F-F68411E2D426}
[2013.03.21 12:22:52 | 000,000,000 | ---D | C] -- C:\Users\karl cornelius\AppData\Local\{00684449-4A90-4E79-9A0C-243AE7B54407}
[2009.11.26 19:31:51 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.19 16:33:05 | 000,001,495 | ---- | M] () -- C:\Users\karl cornelius\Desktop\OTL.exe - Verknüpfung.lnk
[2013.04.19 15:51:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.19 15:39:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.19 14:32:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.19 14:32:52 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.19 14:29:10 | 003,218,641 | ---- | M] () -- C:\Users\karl cornelius\Desktop\Scannen0023.jpg
[2013.04.19 14:25:16 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.19 14:25:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.19 14:25:04 | 3113,558,016 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.19 10:35:48 | 002,347,384 | ---- | M] (ESET) -- C:\Users\karl cornelius\Desktop\esetsmartinstaller_enu.exe
[2013.04.17 16:44:05 | 000,001,422 | ---- | M] () -- C:\Users\karl cornelius\Desktop\Adobe Photoshop Elements 2.0.lnk
[2013.04.17 16:40:46 | 000,001,401 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2013.04.17 14:18:37 | 000,012,857 | ---- | M] () -- C:\Windows\Q-Dir.ini
[2013.04.17 09:03:57 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.17 09:03:57 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.17 09:03:57 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.17 09:03:57 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.17 09:03:57 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.14 19:43:52 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.04.13 11:18:27 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013.04.12 17:47:54 | 000,153,467 | ---- | M] () -- C:\Users\karl cornelius\Desktop\EDDK_1304.zip
[2013.04.11 19:47:14 | 000,001,149 | ---- | M] () -- C:\Users\karl cornelius\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.11 19:46:47 | 000,001,129 | ---- | M] () -- C:\Users\karl cornelius\Desktop\msert.exe - Verknüpfung.lnk
[2013.04.11 10:44:23 | 000,355,664 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.11 10:18:20 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2013.04.11 09:39:29 | 000,002,219 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.04.08 17:19:19 | 000,000,017 | ---- | M] () -- C:\Users\karl cornelius\Desktop\fr24feed.key
[2013.04.07 10:44:41 | 000,679,936 | ---- | M] (Flightradar24 AB) -- C:\Users\karl cornelius\Desktop\fr24feed.exe
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.02 11:31:00 | 000,010,426 | ---- | M] () -- C:\Users\karl cornelius\Desktop\2013-04 mein Plan.pdf
[2013.03.22 16:11:36 | 000,001,228 | ---- | M] () -- C:\Users\karl cornelius\Desktop\Windows Explorer.lnk
[2013.03.21 20:36:06 | 000,000,329 | ---- | M] () -- C:\Users\karl cornelius\Desktop\HP Druckerdiagnosetools.url
 
========== Files Created - No Company Name ==========
 
[2013.04.19 16:33:05 | 000,001,495 | ---- | C] () -- C:\Users\karl cornelius\Desktop\OTL.exe - Verknüpfung.lnk
[2013.04.19 14:30:28 | 003,218,641 | ---- | C] () -- C:\Users\karl cornelius\Desktop\Scannen0023.jpg
[2013.04.17 16:42:52 | 000,001,422 | ---- | C] () -- C:\Users\karl cornelius\Desktop\Adobe Photoshop Elements 2.0.lnk
[2013.04.17 16:40:46 | 000,001,401 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2013.04.17 16:40:45 | 000,001,294 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 2.0.lnk
[2013.04.17 14:27:44 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.04.17 12:03:26 | 000,012,857 | ---- | C] () -- C:\Windows\Q-Dir.ini
[2013.04.15 18:07:45 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.13 11:18:27 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013.04.12 17:47:43 | 000,153,467 | ---- | C] () -- C:\Users\karl cornelius\Desktop\EDDK_1304.zip
[2013.04.11 19:47:14 | 000,001,149 | ---- | C] () -- C:\Users\karl cornelius\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.11 19:46:47 | 000,001,129 | ---- | C] () -- C:\Users\karl cornelius\Desktop\msert.exe - Verknüpfung.lnk
[2013.04.11 10:18:20 | 000,000,118 | ---- | C] () -- C:\Windows\SysNative\MRT.INI
[2013.04.08 16:41:08 | 000,000,017 | ---- | C] () -- C:\Users\karl cornelius\Desktop\fr24feed.key
[2013.04.02 11:31:00 | 000,010,426 | ---- | C] () -- C:\Users\karl cornelius\Desktop\2013-04 mein Plan.pdf
[2013.03.22 16:11:36 | 000,001,228 | ---- | C] () -- C:\Users\karl cornelius\Desktop\Windows Explorer.lnk
[2013.03.21 20:36:06 | 000,000,329 | ---- | C] () -- C:\Users\karl cornelius\Desktop\HP Druckerdiagnosetools.url
[2012.04.23 10:59:24 | 000,033,134 | ---- | C] () -- C:\Users\karl cornelius\AppData\Roaming\UserTile.png
[2011.01.17 11:38:39 | 000,068,118 | ---- | C] () -- C:\Users\karl cornelius\AppData\Local\RAContactHistory.xml
[2010.09.16 09:38:46 | 001,008,462 | ---- | C] () -- C:\Users\karl cornelius\AppData\Roaming\SMRResults130.dat
[2010.02.22 20:57:07 | 000,000,666 | ---- | C] () -- C:\Users\karl cornelius\AppData\Roaming\wklnhst.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.03.13 15:27:20 | 000,000,000 | -HSD | M] -- C:\Users\karl cornelius\AppData\Roaming\.BackupManager
[2012.10.26 19:37:58 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\Amazon
[2013.04.15 19:29:30 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\Audacity
[2012.03.13 15:26:59 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\DriverCure
[2013.01.24 11:40:44 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\DVDVideoSoft
[2012.03.13 15:26:59 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\GameConsole
[2012.03.13 15:26:59 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\GetRightToGo
[2013.04.04 11:47:42 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\JonDo
[2013.04.03 17:24:14 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\ParetoLogic
[2012.03.13 15:27:17 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\PeerNetworking
[2012.03.13 15:27:17 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\PowerCinema
[2013.01.08 12:11:13 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\Priotecs
[2013.04.17 12:06:31 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\Q-Dir
[2012.03.13 15:27:18 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\SoftDMA
[2012.03.13 15:27:18 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\Stellarium
[2012.03.21 20:36:13 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\SumatraPDF
[2012.07.06 14:01:21 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\TeamViewer
[2012.03.13 15:27:19 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\Template
[2012.03.13 15:27:19 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\TuneUp Software
[2012.03.13 15:27:19 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\Uniblue
[2012.03.14 17:55:17 | 000,000,000 | ---D | M] -- C:\Users\karl cornelius\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 

< End of report >


Vielen Dank im Voraus, was wäre ich ohne Euch?
carolus
Geändert von carolus (19.04.2013 um 15:58 Uhr)

 

Themen zu claro search bei google chrom
claro, claro search, google, nodrives, origin, plug-in, search, win32/zbot.gen!y


« protocolmindm Website infiziert → PC oder Mac kompromittiert (FTP Daten gestohlen) | Tastaturen-Wahnsinn »


Ähnliche Themen: claro search bei google chrom


  1. Allerlei Werbung und Pop-Up-Fenster bei Google Chrom
    Plagegeister aller Art und deren Bekämpfung - 10.05.2014 (14)
  2. awesomehp virus in google chrom startseite entfernen
    Log-Analyse und Auswertung - 27.02.2014 (2)
  3. Google chrom offnet sich unkontrolliert
    Plagegeister aller Art und deren Bekämpfung - 10.12.2013 (92)
  4. Windows 7 64bit Google Chrom Fenster Werbung und Tastatur Buchstabensalat
    Alles rund um Windows - 15.09.2013 (1)
  5. Searchnu in Google Chrom und Ie10
    Log-Analyse und Auswertung - 09.05.2013 (11)
  6. Claro - Search entfernen
    Plagegeister aller Art und deren Bekämpfung - 17.01.2013 (20)
  7. Claro search
    Plagegeister aller Art und deren Bekämpfung - 13.01.2013 (4)
  8. Claro Search
    Plagegeister aller Art und deren Bekämpfung - 04.12.2012 (17)
  9. Claro Search
    Plagegeister aller Art und deren Bekämpfung - 29.11.2012 (23)
  10. Claro Search eingfangen :(
    Plagegeister aller Art und deren Bekämpfung - 27.11.2012 (23)
  11. Claro Search
    Plagegeister aller Art und deren Bekämpfung - 22.11.2012 (15)
  12. Claro search entfernen
    Plagegeister aller Art und deren Bekämpfung - 20.11.2012 (12)
  13. Claro-Search
    Plagegeister aller Art und deren Bekämpfung - 16.11.2012 (11)
  14. Claro Search
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (23)
  15. Claro Search
    Log-Analyse und Auswertung - 12.11.2012 (27)
  16. virus auf dem pc search.chatzum.com bei Mozilla Firefox und search.claro.com bei IE
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (1)
  17. MyStart bei Google Chrom Windows XP
    Plagegeister aller Art und deren Bekämpfung - 12.07.2012 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema claro search bei google chrom - Hallo liebes Helferteam, Aller guten Dinge sind ZWEI , es ist zum Heulen: Nachdem man mir hier am vergangenen Wochenende mit viel Aufwand den Plagegeist Win32/Zbot.gen!Y wieder vom Hals geschafft - claro search bei google chrom...
Archiv
Du betrachtest: claro search bei google chrom auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131