Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Plagegeister aller Art und deren Bekämpfung: Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 20.05.2010, 15:12   #16
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Combofix - Scripten

1. Starte das Notepad (Start / Ausführen / notepad[Enter])

2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein.

Code:
ATTFilter
KILLALL:

File::
c:\windows\system32\drivers\OV9655S.SET

Filelook::
c:\program files\Acronis\TrueImageHome\timountermonitor .exe
c:\program files\Acronis\TrueImageHome\TrueImageMonitor .exe
c:\program files\Adobe\Reader 9.0\Reader\reader_sl .exe
c:\program files\Common Files\Acronis\Schedule2\schedhlp .exe
c:\program files\Common Files\Adobe\ARM\1.0\adobearm .exe
c:\program files\Intel\AMT\atchk .exe
c:\program files\Lenovo Fingerprint Software\fpapp .exe
c:\program files\Microsoft Office\Office12\groovemonitor .exe
c:\program files\PGWARE\SuperRam\superramtray .exe
c:\program files\QSoft\Autorun Kicker\_autorunkicker .exe
c:\program files\Skype\Phone\skype .exe
c:\program files\Smart Battery\smbtray .exe
c:\program files\Trojan Remover\trjscan .exe
c:\program files\Unlocker\UnlockerAssistant  .exe
c:\program files\Windows Sidebar\sidebar .exe

Driver::
KeyAgent
ntiomin
3. Speichere im Notepad als CFScript.txt auf dem Desktop.

4. Deaktivere den Guard Deines Antivirenprogramms und eine eventuell vorhandene Software Firewall.
(Auch Guards von Ad-, Spyware Programmen und den Tea Timer (wenn vorhanden) !)

5. Dann ziehe die CFScript.txt auf die cofi.exe, so wie es im unteren Bild zu sehen ist. Damit wird Combofix neu gestartet.



6. Nach dem Neustart (es wird gefragt ob Du neustarten willst), poste bitte die folgenden Log Dateien:
Combofix.txt

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.05.2010, 16:35   #17
roadrunner14
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


erledigt, hier das log:

Code:
ATTFilter
ComboFix 10-05-19.03 - roadrunner1405 20.05.2010  17:02:22.3.2 - x86
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.49.1031.18.2006.888 [GMT 2:00]
ausgeführt von:: c:\users\roadrunner1405\Desktop\cofi.exe
Benutzte Befehlsschalter :: c:\users\roadrunner1405\Desktop\CFScript.txt

FILE ::
"c:\windows\system32\drivers\OV9655S.SET"
.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\drivers\OV9655S.SET

.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_KEYAGENT
-------\Legacy_NTIOMIN
-------\Service_KeyAgent
-------\Service_ntiomin


(((((((((((((((((((((((   Dateien erstellt von 2010-04-20 bis 2010-05-20  ))))))))))))))))))))))))))))))
.

2010-05-20 15:11 . 2010-05-20 15:15	--------	d-----w-	c:\users\roadrunner1405\AppData\Local\temp
2010-05-20 15:11 . 2010-05-20 15:11	--------	d-----w-	c:\users\Public\AppData\Local\temp
2010-05-20 15:11 . 2010-05-20 15:11	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2010-05-20 15:11 . 2010-05-20 15:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2010-05-20 15:11 . 2010-05-20 15:11	--------	d-----w-	c:\users\Classic .NET AppPool\AppData\Local\temp
2010-05-20 08:20 . 2010-05-20 08:20	--------	d-----w-	C:\_OTL
2010-05-19 17:38 . 2010-05-19 17:38	--------	d-----w-	c:\users\roadrunner1405\AppData\Roaming\Malwarebytes
2010-05-19 17:38 . 2010-04-29 10:19	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-19 17:38 . 2010-05-19 17:38	--------	d-----w-	c:\programdata\Malwarebytes
2010-05-19 17:38 . 2010-04-29 10:19	20952	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-05-19 17:37 . 2010-05-19 17:38	--------	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-05-19 14:17 . 2010-03-04 07:33	740864	----a-w-	c:\windows\system32\inetcomm.dll
2010-05-19 13:22 . 2010-05-19 13:22	--------	d-----w-	c:\program files\CCleaner
2010-05-19 12:24 . 2010-05-19 12:24	--------	d-----w-	c:\programdata\F-Secure
2010-05-17 12:28 . 2010-05-17 12:28	--------	d-----w-	c:\program files\SweetIM
2010-05-17 12:28 . 2010-05-17 12:28	--------	d-----w-	c:\programdata\SweetIM
2010-05-15 15:03 . 2010-05-15 15:33	--------	d-----w-	c:\program files\ICQ7.1
2010-05-10 19:17 . 2009-10-10 02:57	12800	----a-w-	c:\windows\system32\drivers\sffp_sd.sys
2010-05-10 19:17 . 2009-10-10 02:31	84992	----a-w-	c:\windows\system32\drivers\sdbus.sys
2010-05-10 18:42 . 2009-12-11 07:44	133720	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2010-05-10 18:42 . 2009-12-11 07:38	1037312	----a-w-	c:\windows\system32\lsasrv.dll
2010-05-10 18:42 . 2009-09-26 05:58	194488	----a-w-	c:\windows\system32\drivers\fvevol.sys
2010-05-07 19:15 . 2010-05-07 19:15	--------	d-----w-	c:\program files\The KMPlayer
2010-05-07 19:02 . 2010-05-07 19:02	--------	d-----w-	c:\users\roadrunner1405\AppData\Local\ratDVD
2010-05-07 19:02 . 2010-05-07 19:02	--------	d-----w-	c:\program files\ratDVD
2010-05-07 13:32 . 2010-05-07 13:32	--------	d-----w-	c:\users\roadrunner1405\AppData\Local\Diagnostics
2010-05-05 10:56 . 2010-05-05 10:56	--------	d-----w-	c:\programdata\eBay
2010-05-05 10:56 . 2010-05-05 10:56	--------	d-----w-	c:\program files\eBay
2010-05-04 10:12 . 2010-05-04 10:12	--------	d-----w-	c:\users\roadrunner1405\AppData\Local\FixItCenter
2010-05-04 09:58 . 2010-05-04 09:58	--------	d-----w-	c:\windows\CheckSur
2010-05-04 09:50 . 2010-05-04 09:50	--------	d-----w-	c:\windows\MATS
2010-05-04 09:50 . 2010-05-04 09:50	--------	d-----w-	c:\program files\Microsoft Fix it Center
2010-05-03 22:44 . 2010-05-04 10:06	--------	d-----w-	c:\program files\Registry Easy
2010-05-03 17:18 . 2010-05-03 17:18	--------	d-----w-	c:\program files\Trend Micro
2010-04-28 06:28 . 2010-04-28 08:34	--------	d-----w-	c:\program files\a-squared Free
2010-04-27 13:59 . 2010-04-27 13:59	--------	d-----w-	c:\programdata\Cloanto
2010-04-27 13:59 . 2010-04-27 13:59	--------	d-----w-	c:\program files\Common Files\Cloanto
2010-04-27 13:59 . 2010-04-27 13:59	--------	d-----w-	c:\program files\Cloanto
2010-04-27 10:25 . 2010-04-01 13:11	30024	----a-w-	c:\windows\system32\uxtuneup.dll
2010-04-27 10:10 . 2010-04-01 13:17	30536	----a-w-	c:\windows\system32\TURegOpt.exe
2010-04-27 10:09 . 2010-04-27 10:25	--------	d-----w-	c:\program files\TuneUp Utilities 2010
2010-04-27 10:07 . 2010-04-27 10:07	--------	d-sh--w-	c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
2010-04-27 09:45 . 2010-05-10 16:00	--------	d-----w-	c:\program files\Unlocker
2010-04-26 20:35 . 2010-04-30 08:19	--------	d-----w-	c:\program files\GridinSoft Trojan Killer
2010-04-26 20:13 . 2010-04-26 20:13	--------	d-----w-	c:\program files\QSoft
2010-04-26 20:12 . 2010-04-26 20:12	--------	d-----w-	c:\program files\NoVirusThanks
2010-04-26 20:06 . 2006-06-19 10:01	69632	----a-w-	c:\windows\system32\ztvcabinet.dll
2010-04-26 20:06 . 2006-05-25 12:52	162304	----a-w-	c:\windows\system32\ztvunrar36.dll
2010-04-26 20:06 . 2005-08-25 22:50	77312	----a-w-	c:\windows\system32\ztvunace26.dll
2010-04-26 20:06 . 2003-02-02 17:06	153088	----a-w-	c:\windows\system32\UNRAR3.dll
2010-04-26 20:06 . 2002-03-05 22:00	75264	----a-w-	c:\windows\system32\unacev2.dll
2010-04-26 20:06 . 2010-04-26 21:12	--------	d-----w-	c:\program files\Trojan Remover
2010-04-26 20:06 . 2010-04-26 20:06	--------	d-----w-	c:\users\roadrunner1405\AppData\Roaming\Simply Super Software
2010-04-26 20:06 . 2010-04-26 20:06	--------	d-----w-	c:\programdata\Simply Super Software
2010-04-26 09:00 . 2010-04-26 09:01	--------	d-----w-	C:\ZL_DB_CCcam_SoftCam_Control
2010-04-25 21:15 . 2010-04-25 21:15	--------	d-----w-	c:\users\roadrunner1405\AppData\Local\Mozilla
2010-04-25 10:22 . 2010-04-25 12:30	--------	d-----w-	c:\program files\WindowsServices
2010-04-25 10:22 . 2010-04-25 10:22	--------	d-----w-	c:\program files\TimHillOne
2010-04-24 11:05 . 2010-04-24 11:05	--------	d-----w-	c:\program files\PGWARE
2010-04-23 14:59 . 2010-04-23 14:59	49152	----a-r-	c:\windows\system32\inetwh32.dll
2010-04-23 14:59 . 2010-04-23 14:59	1044480	----a-r-	c:\windows\system32\roboex32.dll

.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-20 15:16 . 2009-08-23 17:48	--------	d-----w-	c:\users\roadrunner1405\AppData\Roaming\Skype
2010-05-20 15:15 . 2009-08-23 17:50	--------	d-----w-	c:\users\roadrunner1405\AppData\Roaming\skypePM
2010-05-20 15:13 . 2010-03-23 19:33	4194304	----a-w-	c:\windows\ServiceProfiles\NetworkService\msmqlog.bin
2010-05-20 09:46 . 2009-10-07 08:26	--------	d-----w-	c:\users\roadrunner1405\AppData\Roaming\ICQ
2010-05-20 08:20 . 2009-10-07 08:26	--------	d-----w-	c:\program files\ICQ6Toolbar
2010-05-19 14:21 . 2009-08-27 09:04	--------	d-----w-	c:\programdata\Microsoft Help
2010-05-19 14:20 . 2009-07-14 02:37	--------	d-----w-	c:\program files\Windows Mail
2010-05-19 09:00 . 2010-01-07 12:02	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2010-05-19 09:00 . 2010-05-19 09:00	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-05-18 20:08 . 2010-03-15 12:49	--------	d-----w-	c:\users\roadrunner1405\AppData\Roaming\UseNeXT
2010-05-16 18:02 . 2009-10-08 20:42	--------	d-----w-	c:\program files\Mozilla Thunderbird 3.0 Beta 3
2010-05-15 21:44 . 2010-03-10 10:02	--------	d-----w-	c:\program files\JDownloader
2010-05-15 16:24 . 2009-07-14 04:52	--------	d-----w-	c:\program files\Windows Sidebar
2010-05-15 15:23 . 2009-10-07 08:26	--------	d-----w-	c:\programdata\ICQ
2010-05-10 18:09 . 2009-08-23 17:45	--------	d-----r-	c:\program files\Skype
2010-05-10 16:00 . 2009-08-22 15:25	--------	d-----w-	c:\program files\Smart Battery
2010-05-10 16:00 . 2009-08-22 15:41	--------	d-----w-	c:\program files\Lenovo Fingerprint Software
2010-05-10 12:56 . 2009-10-19 15:04	72784	----a-w-	c:\windows\system32\drivers\BdfNdisf6.sys
2010-05-07 19:13 . 2009-09-11 19:05	--------	d-----w-	c:\users\roadrunner1405\AppData\Roaming\vlc
2010-04-28 06:45 . 2009-10-18 08:40	--------	d-----w-	c:\program files\FileZilla FTP Client
2010-04-27 17:59 . 2010-03-15 12:43	--------	d-----w-	c:\program files\UseNeXT
2010-04-27 10:14 . 2009-08-22 21:46	--------	d-----w-	c:\program files\TuneUp Utilities 2009
2010-04-27 10:08 . 2009-08-22 21:46	--------	d-----w-	c:\programdata\TuneUp Software
2010-04-02 08:46 . 2009-08-22 15:12	--------	d--h--w-	c:\program files\InstallShield Installation Information
2010-04-02 08:45 . 2009-10-24 14:45	--------	d-----w-	c:\program files\DAEMON Tools Toolbar
2010-04-02 08:42 . 2010-04-02 08:42	--------	d-----w-	c:\program files\Xirrus
2010-04-01 14:13 . 2010-04-01 14:13	--------	d-----w-	c:\program files\Common Files\Skype
2010-04-01 13:43 . 2009-07-24 10:26	291352	----a-w-	c:\windows\system32\drivers\bdfsfltr.sys
2010-04-01 13:11 . 2009-08-22 21:48	21320	----a-w-	c:\windows\system32\authuitu.dll
2010-03-29 21:06 . 2010-03-29 21:06	--------	d-----w-	c:\program files\EPROM50
2010-03-29 20:58 . 2010-03-29 20:58	5152	----a-w-	c:\windows\system32\drivers\io.sys
2010-03-25 18:39 . 2010-03-25 18:38	--------	d-----w-	c:\program files\ICQ-Banner-Remover
2010-03-25 09:27 . 2010-04-25 21:32	1107264	----a-w-	c:\users\roadrunner1405\AppData\Roaming\Mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\DTToolbar@toolbarnet.com\components\DTToolbarFF.dll
2010-03-24 18:17 . 2010-03-24 08:04	952768	----a-w-	c:\programdata\Adobe\Reader\9.3\ARM\30963\AdobeARM.exe
2010-03-24 18:17 . 2010-03-24 08:04	70584	----a-w-	c:\programdata\Adobe\Reader\9.3\ARM\30963\AdobeExtractFiles.dll
2010-03-24 18:17 . 2010-03-24 08:04	326056	----a-w-	c:\programdata\Adobe\Reader\9.3\ARM\30963\ReaderUpdater.exe
2010-03-24 18:17 . 2010-03-24 08:04	326056	----a-w-	c:\programdata\Adobe\Reader\9.3\ARM\30963\AcrobatUpdater.exe
2010-03-23 19:33 . 2009-10-22 16:20	739082	----a-w-	c:\windows\system32\perfh007.dat
2010-03-23 19:33 . 2009-10-22 16:20	153070	----a-w-	c:\windows\system32\perfc007.dat
2010-03-23 19:32 . 2010-03-23 19:32	--------	d-----w-	c:\program files\CMAK
2010-03-23 09:54 . 2010-03-23 09:54	--------	d-----w-	c:\program files\RMClock
2010-03-22 18:04 . 2010-03-22 18:04	--------	d-----w-	c:\program files\CPUCooL
2010-03-18 15:58 . 2010-03-18 15:58	101248	----a-w-	c:\windows\system32\drivers\avmaura.sys
2010-03-18 12:22 . 2010-03-18 11:08	28672	----a-w-	c:\windows\system32\AF15BDAEX.dll
2010-03-18 12:22 . 2010-03-18 11:08	126	----a-w-	c:\windows\system32\AF15IRTBL.bin
2010-03-18 12:22 . 2010-03-18 11:08	483200	----a-w-	c:\windows\system32\drivers\AF15BDA.sys
2010-03-17 09:35 . 2010-04-25 21:32	309248	----a-w-	c:\users\roadrunner1405\AppData\Roaming\Mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll
2010-03-15 13:04 . 2009-08-25 12:02	34	----a-w-	c:\programdata\StarMoney 7.0\profil\sfmsm.dll
2010-03-10 10:01 . 2010-03-10 10:01	411368	----a-w-	c:\windows\system32\deploytk.dll
2010-03-08 21:33 . 2010-04-14 07:57	427520	----a-w-	c:\windows\system32\vbscript.dll
2010-02-28 19:23 . 2009-09-05 13:06	281760	----a-w-	c:\windows\system32\drivers\atksgt.sys
2010-02-28 19:23 . 2009-09-05 13:06	25888	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2010-02-28 18:30 . 2010-02-28 18:30	48648	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2010-02-28 18:30 . 2010-02-06 17:47	1170240	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2010-02-27 12:07 . 2010-04-14 07:57	3899280	----a-w-	c:\windows\system32\ntoskrnl.exe
2010-02-27 12:07 . 2010-04-14 07:57	3954568	----a-w-	c:\windows\system32\ntkrnlpa.exe
2010-02-27 07:32 . 2010-04-14 07:57	221696	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2010-02-27 07:32 . 2010-04-14 07:57	95744	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2010-02-27 07:32 . 2010-04-14 07:57	123392	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2010-02-23 07:56 . 2010-03-30 17:57	977920	----a-w-	c:\windows\system32\wininet.dll
2010-02-22 16:58 . 2010-03-11 14:09	1733152	----a-w-	c:\windows\system32\RtkPgExt.dll
2010-02-22 16:58 . 2010-03-11 14:09	57888	----a-w-	c:\windows\system32\RtkCoInst.dll
2010-02-22 16:58 . 2010-03-11 14:09	371232	----a-w-	c:\windows\system32\RtkApoApi.dll
2010-02-22 16:58 . 2010-03-11 14:09	2649120	----a-w-	c:\windows\system32\RtkAPO.dll
2010-02-22 16:23 . 2010-03-11 14:09	3022944	----a-w-	c:\windows\system32\drivers\RTKVHDA.sys
2010-02-20 16:47 . 2010-01-07 12:02	1170240	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2009-06-10 21:26 . 2009-07-14 02:04	9633792	--sha-r-	c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42	396800	--sha-w-	c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.


	
Code: 

 
ATTFilter


  

	
<pre>
c:\program files\Acronis\TrueImageHome\timountermonitor .exe
c:\program files\Acronis\TrueImageHome\TrueImageMonitor .exe
c:\program files\Adobe\Reader 9.0\Reader\reader_sl .exe
c:\program files\Common Files\Acronis\Schedule2\schedhlp .exe
c:\program files\Common Files\Adobe\ARM\1.0\adobearm .exe
c:\program files\Intel\AMT\atchk .exe
c:\program files\Lenovo Fingerprint Software\fpapp .exe
c:\program files\Microsoft Office\Office12\groovemonitor .exe
c:\program files\PGWARE\SuperRam\superramtray .exe
c:\program files\QSoft\Autorun Kicker\_autorunkicker .exe
c:\program files\Skype\Phone\skype .exe
c:\program files\Smart Battery\smbtray .exe
c:\program files\Trojan Remover\trjscan .exe
c:\program files\Unlocker\UnlockerAssistant  .exe
c:\program files\Windows Sidebar\sidebar .exe
</pre>
         
 
((((((((((((((((((((((((((((((((((((((((((((   Look   )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

--- c:\program files\Acronis\TrueImageHome\timountermonitor .exe ---
Company: Acronis
File Description: Monitor for Acronis True Image Backup Archive Explorer
File Version: 4,0,0,453
Product Name: Acronis True Image
Copyright: Copyright (c) Acronis 2000-2007
Original Filename: TimounterMonitor.exe
File size: 962456
Created time: 2008-09-15 16:32
Modified time: 2008-09-15 16:32
MD5: C880EF37016EE8AF0FB22B066EF4C1B7
SHA1: 85C0B0C81FCBEAD6BFFB4D9EC09A485F73A783E6


--- c:\program files\Acronis\TrueImageHome\TrueImageMonitor .exe ---
Company: Acronis
File Description: Acronis True Image Monitor
File Version: 12,0,0,9551
Product Name: Acronis True Image
Copyright: Copyright (C) Acronis, 2000-2008.
Original Filename: TrueImageMonitor.exe
File size: 4353088
Created time: 2008-09-15 16:21
Modified time: 2008-09-15 16:21
MD5: ECAA272D17CE77DB46E5B98A60869984
SHA1: 18E8311DB6FC092E53E68A8C921F8266026CA0CB


--- c:\program files\Adobe\Reader 9.0\Reader\reader_sl .exe ---
Company: Adobe Systems Incorporated
File Description: Adobe Acrobat SpeedLauncher
File Version: 9.3.2.163
Product Name: Adobe Acrobat
Copyright: Copyright 1984-2010 Adobe Systems Incorporated and its licensors. All rights reserved.
Original Filename: AcroSpeedLaunch.exe
File size: 36272
Created time: 2010-04-04 05:42
Modified time: 2010-04-04 05:42
MD5: F91F52F4EA5D88DAB6245682A16F3A72
SHA1: CD8F3D00EAE82C6205A24359A92F4C1C44930D45


--- c:\program files\Common Files\Acronis\Schedule2\schedhlp .exe ---
Company: Acronis
File Description: Acronis Scheduler Helper
File Version: 1,0,0,271
Product Name: Acronis Scheduler Helper
Copyright: Copyright (C) 2000-2004 Acronis
Original Filename: schedhlp.exe
File size: 165144
Created time: 2008-09-15 16:27
Modified time: 2008-09-15 16:27
MD5: 6DAB589180D9C831A14B8FC4ED50659F
SHA1: 31CEF20A1554D72FC2C4561753032F0B28BDFDD2


--- c:\program files\Common Files\Adobe\ARM\1.0\adobearm .exe ---
Company: Adobe Systems Incorporated
File Description: Adobe Reader and Acrobat Manager
File Version: 1.1.7.0
Product Name: Adobe Reader and Acrobat Manager
Copyright: Copyright © 2010 Adobe Systems Incorporated.  All rights reserved.
Original Filename: AdobeARM.exe
File size: 952768
Created time: 2009-12-11 14:57
Modified time: 2010-03-24 18:17
MD5: DB1DB28467111A24664933AB8908CBCE
SHA1: 158A5420F5ED20F1B2AFD210564A4A712C6C3C22


--- c:\program files\Intel\AMT\atchk .exe ---
Company: Intel Corporation
File Description: Displays state of Intel® Active Management Technology.
File Version: 2.0.0.5
Product Name: atchk
Copyright: Copyright(C) 2006 Intel Corporation.
Original Filename: atchk.exe
File size: 404248
Created time: 2009-08-22 16:36
Modified time: 2007-07-27 06:07
MD5: 398AC7A90320B60BEBA0E6619BD6A614
SHA1: 69A33AD11FACFF3FDDF8AC28BD103277688A6228


--- c:\program files\Lenovo Fingerprint Software\fpapp .exe ---
Company: Authentec,Inc
File Description: 
File Version: 1, 1, 6, 55
Product Name: fpapp.exe
Copyright: Authentec .  All rights reserved.
Original Filename: fpapp.exe
File size: 950272
Created time: 2008-07-15 05:13
Modified time: 2008-07-15 05:13
MD5: 5C2520F481973E26B58DF115E93C2154
SHA1: 969563F570B1098DE57E52D6D7785FDE132296E1


--- c:\program files\Microsoft Office\Office12\groovemonitor .exe ---
Company: Microsoft Corporation
File Description: GrooveMonitor Utility
File Version: 12.0.6413.1000
Product Name: GrooveMonitor Utility
Copyright: © 2006 Microsoft Corporation.  All rights reserved.
Original Filename: GrooveMonitor.exe
File size: 31072
Created time: 2008-10-25 10:44
Modified time: 2008-10-25 10:44
MD5: 644795F6985C740F5E36E9336B837D0B
SHA1: D2F5F78D437D81BA678F61AE2EEB966AC0715091


--- c:\program files\PGWARE\SuperRam\superramtray .exe ---
Company: PGWARE LLC
File Description: SuperRam Tray Applet
File Version: 6.0.0.0
Product Name: SuperRam
Copyright: Copyright © 2001-2010 PGWARE LLC
Original Filename: SUPERRAMTRAY.EXE
File size: 1703624
Created time: 2010-04-24 11:06
Modified time: 2010-04-18 21:09
MD5: 9955A8998FF5D41A414AC53979202A2A
SHA1: 1C0A419B48C992ECE80E15FF493C08CB83AF771E


--- c:\program files\QSoft\Autorun Kicker\_autorunkicker .exe ---
Company: UNDP
File Description: Autorun_Kicker
File Version: 1.0.0.0
Product Name: Autorun_Kicker
Copyright: Copyright © UNDP 2008
Original Filename: Autorun_Kicker.exe
File size: 528384
Created time: 2010-04-26 20:13
Modified time: 2009-01-03 09:23
MD5: EFE7D4DE8D219FF73CF2E99E2C86012C
SHA1: 81E4AB541CFA8E4D4A0C47C06840814AD716371E


--- c:\program files\Skype\Phone\skype .exe ---
Company: Skype Technologies S.A.
File Description: Skype
File Version: 4.2.0.155
Product Name: Skype
Copyright: (c) Skype Technologies S.A.
Original Filename: Skype.exe
File size: 26100520
Created time: 2010-03-09 08:02
Modified time: 2010-03-09 08:02
MD5: 46C92F0351DF5A4F74C9D37CD43F741D
SHA1: 9EEF9CE68CA87BD69B9B338D8C4CCC591B81A295


--- c:\program files\Smart Battery\smbtray .exe ---
Company: Compal Electronics, Inc.
File Description: TODO: <File description>
File Version: 1.0.0.6
Product Name: TODO: <Product name>
Copyright: TODO: (c) <Company name>.  All rights reserved.
Original Filename: SMBTrayVC2005.exe
File size: 521776
Created time: 2009-08-22 15:25
Modified time: 2007-06-04 15:22
MD5: 32C973E68E3DF5831638337503738E62
SHA1: E51F7C5A2E675BC84866AADD928C8D644B2FC5CB


--- c:\program files\Trojan Remover\trjscan .exe ---
Company: Simply Super Software
File Description: Trojan Scanner
File Version: 6.8.2.1307
Product Name: Trojan Scanner
Copyright: © 1999-2010 Simply Super Software
Original Filename: TRJSCAN.EXE
File size: 1165192
Created time: 2010-04-26 20:06
Modified time: 2010-02-27 18:17
MD5: 87CE21846BCFA0F0A14F60807DD0A56D
SHA1: 7012AE4BFCE6A62E806A4FBC2AD65232282BFD5F


--- c:\program files\Unlocker\UnlockerAssistant  .exe ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File size: 15872
Created time: 2010-03-09 02:52
Modified time: 2010-03-09 02:52
MD5: C33EE8245897AEF45B7F0C70FDE0F78F
SHA1: 0AF3A3B9895113589E56A043E16D21ECA0038057


--- c:\program files\Windows Sidebar\sidebar .exe ---
Company: Microsoft Corporation
File Description: Windows Sidebar
File Version: 6.0.6002.18005 (lh_sp2rtm.090410-1830)
Product Name: Microsoft® Windows® Operating System
Copyright: © Microsoft Corporation. All rights reserved.
Original Filename: sidebar.EXE
File size: 1233920
Created time: 2009-07-13 23:41
Modified time: 2009-04-11 06:28
MD5: 9E35FF7F943AE0FB89192BFE058B7FD4
SHA1: 445D62FEAC7E3F9762B78B3E901A9DCA1B08BCFF


((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2010-03-18 14:06	1361208	----a-r-	c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-03-18 1361208]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2010-03-18 1361208]

[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-04-06 26102056]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BDAgent"="c:\program files\BitDefender\BitDefender 2010\bdagent.exe" [2010-04-01 1123360]
"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2010\IEShow.exe" [2009-10-19 71152]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-02-22 8522272]
"MsmqIntCert"="mqrt.dll" [2009-07-14 152064]
"igfxTray Module"="c:\windows\System32\igfxtray.exe" [2009-09-23 141848]
"hkcmd Module"="c:\windows\System32\hkcmd.exe" [2009-09-23 173592]
"persistence Module"="c:\windows\System32\igfxpers.exe" [2009-09-23 150552]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2010-04-14 111928]
" Malwarebytes Anti-Malware  (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]

c:\users\roadrunner1405\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Mozilla Firefox.lnk - c:\program files\Mozilla Firefox\firefox.exe [2010-4-25 910296]
Mozilla Thunderbird 3.0 Beta 3.lnk - c:\program files\Mozilla Thunderbird 3.0 Beta 3\thunderbird.exe [2009-10-8 11959472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages	REG_MULTI_SZ   	msv1_0 wvauth
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
@="FSFilter System Recovery"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TMMonitor.lnk]
backup=c:\windows\pss\TMMonitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^roadrunner1405^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^klickTel OEM Frühjahr 2009 - Schnellstarter.lnk]
backup=c:\windows\pss\klickTel OEM Frühjahr 2009 - Schnellstarter.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe [N/A]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ArcSoft Connection Service]
2009-10-10 12:32	203264	----a-w-	c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EmbassySecurityCheck]
2007-04-16 08:13	71232	----a-w-	c:\program files\Wave Systems Corp\Embassy Security Setup\EmbassySecurityCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
2009-09-23 17:30	173592	----a-w-	c:\windows\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2009-06-04 17:03	186904	----a-w-	c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
2009-09-23 17:30	141848	----a-w-	c:\windows\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
2009-09-23 17:30	150552	----a-w-	c:\windows\System32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\phonostarTimer]
2009-09-28 09:01	36864	----a-w-	c:\program files\phonostar-Player\phonostarTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
2009-11-11 14:11	287800	----a-r-	c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-09-24 13:41	434176	----a-w-	c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-03-10 10:01	149280	----a-w-	c:\program files\Java\jre6\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TODO_ _File description_]
c:\program files\Smart Battery\smbtray.exe [N/A]

R0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-10-24 721904]
R2 StarMoney 7.0 OnlineUpdate;StarMoney 7.0 OnlineUpdate;c:\program files\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe [2009-09-11 528904]
R3 AF9035BDA;AF9035 BDA Devices;c:\windows\system32\Drivers\AF9035BDA.sys [2009-07-13 199168]
R3 Arrakis3;BitDefender Arrakis Server;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2009-10-19 183880]
R3 MatSvc;Microsoft Fix it Supportcenter;c:\program files\Microsoft Fix it Center\Matsvc.exe [2010-04-10 266544]
R3 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 WMSVC;Webverwaltungsdienst;c:\windows\system32\inetsrv\wmsvc.exe [2009-07-14 9728]
R4 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S0 snapman378;Acronis Snapshots Manager (Build 378);c:\windows\system32\DRIVERS\snman378.sys [2009-08-22 134272]
S0 stmtpm;STM TPM Service;c:\windows\system32\DRIVERS\stm_tpm.sys [2007-07-05 21504]
S0 tdrpman124;Acronis Try&Decide and Restore Points filter (build 124);c:\windows\system32\DRIVERS\tdrpm124.sys [2009-08-22 950848]
S1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver;c:\windows\system32\DRIVERS\BdfNdisf6.sys [2010-05-10 72784]
S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys [2010-05-10 79952]
S2 a2free;a-squared Free Service;c:\program files\a-squared Free\a2service.exe [2010-04-28 1872320]
S2 Apache2.2;Apache2.2;c:\xampp\apache\bin\httpd.exe [2009-11-20 29416]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2010\bdvedisk.sys [2010-05-10 85128]
S2 ftpsvc;Microsoft-FTP-Dienst;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 20992]
S2 ICQ Service;ICQ Service;c:\program files\ICQ6Toolbar\ICQ Service.exe [2010-03-28 246520]
S2 io.sys;IO.DLL Driver;c:\windows\system32\drivers\io.sys [2010-03-29 5152]
S2 TeamViewer5;TeamViewer 5;c:\program files\TeamViewer\Version5\TeamViewer_Service.exe [2010-02-11 172328]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2010-04-01 1050440]
S2 UNS;Intel(R) Active Management Technology User Notification Service;c:\program files\Intel\AMT\UNS.exe [2007-07-27 1489688]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys [2010-03-18 101248]
S3 BDFM;BDFM;c:\windows\system32\DRIVERS\bdfm.sys [2010-02-17 153448]
S3 DCamUSBGene;GenesysLogic USB2.0 PC Camera;c:\windows\system32\DRIVERS\usbgene.sys [2007-06-26 131584]
S3 netw5v32;Intel(R) Wireless WiFi Link Adaptertreiber für Windows Vista 32-Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2010-01-13 6628352]
S3 PsxDrv;PsxDrv;c:\windows\system32\drivers\psxdrv.sys [2009-07-13 9216]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2009-11-09 25088]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S3 wbms_vista_x86;Winbond Memory Stick Controller;c:\windows\system32\Drivers\wbms_vista_x86.SYS [2007-06-26 52224]
S3 wbsdmmc;Winbond SD/MMC Controller;c:\windows\system32\DRIVERS\wbsdmmc_vista_x86.sys [2007-04-20 44544]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HsfXAudioService	REG_MULTI_SZ   	HsfXAudioService
bdx	REG_MULTI_SZ   	scan
ftpsvc	REG_MULTI_SZ   	ftpsvc
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
ipripsvc	REG_MULTI_SZ   	iprip
LPDService	REG_MULTI_SZ   	LPDSVC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\program files\ICQ7.1\ICQ.exe
LSP: c:\windows\system32\biolsp.dll
FF - ProfilePath - c:\users\roadrunner1405\AppData\Roaming\Mozilla\Firefox\Profiles\jx3wb3ha.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - 
FF - component: c:\program files\BitDefender\BitDefender 2010\bdaphffext\components\bdaphff2.dll
FF - component: c:\program files\BitDefender\BitDefender 2010\bdaphffext\components\bdaphff3.6.dll
FF - component: c:\program files\BitDefender\BitDefender 2010\bdaphffext\components\bdaphff3.dll
FF - component: c:\users\roadrunner1405\AppData\Roaming\Mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll
FF - component: c:\users\roadrunner1405\AppData\Roaming\Mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\fb_add_on@avm.de\components\FB_AddOn.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Sony\Media Go\npmediago.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\Win7codecs\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\roadrunner1405\AppData\Roaming\Mozilla\Firefox\Profiles\jx3wb3ha.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}\plugins\npietab2.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX Richtlinien ----
 
 
 
 
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, hxxp://www.gmer.net

device: opened successfully
user: MBR read successfully
called modules: >>UNKNOWN [0x8304B000]<< >>UNKNOWN [0x89BA1000]<< >>UNKNOWN [0x89B90000]<< >>UNKNOWN [0x8467D000]<< >>UNKNOWN [0x83014000]<< 
kernel: MBR read successfully
detected MBR rootkit hooks:
IoDeviceObjectType -> DumpProcedure -> 0xd46a624f
 SecurityProcedure -> 0x8587b848
 QueryNameProcedure -> 0x8587b9d8
user & kernel MBR OK 

**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------

[HKEY_USERS\.Default\Software\SetID\Internal]
@Denied: (A 2) (LocalSystem)
"DATA"="<settings expireTime=\"0\" productStatus=\"1\" obSize=\"0\" InstallIS=\"2145870353\" isSubsc=\"0\" version=\"12.0.1\" timeDiff=\"1\" oldDevice=\"\" authStatus_is=\"0\" />"
"Device"="xrnJucq8yLy6z8fMzszNusjHvM8="

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------

- - - - - - - > 'lsass.exe'(692)
c:\windows\system32\wvauth.DLL
c:\windows\system32\biolsp.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\psxss.exe
c:\program files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
c:\program files\BitDefender\BitDefender 2010\vsserv.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\conhost.exe
c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files\Common Files\Acronis\Schedule2\schedul2.exe
c:\program files\Intel\AMT\atchksrv.exe
c:\windows\system32\inetsrv\inetinfo.exe
c:\program files\Intel\AMT\LMS.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
c:\windows\system32\mqsvc.exe
c:\xampp\mysql\bin\mysqld.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\windows\System32\tcpsvcs.exe
c:\windows\System32\snmp.exe
c:\windows\system32\taskhost.exe
c:\program files\BitDefender\BitDefender 2010\seccenter.exe
c:\program files\TeamViewer\Version5\TeamViewer.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
c:\windows\system32\mqtgsvc.exe
c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\UI0Detect.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\system32\conhost.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\BitDefender\BitDefender Update Service\upgrepl.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-05-20  17:21:27 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2010-05-20 15:21
ComboFix2.txt  2010-05-20 11:23
ComboFix3.txt  2010-05-19 14:06

Vor Suchlauf: 14 Verzeichnis(se), 12.555.452.416 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 12.390.027.264 Bytes frei

- - End Of File - - 6F979153E0841DF326F9E7898F317CAD
[/QUOTE]
__________________
Alt 20.05.2010, 19:02   #18
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Sieht schon nicht schlecht aus. Werden noch falsche Links geöffnet?
Mach nochmal bitte Logs mit GMER und OSAM.
__________________
__________________
Alt 20.05.2010, 20:11   #19
roadrunner14
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Nein, jetzt ist alles top. Ist auch etwas schneller geworden. Kommt mir zumindest so vor.



Die logs kommen gleich nach.

Alt 20.05.2010, 20:34   #20
roadrunner14
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Das log von GMER:

Zitat:
GMER 1.0.15.15281 - hxxp://www.gmer.net
Rootkit scan 2010-05-20 21:25:06
Windows 6.1.7600
Running: bbrv1ksc.exe; Driver: C:\Users\ROADRU~1\AppData\Local\Temp\ffdyauow.sys


---- System - GMER 1.0.15 ----

INT 0x1F \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302EAF8
INT 0x37 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302E104
INT 0xC1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302E3F4
INT 0xD1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83016634
INT 0xD2 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 83016898
INT 0xDF \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302E1DC
INT 0xE1 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302E958
INT 0xE3 \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302E6F8
INT 0xFD \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302EF2C
INT 0xFE \SystemRoot\system32\halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 8302F1A8

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 8308E599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 830B2F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text C:\Windows\system32\DRIVERS\atksgt.sys section is writeable [0x9895B300, 0x3B6D8, 0xE8000020]
.text C:\Windows\system32\DRIVERS\lirsgt.sys section is writeable [0x989B3300, 0x1BEE, 0xE8000020]
.text peauth.sys AFC29C9D 28 Bytes [DE, 00, B2, 6D, D1, B7, CB, ...]
.text peauth.sys AFC29CC1 28 Bytes [DE, 00, B2, 6D, D1, B7, CB, ...]
? C:\Users\ROADRU~1\AppData\Local\Temp\mbr.sys Das System kann die angegebene Datei nicht finden. !
? C:\Windows\system32\Drivers\PROCEXP113.SYS Das System kann die angegebene Datei nicht finden. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Mozilla Firefox\firefox.exe[3836] ntdll.dll!LdrLoadDll 7785F585 5 Bytes JMP 002413F0 C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\a-squared Free\a2service.exe[1888] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateThread] [00454D58] C:\Program Files\a-squared Free\a2service.exe (a-squared Service/Emsi Software GmbH)
IAT C:\Program Files\a-squared Free\a2service.exe[1888] @ C:\Windows\system32\shell32.dll [KERNEL32.dll!QueueUserWorkItem] [00454F5C] C:\Program Files\a-squared Free\a2service.exe (a-squared Service/Emsi Software GmbH)
IAT C:\Program Files\a-squared Free\a2service.exe[1888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [00454D58] C:\Program Files\a-squared Free\a2service.exe (a-squared Service/Emsi Software GmbH)
IAT C:\Program Files\a-squared Free\a2service.exe[1888] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!QueueUserWorkItem] [00454F5C] C:\Program Files\a-squared Free\a2service.exe (a-squared Service/Emsi Software GmbH)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] [66E99832] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] [66E9A27D] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlLockHeap] [66E994D8] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlUnlockHeap] [66E994E8] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlDestroyHeap] [66E994B8] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlCreateHeap] [66E994A8] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlExitUserProcess] [66E9AA9E] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] [66E99832] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlSizeHeap] [66E9A27D] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlReAllocateHeap] [66E99832] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\USER32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\advapi32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\advapi32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\advapi32.dll [ntdll.dll!RtlReAllocateHeap] [66E99832] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\advapi32.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\shell32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\Iphlpapi.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Phone\Skype.exe[5376] @ C:\Windows\system32\Iphlpapi.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlReAllocateHeap] [66E99832] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlSizeHeap] [66E9A27D] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlLockHeap] [66E994D8] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlUnlockHeap] [66E994E8] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlDestroyHeap] [66E994B8] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlCreateHeap] [66E994A8] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\kernel32.dll [ntdll.dll!RtlExitUserProcess] [66E9AA9E] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\user32.dll [ntdll.dll!RtlSizeHeap] [66E9A27D] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\user32.dll [ntdll.dll!RtlReAllocateHeap] [66E99832] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\user32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\user32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\user32.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\GDI32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\advapi32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\advapi32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\advapi32.dll [ntdll.dll!RtlReAllocateHeap] [66E99832] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\advapi32.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\RPCRT4.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\ole32.dll [ntdll.dll!RtlReAllocateHeap] [66E99832] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\CRYPT32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\CRYPT32.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\wininet.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\WS2_32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\IPHLPAPI.DLL [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\IPHLPAPI.DLL [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\secur32.dll [ntdll.dll!RtlAllocateHeap] [66E992CD] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\secur32.dll [ntdll.dll!RtlFreeHeap] [66E99E78] C:\Windows\AppPatch\AcXtrnal.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Skype\Plugin Manager\skypePM.exe[6768] @ C:\Windows\system32\secur32.dll [KERNEL32.dll!GetProcAddress] [75665E25] C:\Windows\system32\apphelp.dll (Clientbibliothek für Anwendungskompatibilität/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipAlloc] [74242494] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdiplusStartup] [74225624] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdiplusShutdown] [742256E2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipFree] [7424250F] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipDeleteGraphics] [74238573] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipDisposeImage] [74234D27] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipGetImageWidth] [742350CE] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipGetImageHeight] [742351A3] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipCreateBitmapFromHBITMAP] [742366D0] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipCreateFromHDC] [742382CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipSetCompositingMode] [74238819] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipSetInterpolationMode] [7423907A] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipDrawImageRectI] [7423E21D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.exe[7640] @ C:\Windows\Explorer.exe [gdiplus.dll!GdipCloneImage] [74234C59] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs tdrpm124.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy1 tdrpm124.sys (Acronis Try&Decide Volume Filter Driver/Acronis)
AttachedDevice \Driver\volsnap \Device\HarddiskVolumeShadowCopy1 snman378.sys (Acronis Snapshot API/Acronis)

Device \Driver\ACPI_HAL \Device\00000062 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
AttachedDevice \FileSystem\fastfat \Fat tdrpm124.sys (Acronis Try&Decide Volume Filter Driver/Acronis)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\BTHPORT
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\HidBth
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Upgrade\LocalRadioSettings
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\BTHPORT (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\HidBth (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Upgrade\LocalRadioSettings (not active ControlSet)

---- EOF - GMER 1.0.15 ----


Alt 20.05.2010, 20:38   #21
roadrunner14
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


und der OSAM log:

Zitat:
Report of OSAM: Autorun Manager v5.0.11926.0
Online Solutions. Complex Protection for Information Systems
Saved at 21:37:19 on 20.05.2010

OS: Windows 7 Ultimate Edition (Build 7600), 32-bit
Default Browser: Mozilla Corporation Firefox 3.6.3

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"LocalCOM.cpl" - "TOSHIBA CORPORATION" - C:\Windows\system32\LocalCOM.cpl
"SMB.cpl" - "Compal Electronics, Inc." - C:\Windows\system32\SMB.cpl
"trueprint.cpl" - "AuthenTec, Inc." - C:\Windows\system32\trueprint.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"Nero BurnRights" - "Nero AG" - C:\Program Files\Nero\Nero 9\Nero BurnRights\NeroBurnRights_cpl.cpl
"PavCPL" - ? - C:\Windows\system32\pavcpl.cpl (File not found)
"PROSet Tools" - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\iproset.cpl
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys (File found, but it contains no detailed information)
"BDFM" (BDFM) - "BitDefender S.R.L. Bucharest, ROMANIA" - C:\Windows\System32\DRIVERS\bdfm.sys
"bdfsfltr" (bdfsfltr) - "BitDefender" - C:\Windows\System32\DRIVERS\bdfsfltr.sys
"bdfwfpf" (bdfwfpf) - "BitDefender LLC" - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys
"BDVEDISK" (BDVEDISK) - "BitDefender" - C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys
"BitDefender Firewall NDIS 6 Filter Driver" (BdfNdisf) - "BitDefender LLC" - C:\Windows\System32\DRIVERS\BdfNdisf6.sys
"catchme" (catchme) - ? - C:\Users\ROADRU~1\AppData\Local\Temp\catchme.sys (File not found)
"ffdyauow" (ffdyauow) - ? - C:\Users\ROADRU~1\AppData\Local\Temp\ffdyauow.sys (Hidden registry entry, rootkit activity | File not found)
"giveio" (giveio) - ? - C:\Windows\system32\DRIVERS\giveio.sys (File found, but it contains no detailed information)
"Intel Keyboard Filter" (kbfiltr) - "Intel Corporation" - C:\Windows\System32\DRIVERS\kbfiltr.sys
"IO.DLL Driver" (io.sys) - ? - C:\Windows\system32\drivers\io.sys (File found, but it contains no detailed information)
"ISO DVD/CD-ROM Device Driver" (ISODrive) - "EZB Systems, Inc." - C:\Program Files\UltraISO\drivers\ISODrive.sys
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys (File found, but it contains no detailed information)
"mbr" (mbr) - ? - C:\Users\ROADRU~1\AppData\Local\Temp\mbr.sys (File not found)
"ntiopnp" (ntiopnp) - ? - C:\Windows\system32\drivers\ntiopnp.sys
"PPdus ASPI Shell" (Afc) - "Arcsoft, Inc." - C:\Windows\System32\drivers\Afc.sys
"Profos" (Profos) - "BitDefender S.R.L." - C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\profos.sys
"Sony Ericsson seehcri Device Driver" (seehcri) - "Sony Ericsson Mobile Communications" - C:\Windows\System32\DRIVERS\seehcri.sys
"sptd" (sptd) - "Duplex Secure Ltd." - C:\Windows\System32\Drivers\sptd.sys
"Trufos" (Trufos) - "BitDefender S.R.L." - C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys
"TuneUpUtilitiesDrv" (TuneUpUtilitiesDrv) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
BDFVCtxMenuExt "BDFVCtxMenuExt" - ? - (File not found | COM-object registry key not found)
{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{0561EC90-CE54-4f0c-9C55-E226110A740C} "{0561EC90-CE54-4f0c-9C55-E226110A740C}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AEB6717E-7E19-11d0-97EE-00C04FD91972} "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" - ? - (File not found | COM-object registry key not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{911051fa-c21c-4246-b470-070cd8df6dc4} ".cab or .zip files" - ? - (File not found | COM-object registry key not found)
{A155339D-CCCD-4714-85EB-3754B804C9DF} "a-squared Free Shell Extension" - "Emsi Software GmbH" - C:\Program Files\a-squared Free\a2freecontmenu.dll
{C539A15A-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Context Menu Extension" - "Acronis" - C:\Program Files\Acronis\TrueImageHome\tishell.dll
{C539A15B-3AF9-4c92-B771-50CB78F5C751} "Acronis True Image Shell Extension" - "Acronis" - C:\Program Files\Acronis\TrueImageHome\tishell.dll
{1b24a030-9b20-49bc-97ac-1be4426f9e59} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found)
{34449847-FD14-4fc8-A75A-7432F5181EFB} "ActiveDirectory Folder" - ? - (File not found | COM-object registry key not found)
{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} "Contacts folder" - ? - (File not found | COM-object registry key not found)
{2C2577C2-63A7-40e3-9B7F-586602617ECB} "Explorer Query Band" - ? - (File not found | COM-object registry key not found)
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{327669A0-59A7-4be9-B99E-1C9F3A57611A} "Haali Matroska Thumbnail Exctractor" - ? - (File not found | COM-object registry key not found)
{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} "IE User Assist" - ? - (File not found | COM-object registry key not found)
{00020d75-0000-0000-c000-000000000046} "lnkfile" - ? - (File not found | COM-object registry key not found)
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\ONFILTER.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} "NeroCoverEdLiveIcons Class" - "Nero AG" - C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} "NeroDigitalColumnHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{1CA6BBC9-E9FA-4021-822B-075DF1837B63} "NeroDigitalIconHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{4FBFFA8D-F390-471a-AE46-FEB93623AD63} "NeroDigitalInfoHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{846083A4-BFC6-4447-985C-6578B466A7D7} "NeroDigitalPropSheetHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} "NeroDigitalThumbnailHandler Class" - "Nero AG" - C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
{C8494E42-ACDD-4739-B0FB-217361E4894F} "Sam Account Folder" - ? - (File not found | COM-object registry key not found)
{E29F9716-5C08-4FCD-955A-119FDB5A522D} "Sam Account Folder" - ? - (File not found | COM-object registry key not found)
{52B87208-9CCF-42C9-B88E-069281105805} "Trojan Remover Shell Extension" - "Simply Super Software" - C:\PROGRA~1\TROJAN~1\Trshlex.dll
{4838CD50-7E5D-4811-9B17-C47A85539F28} "TuneUp Disk Space Explorer Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\DseShExt-x86.dll
{4858E7D9-8E12-45a3-B6A3-1CD128C9D403} "TuneUp Shredder Shell Extension" - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\SDShelEx-win32.dll
{44440D00-FF19-4AFC-B765-9A0970567D97} "TuneUp Theme Extension" - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
{AD392E40-428C-459F-961E-9B147782D099} "UIContextMenu Class" - "EZB Systems, Inc." - C:\Program Files\UltraISO\isoshell.dll
{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} "UnlockerShellExtension" - ? - C:\Program Files\Unlocker\UnlockerCOM.dll (File found, but it contains no detailed information)
{8FF88D21-7BD0-11D1-BFB7-00AA00262A11} "WinAce Archiver 2.69 Context Menu Shell Extension" - ? - (File not found | COM-object registry key not found)
{8FF88D27-7BD0-11D1-BFB7-00AA00262A11} "WinAce Archiver 2.69 Context Menu Shell Extension" - ? - (File not found | COM-object registry key not found)
{8FF88D25-7BD0-11D1-BFB7-00AA00262A11} "WinAce Archiver 2.69 DragDrop Shell Extension" - ? - (File not found | COM-object registry key not found)
{8FF88D23-7BD0-11D1-BFB7-00AA00262A11} "WinAce Archiver 2.69 Property Sheet Shell Extension" - ? - (File not found | COM-object registry key not found)
{da67b8ad-e81b-4c70-9b91b417b5e33527} "Windows Search Shell Service" - ? - (File not found | COM-object registry key not found)
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files\WinRAR\rarext.dll

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "DAEMON Tools Toolbar" - ? - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
ITBar7Height "ITBar7Height" - ? - (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? - (File not found | COM-object registry key not found)
<binary data> "SweetIM Toolbar for Internet Explorer" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_15" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\npjpi160_15.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"ICQ7.1" - "ICQ, LLC." - C:\Program Files\ICQ7.1\ICQ.exe
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} "BitDefender Toolbar" - "BitDefender S.R.L." - C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
<binary data> "DAEMON Tools Toolbar" - ? - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
{855F3B16-6D32-4fe6-8A56-BBB695989046} "ICQToolBar" - ? - (File not found | COM-object registry key not found)
<binary data> "SweetIM Toolbar for Internet Explorer" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files\Java\jre6\bin\jp2ssv.dll
{EEE6C35C-6118-11DC-9C72-001320C79847} "SweetIM Toolbar Helper" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Authentication packages" - "Wave Systems Corp." - C:\Windows\system32\wvauth.dll
"Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\roadrunner1405\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Mozilla Firefox.lnk" - "Mozilla Corporation" - C:\Program Files\Mozilla Firefox\firefox.exe (Shortcut exists | File exists)
"Mozilla Thunderbird 3.0 Beta 3.lnk" - "Mozilla Messaging" - C:\Program Files\Mozilla Thunderbird 3.0 Beta 3\thunderbird.exe (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Skype" - "Skype Technologies S.A." - "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"BDAgent" - "BitDefender S.R.L." - "C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe"
"BitDefender Antiphishing Helper" - "BitDefender S.R.L." - "C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe"
" Malwarebytes Anti-Malware (reboot)" - "Malwarebytes Corporation" - "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
"SweetIM" - "SweetIM Technologies Ltd." - C:\Program Files\SweetIM\Messenger\SweetIM.exe

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"Canon BJ Language Monitor MP540 series" - "CANON INC." - C:\Windows\system32\CNMLM9E.DLL
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll
"Send To Microsoft OneNote Monitor" - "Microsoft Corporation" - C:\Windows\system32\msonpmon.dll
"Toshiba Bluetooth Monitor" - "TOSHIBA CORPORATION." - C:\Windows\system32\tbtmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Microsoft Fix it Center\MatsRes.dll,-9000" (MatSvc) - "Microsoft Corporation" - C:\Program Files\Microsoft Fix it Center\Matsvc.exe
"@%SystemRoot%\System32\uxtuneup.dll,-4096" (UxTuneUp) - "TuneUp Software" - C:\Windows\System32\uxtuneup.dll
"@C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1" (TuneUp.Defrag) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe
"a-squared Free Service" (a2free) - "Emsi Software GmbH" - C:\Program Files\a-squared Free\a2service.exe
"Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
"Apache2.2" (Apache2.2) - "Apache Software Foundation" - C:\xampp\apache\bin\httpd.exe
"ArcSoft Connect Daemon" (ACDaemon) - "ArcSoft Inc." - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
"BitDefender Arrakis Server" (Arrakis3) - "BitDefender S.R.L. hxxp://www.bitdefender.com" - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
"BitDefender Desktop Update Service" (LIVESRV) - "BitDefender S.R.L." - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
"BitDefender Threat Scanner" (scan) - "S.C. BitDefender S.R.L" - C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll
"BitDefender Virus Shield" (VSSERV) - "BitDefender S.R.L." - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
"CPUCooLServer Service" (CPUCooLServer) - ? - C:\Program Files\CPUCooL\CooLSrv.exe (File found, but it contains no detailed information)
"ICQ Service" (ICQ Service) - ? - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
"Intel(R) Active Management Technology Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files\Intel\AMT\LMS.exe
"Intel(R) Active Management Technology System Status Service" (atchksrv) - "Intel Corporation" - C:\Program Files\Intel\AMT\atchksrv.exe
"Intel(R) Active Management Technology User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files\Intel\AMT\UNS.exe
"Intel(R) Matrix Storage Event Monitor" (IAANTMON) - "Intel Corporation" - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
"Intel(R) PROSet/Wireless Event Log" (EvtEng) - "Intel(R) Corporation" - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
"Intel(R) PROSet/Wireless Registry Service" (RegSrvc) - "Intel(R) Corporation" - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
"Machine Debug Manager" (MDM) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
"MySQL" (MySQL) - "MySQL AB" - C:\xampp\mysql\bin\mysqld.exe
"NTRU TSS v1.2.1.12 TCS" (tcsd_win32.exe) - ? - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe (File found, but it contains no detailed information)
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"SecureStorageService" (SecureStorageService) - "Wave Systems Corp." - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
"Sony Ericsson OMSI download service" (OMSI download service) - ? - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (File found, but it contains no detailed information)
"StarMoney 7.0 OnlineUpdate" (StarMoney 7.0 OnlineUpdate) - "Star Finanz - Software Entwicklung und Vertriebs GmbH" - C:\Program Files\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe
"TeamViewer 5" (TeamViewer5) - "TeamViewer GmbH" - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
"TOSHIBA Bluetooth Service" (TOSHIBA Bluetooth Service) - "TOSHIBA CORPORATION" - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
"TuneUp Utilities Service" (TuneUp.UtilitiesSvc) - "TuneUp Software" - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"Wave Systems Kerberos LSP" - "Wave Systems Corp." - C:\Windows\system32\biolsp.dll

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit Online Solutions :: Index

Alt 20.05.2010, 20:42   #22
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.05.2010, 22:37   #23
roadrunner14
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


hier ein log:

Zitat:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4117

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

20.05.2010 23:16:19
mbam-log-2010-05-20 (23-16-19).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 323691
Laufzeit: 1 Stunde(n), 27 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 21.05.2010, 10:20   #24
roadrunner14
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


hier noch der log vom superantispyware:

Zitat:
SUPERAntiSpyware Scan Log
SUPERAntiSpyware.com | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 05/21/2010 at 02:15 AM

Application Version : 4.37.1000

Core Rules Database Version : 4964
Trace Rules Database Version: 2776

Scan type : Complete Scan
Total Scan Time : 01:10:58

Memory items scanned : 562
Memory threats detected : 0
Registry items scanned : 9042
Registry threats detected : 0
File items scanned : 50971
File threats detected : 8

Adware.Tracking Cookie
C:\Users\roadrunner1405\AppData\Roaming\Microsoft\Windows\Cookies\roadrunner1405@atwola[1].txt
C:\Users\roadrunner1405\AppData\Roaming\Microsoft\Windows\Cookies\roadrunner1405@doubleclick[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@bizzclick[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@clickpayz1.91462.blueseek[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@clickpayz10.91423.blueseek[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@clickpayz3.91456.blueseek[1].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@clicksor[2].txt
C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@myroitracking[1].txt

Alt 21.05.2010, 11:47   #25
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Da wurden nur Cookies gefunden. Noch Probleme?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.05.2010, 11:50   #26
roadrunner14
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Nö, sonst alles ok. Denke das wars dann.

Danke!!!!!!!!!!!!!!!!!!

Alt 21.05.2010, 11:56   #27
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Gut, bevor Du in den Sack haust ( ) bitte noch die Updates prüfen

Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update



PDF-Reader aktualisieren
Dein Adobe Reader ist nicht aktuell, was ein großes Sicherheitsrisiko darstellt. Du solltest daher besser die alte Version über Systemsteuerung => Software deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst.

Ich empfehle einen alternativen PDF-Reader wie SumatraPDF oder Foxit PDF Reader, beide sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers, hier der direkte Downloadlink => http://filepony.de/?q=Flash+Player


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 21.05.2010, 12:54   #28
roadrunner14
 
Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Standard

Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


Hab alles abgearbeitet. Windows Update ist komplett aktuell. Da nehm ich normal alle Updates mit die kommen. Mein Bitdefender meldet die auch wenn welche kommen und installiert die. Die anderen Tools sind jetzt auch aktuell.
Besten Dank!

Antwort
Seite 2 von 2 1 2

Themen zu Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen
bitdefender, defender, ebay, falsche, falsche links, firefox, google, jahre, komplett, links, malware, neue, neuen, probleme, programme, prüfen, schonmal, spyware, suche, tab, tab öffnen, tan, windows, windows 7, windows 7 ultimate, öffnen, öffnet


« Gefahrenstufe einiger Viren | ICQ verschickt Links und Internet Explorer öffnet Fenster »


Ähnliche Themen: Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen


  1. Links aus Google Suche rufen falsche Seite auf!
    Plagegeister aller Art und deren Bekämpfung - 24.09.2013 (11)
  2. Google Suche falsche Ergebnisse unter Firefox 20
    Plagegeister aller Art und deren Bekämpfung - 14.04.2013 (22)
  3. Falsche Links in Google-Suche
    Log-Analyse und Auswertung - 14.11.2012 (13)
  4. Google öffnet falsche Links und Yahoo mail geht bei Firefox nicht
    Log-Analyse und Auswertung - 30.09.2011 (1)
  5. Firefox öffnet falsche Seiten über die Google suche
    Log-Analyse und Auswertung - 17.05.2011 (1)
  6. Google öffnet falsche Links (und fake MS Removal Tool)
    Plagegeister aller Art und deren Bekämpfung - 04.04.2011 (17)
  7. Firefox öffnet falsche Links, Schadsoftware?
    Log-Analyse und Auswertung - 19.01.2011 (1)
  8. Firefox leitet auf falsche google-Links weiter und öffnet sich selbst in Popups neu.
    Plagegeister aller Art und deren Bekämpfung - 04.12.2010 (6)
  9. Firefox Öffnet in Google falsche Links und öffnet spontan Websites in neuem Tab
    Plagegeister aller Art und deren Bekämpfung - 28.11.2010 (5)
  10. Firefox langsam, öffnet automatisch links, falsche Weiterleitung bei google suche
    Log-Analyse und Auswertung - 24.11.2010 (17)
  11. Firefox Öffnet in Google falsche Links + Spotan Werbeseiten
    Plagegeister aller Art und deren Bekämpfung - 18.05.2010 (28)
  12. Google öffnet falsche links
    Plagegeister aller Art und deren Bekämpfung - 23.12.2009 (26)
  13. Firefox öffnet falsche links
    Log-Analyse und Auswertung - 26.06.2009 (1)
  14. firefox / google öffnet falsche links
    Log-Analyse und Auswertung - 04.05.2009 (3)
  15. Google öffnet falsche Links
    Log-Analyse und Auswertung - 05.10.2008 (4)
  16. Falsche Links nach Google Suche. Brauche Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 08.08.2008 (7)
  17. Internet Explorer öffnet nach Google-Suche falsche Internetseiten
    Plagegeister aller Art und deren Bekämpfung - 08.04.2007 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen - Combofix - Scripten 1. Starte das Notepad (Start / Ausführen / notepad[Enter]) 2. Jetzt füge mit copy/paste den ganzen Inhalt der untenstehenden Codebox in das Notepad Fenster ein. Code: Alles - Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen...
Archiv
Du betrachtest: Firefox öffnet bei suche in Google mehrmals falsche links vor dem richtigen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131