Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Was ist Superfish.com bei Google Chrome?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 22.08.2012, 20:40   #1
JensF
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Hallo zusammen,

ich nutze schon seit geraumer Zeit den Browser Chrome. Nun ist mir aufgefallen das egal welche Seite ich aufrufe unten in der Statusleiste beim aufrufen auch immer auf eine Seite Namens

Superfish.com bzw.
static7.superfish.com

Ich weiß nicht ob das was schlimmes ist oder nicht aber ein wenig stutzig macht es mich schon.

Vielleicht kann mir da ja jemand helfen.....!!!
__________________
Gruß Jens

Alt 22.08.2012, 23:44   #2
t'john
/// Helfer-Team
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?





1. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________

__________________

Alt 25.08.2012, 11:34   #3
JensF
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Hallo,

sorry das es ein wenig länger gedauert hat.
Habe nun alle Schritte ausgeführt.

Das Anti Malware Programm hat nichts gefunden.

Und der ADW Cleaner auch nicht.

Hier der Log.


Zitat:
# AdwCleaner v1.801 - Logfile created 08/25/2012 at 11:32:53
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Jens - TOWER
# Boot Mode : Normal
# Running from : C:\Users\Jens\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\ProgramData\boost_interprocess

***** [Registry] *****

Key Found : HKCU\Software\MarketPrecision
Key Found : HKLM\SOFTWARE\MarketPrecision
[x64] Key Found : HKCU\Software\MarketPrecision

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Charline\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [977 octets] - [25/08/2012 11:32:53]

########## EOF - C:\AdwCleaner[R1].txt - [1104 octets] ##########

*edit*

Hab zur Veranschaulichung mal versucht ein kleines Video zu machen....vielleicht hilft das auch weiter...

hxxp://youtu.be/dWDaetD4B6U
__________________
__________________

Geändert von JensF (25.08.2012 um 11:49 Uhr) Grund: Video hinzugefügt

Alt 25.08.2012, 17:19   #4
t'john
/// Helfer-Team
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Kommt dieses superfisch nur auf einer Seite oder auf allen?


Sehr gut!


  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html
__________________
Mfg, t'john
Das TB unterstützen

Alt 25.08.2012, 21:40   #5
JensF
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Hallo,

werde den zweiten Teil der Überprüfung leider erst morgen machen können.

Superfish kommt auf jeder Seite und was mir noch aufgefallen ist das es auch am Netbook vorkommt was wir hier noch haben.

Dort ist aber weiter nichts drauf außer Chrome und avast Antivirus. Auf meinem anderen PC ist Kaspersky als Virenprogramm drauf und noch einige andere Programme.

Hab gerade auch nochmal gesucht und habe eine Info gefunden das es die Erweiterung IETab im Browser sein soll. Diese Erweiterung hatte ich drauf aber sie schon vor einiger Zeit deinstalliert.

__________________
Gruß Jens

Geändert von JensF (25.08.2012 um 22:09 Uhr)

Alt 26.08.2012, 01:54   #6
t'john
/// Helfer-Team
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Alles klar.
__________________
--> Was ist Superfish.com bei Google Chrome?

Alt 26.08.2012, 14:19   #7
JensF
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Hallo,

so habe jetzt nochmal alles durchlaufen lassen und hier die Log Files...


adwcleaner...

Zitat:
# AdwCleaner v1.801 - Logfile created 08/26/2012 at 12:37:56
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Jens - TOWER
# Boot Mode : Normal
# Running from : C:\Users\Jens\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\boost_interprocess

***** [Registry] *****

Key Deleted : HKCU\Software\MarketPrecision
Key Deleted : HKLM\SOFTWARE\MarketPrecision

***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v21.0.1180.83

File : C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Charline\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1103 octets] - [25/08/2012 11:32:53]
AdwCleaner[S1].txt - [992 octets] - [26/08/2012 12:37:56]

########## EOF - C:\AdwCleaner[S1].txt - [1119 octets] ##########



Anti Malware

Zitat:
Emsisoft Anti-Malware - Version 6.6
Letztes Update: 26.08.2012 12:52:12

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
Archiv Scan: An
ADS Scan: An

Scan Beginn: 26.08.2012 12:52:29

C:\Windows\Setup\SCRIPTS\w7ldr1 gefunden: HackTool.Win32.Gendows!E2

Gescannt 702462
Gefunden 1

Scan Ende: 26.08.2012 13:48:29
Scan Zeit: 0:56:00

C:\Windows\Setup\SCRIPTS\w7ldr1 Quarantäne HackTool.Win32.Gendows!E2

Quarantäne 1

Eine Sache wurde gefunden.....kann es das gewesen sein????

Gewesen ist es das leider auch nicht. Superfish wird immer noch geladen. Ist garantiert eine Chrome Erweiterung. Nur welche...???
__________________
Gruß Jens

Alt 27.08.2012, 03:08   #8
t'john
/// Helfer-Team
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*.*
%APPDATA%\*AcroIEH*.*
%APPDATA%\*.exe
%APPDATA%\*.tmp
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
Mfg, t'john
Das TB unterstützen

Alt 29.08.2012, 18:20   #9
JensF
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Hier die OTL.txt


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 29.08.2012 17:27:51 - Run 1
OTL by OldTimer - Version 3.2.59.1     Folder = C:\Users\Jens\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,74 Gb Available Physical Memory | 37,26% Memory free
4,00 Gb Paging File | 2,46 Gb Available in Paging File | 61,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 79,98 Gb Total Space | 37,46 Gb Free Space | 46,84% Space Free | Partition Type: NTFS
Drive D: | 152,81 Gb Total Space | 125,26 Gb Free Space | 81,97% Space Free | Partition Type: NTFS
Drive E: | 611,04 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: TOWER | User Name: Jens | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.08.29 08:26:41 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jens\Desktop\OTL.exe
PRC - [2012.08.18 00:28:57 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012.08.14 10:52:28 | 001,014,624 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 10:46:44 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe
PRC - [2012.07.25 10:46:42 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.05.12 10:47:36 | 000,932,528 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012.03.20 14:05:26 | 000,182,784 | ---- | M] () -- C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
PRC - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2009.06.23 16:59:32 | 000,259,368 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe
PRC - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.05.12 10:47:36 | 000,932,528 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2012.03.16 15:42:58 | 000,315,392 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
MOD - [2012.03.16 15:42:56 | 000,433,664 | ---- | M] () -- C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
MOD - [2011.04.25 00:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
MOD - [2011.04.25 00:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
MOD - [2011.04.25 00:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
MOD - [2011.04.25 00:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
MOD - [2011.04.25 00:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
MOD - [2011.04.25 00:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
MOD - [2011.04.20 20:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.08.26 17:11:44 | 000,250,568 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.30 18:01:02 | 003,075,920 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.25 10:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2012.07.25 10:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.03.20 14:05:26 | 000,182,784 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe -- (BotkindSyncService)
SRV - [2012.03.15 18:31:06 | 000,168,448 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV - [2012.03.15 18:31:06 | 000,131,072 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV - [2011.11.15 01:49:06 | 000,032,768 | ---- | M] (STRATO) [Auto | Running] -- C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive Service.exe -- (STRATO HiDrive Service)
SRV - [2011.04.25 00:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2011.03.31 17:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.23 16:59:32 | 000,259,368 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe -- (NeroMediaHomeService.4)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.16 11:05:36 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.16 00:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 19:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011.03.04 14:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.03.04 14:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2011.01.08 01:22:22 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.10.22 03:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)
DRV:64bit: - [2010.10.22 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2010.09.01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010.06.25 17:08:10 | 000,036,928 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\htcnprot.sys -- (htcnprot)
DRV:64bit: - [2010.04.07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2009.12.01 12:31:10 | 001,155,072 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cmudax3.sys -- (cmuda3)
DRV:64bit: - [2009.11.02 21:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.11.01 20:16:50 | 000,033,736 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 00:58:24 | 000,507,392 | ---- | M] (ITETech                  ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF15BDA)
DRV:64bit: - [2009.06.02 17:35:30 | 000,438,784 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rt61.sys -- (RT61)
DRV - [2012.04.30 18:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys -- (a2acc)
DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7GGLD_de&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1;192.168.*.*
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8118
 
IE - HKU\S-1-5-21-650777869-3418373650-919073663-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@logitech.com/HarmonyRemote,version=1.0.0: C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jens\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jens\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Jens\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll (Facebook, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2012.05.03 15:56:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2012.05.03 15:56:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2012.05.03 15:56:31 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.de/ig
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.de/ig
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll
CHR - plugin: ProductName (Enabled) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\miedgcmlgpmdagojnnbemlkgidepfjfi\0.9.8_0\plugin/NPIETab.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Jens\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Harmony Firefox Plugin (Enabled) = C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Jens\AppData\Local\Facebook\Messenger\2.1.4520.0\npFbDesktopPlugin.dll
CHR - Extension: X-notifier (Gmail, Hotmail, Yahoo, AOL ...) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\apebebenniibdlpbookhgelaghfnaonp\1.0.12_0\
CHR - Extension: Auto Copy = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\bijpdibkloghppkbmhcklkogpjaenfkg\2.1.1_0\
CHR - Extension: YouTube = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\
CHR - Extension: AdBlock = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_1\
CHR - Extension: LastPass = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\2.0.10_0\
CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
CHR - Extension: goo.gl URL Shortener = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk\0.7.2_0\
CHR - Extension: Shortcuts for Google Services = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\inkakoeaffjffaieeahkifojiiajanmb\1.1.5_0\
CHR - Extension: Windows Longhorn (Aero) = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnibogjpmbdhgcnihcbbgemafibnmnam\2.23_0\
CHR - Extension: Unfriend Finder = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddnblacojpnmjdlpnndlcamnmmkfina\40_0\
CHR - Extension: IE Tab Classic = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\miedgcmlgpmdagojnnbemlkgidepfjfi\0.9.8_0\
CHR - Extension: stern.de = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnkeklmkmolipcclpncndnpdgilieafl\1.0_0\
CHR - Extension: Evernote Web Clipper = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.6_1\
CHR - Extension: Anti-Banner = C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O4:64bit: - HKLM..\Run: [CmPCIaudio] C:\Windows\Syswow64\CMICNFG3.dll (C-Media Corporation)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\Run: [chromium] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [BDAB9B7B072FC8EBB71FCF0C306C76E292E413CA._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [DeskDriveStartup] C:\Program Files (x86)\DeskDrive\DeskDrive.exe (Blue Onion Software)
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [Facebook Update] C:\Users\Jens\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1004..\Run: [Spotify Web Helper] C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1003..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-650777869-3418373650-919073663-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O4 - Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk = C:\Program Files (x86)\STRATO AG\STRATO HiDrive\STRATO HiDrive.exe (STRATO)
O4 - Startup: C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk = C:\Program Files (x86)\YoWindow\yowindow.exe (Repkasoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: IE-Spuren löschen - {6C7C0C9A-B51D-4ADB-A74D-C4E33744F866} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Internet Explorer.lnk ()
O9 - Extra Button: Löschautomat - {8DA7743F-9274-4BE8-899E-C0FF6ED61B00} - C:\Program Files (x86)\TraXEx\Integration\TraXEx Löschautomat.lnk ()
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-650777869-3418373650-919073663-1004\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} hxxp://eic.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab (DjVuCtl Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35BD144E-D9FE-4017-A8D9-46F30F7C6280}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{57213BAC-F779-4BF3-9C7F-3441D0D3438E}: DhcpNameServer = 192.168.178.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.05.24 09:04:44 | 000,000,050 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4a93791f-d962-11e0-87d6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4a93791f-d962-11e0-87d6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\cdsetup.exe -- [2012.05.24 09:04:44 | 000,056,112 | R--- | M] ()
O33 - MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\Shell - "" = AutoRun
O33 - MountPoints2\{a864a12c-3ec5-11e1-829c-001e90f5448d}\Shell\AutoRun\command - "" = H:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk -  - File not found
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: hpqSRMon - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Nero MediaHome 4 - hkey= - key= - C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0e8d0700-75df-11d3-8b4a-0008c7450c4a} - LizardTech DjVu Activex Control
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.29 08:26:44 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Jens\Desktop\OTL.exe
[2012.08.29 08:23:59 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{46350AFC-A9BA-4019-AC1B-06399F5C441B}
[2012.08.27 09:56:47 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{9FAD8A9A-DB81-4F42-83C0-D3975DCE9641}
[2012.08.26 12:50:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012.08.26 12:49:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2012.08.26 12:49:57 | 000,000,000 | ---D | C] -- C:\Users\Jens\Documents\Anti-Malware
[2012.08.26 10:07:19 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{DC949791-1FBA-4A04-A064-7B3C395F0E82}
[2012.08.25 10:05:23 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Malwarebytes
[2012.08.25 10:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.25 10:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.25 10:05:01 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.25 10:05:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.25 09:41:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{25FEA537-BB74-4EFE-BFDF-E9F52B6131D9}
[2012.08.22 18:41:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Mozilla
[2012.08.22 18:39:21 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{98C6277F-21DB-4525-B69B-41F504468953}
[2012.08.21 19:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.08.21 19:47:45 | 000,068,928 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.08.21 19:47:45 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.08.21 19:47:30 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.08.21 19:23:27 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{3A2D6515-1088-4AEE-9DE3-23BB34F7B290}
[2012.08.20 19:51:28 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{ED2657A7-F39F-4AE9-BC92-8B0D2AFCE6F0}
[2012.08.16 14:47:12 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\GMail Drive
[2012.08.16 14:45:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ShellExt
[2012.08.16 14:45:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ShellExt
[2012.08.16 12:47:15 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{C3BA0D7B-935B-4332-A8D2-8F95337D156F}
[2012.08.16 12:47:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{0D709960-3D7E-48D3-9554-643EF656309C}
[2012.08.15 20:29:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012.08.15 20:29:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2012.08.15 13:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.08.15 13:26:28 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\Secunia PSI
[2012.08.15 13:26:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012.08.15 13:00:37 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\YoWindow
[2012.08.15 13:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YoWindow
[2012.08.15 13:00:36 | 000,000,000 | ---D | C] -- C:\ProgramData\YoWindow
[2012.08.15 12:59:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YoWindow
[2012.08.15 12:18:25 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{FBAB629C-70E8-4E82-B2F5-051B0F7D227E}
[2012.08.15 12:18:06 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{1C2983D9-8BD0-4D4A-A2F2-09CA52E1D2DB}
[2012.08.14 12:27:57 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{120E1B53-3E8A-439E-9FDB-88A9FCDF7620}
[2012.08.14 12:27:08 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{10A5DFF7-257C-4BF5-966A-FBA8C63A7D61}
[2012.08.13 14:59:03 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{B88C0121-B152-4C2C-9B45-445F8A406D12}
[2012.08.13 14:58:44 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{83E7DE35-5E31-4CFD-99E0-57B346922B9C}
[2012.08.05 20:58:35 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{5D6809A7-ABCB-4CF5-B384-A958B75ABE93}
[2012.08.05 20:58:13 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{E5063A18-8385-4D0D-BD5E-42D093777EA5}
[2012.08.05 08:57:46 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{F4336489-61B0-4BB5-B15D-12E83C63EAE7}
[2012.08.05 08:57:13 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{60BB3704-A5B8-485C-B9E0-E40011CE718D}
[2012.08.04 08:16:05 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{FCED3F05-037A-40A7-A8EF-3B349C9E542D}
[2012.08.04 08:15:42 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{B1B34639-9519-420B-9434-B670CF39D115}
[2012.08.03 12:08:29 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{A34A0BD4-C452-4267-A670-262AB12AB9FE}
[2012.08.03 12:08:05 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{42C9932A-A0F6-4A23-BCA1-D6B948266465}
[2012.08.02 09:50:15 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\STRATO
[2012.08.02 09:49:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STRATO AG
[2012.08.02 09:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STRATO AG
[2012.08.02 09:32:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{3E8FB497-C8C6-4BA0-96CF-1CE316CB1C3B}
[2012.08.01 21:56:17 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Roaming\Bitdreamers
[2012.08.01 21:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdreamers
[2012.08.01 21:56:09 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdreamers
[2012.08.01 21:31:16 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{55F85693-0ECE-4305-B71B-04BED09CF275}
[2012.08.01 21:31:01 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{1578C826-B430-43D3-834B-810DDDA4D5FC}
[2012.07.31 09:47:41 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{D634424B-D367-45DE-B3C7-1C162E916220}
[2012.07.31 09:47:20 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{7E86B8B9-E5F3-4F24-9527-2684233CE4B9}
[2012.07.30 21:46:49 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{FF24148F-80D2-4C11-8CC2-72E240AAF3BE}
[2012.07.30 21:46:23 | 000,000,000 | ---D | C] -- C:\Users\Jens\AppData\Local\{EFA0A98A-CC2D-4A0A-A673-D1B0DC2BC7D3}
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.29 17:32:23 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.29 17:32:23 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.29 17:24:02 | 000,000,316 | ---- | M] () -- C:\Users\Jens\Desktop\Gainward_178 (E).lnk
[2012.08.29 17:22:21 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.08.29 17:20:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.29 17:20:31 | 1610,014,720 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.29 08:35:55 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004UA.job
[2012.08.29 08:26:41 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Jens\Desktop\OTL.exe
[2012.08.27 09:54:28 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.26 17:07:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.08.26 16:35:02 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004UA.job
[2012.08.26 10:22:59 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.26 10:22:59 | 000,654,478 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.26 10:22:59 | 000,616,342 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.26 10:22:59 | 000,130,536 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.26 10:22:59 | 000,106,722 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.25 10:07:22 | 000,618,227 | ---- | M] () -- C:\Users\Jens\Desktop\adwcleaner.exe
[2012.08.25 09:39:01 | 000,412,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.22 21:01:48 | 000,001,013 | ---- | M] () -- C:\Users\Jens\Desktop\TimeComX.lnk
[2012.08.22 19:35:01 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004Core.job
[2012.08.22 19:35:01 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004Core.job
[2012.08.22 04:58:13 | 000,002,525 | ---- | M] () -- C:\Users\Jens\Desktop\Evernote.lnk
[2012.08.15 13:26:20 | 000,001,113 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012.08.15 13:00:37 | 000,001,042 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk
[2012.08.02 11:11:51 | 000,001,442 | ---- | M] () -- C:\Users\Jens\Desktop\Dropbox.lnk
[2012.08.02 11:09:47 | 000,001,260 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk
[2012.08.02 09:49:39 | 000,001,224 | ---- | M] () -- C:\Users\Public\Desktop\STRATO HiDrive.lnk
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.08.29 17:24:02 | 000,000,316 | ---- | C] () -- C:\Users\Jens\Desktop\Gainward_178 (E).lnk
[2012.08.25 10:07:09 | 000,618,227 | ---- | C] () -- C:\Users\Jens\Desktop\adwcleaner.exe
[2012.08.25 09:38:52 | 000,412,568 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.22 04:58:13 | 000,002,525 | ---- | C] () -- C:\Users\Jens\Desktop\Evernote.lnk
[2012.08.21 19:48:45 | 002,621,723 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.08.21 19:46:14 | 000,014,324 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.08.15 13:34:40 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012.08.15 13:26:20 | 000,001,113 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012.08.15 13:26:20 | 000,001,076 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012.08.15 13:00:37 | 000,001,042 | ---- | C] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk
[2012.08.02 11:11:51 | 000,001,442 | ---- | C] () -- C:\Users\Jens\Desktop\Dropbox.lnk
[2012.08.02 11:09:46 | 000,001,260 | ---- | C] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk
[2012.08.02 09:49:39 | 000,001,224 | ---- | C] () -- C:\Users\Public\Desktop\STRATO HiDrive.lnk
[2012.08.01 21:56:10 | 000,001,013 | ---- | C] () -- C:\Users\Jens\Desktop\TimeComX.lnk
[2012.05.24 09:04:44 | 000,007,800 | ---- | C] () -- C:\Windows\cadx2.ini
[2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012.03.18 19:59:54 | 000,012,754 | ---- | C] () -- C:\ProgramData\mxnhytee.feu
[2012.03.16 11:08:34 | 000,017,408 | ---- | C] () -- C:\Users\Jens\AppData\Local\WebpageIcons.db
[2011.11.13 17:13:15 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP6.dll
[2011.11.13 17:13:15 | 000,000,188 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfl
[2011.11.13 17:12:49 | 000,002,754 | ---- | C] () -- C:\Windows\cmudax3.ini
[2011.11.13 17:12:49 | 000,002,123 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.cfg
[2011.11.13 17:12:49 | 000,000,222 | ---- | C] () -- C:\Windows\Cmicnfg3.ini.imi
[2011.10.17 11:28:43 | 000,007,606 | ---- | C] () -- C:\Users\Jens\AppData\Local\Resmon.ResmonCfg
[2011.10.02 14:04:26 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.09.10 08:27:04 | 000,000,680 | RHS- | C] () -- C:\Users\Jens\ntuser.pol
 
========== LOP Check ==========
 
[2012.03.07 17:47:38 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Motorola
[2011.09.18 14:24:01 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\Rovio
[2011.11.12 18:13:26 | 000,000,000 | ---D | M] -- C:\Users\Charline\AppData\Roaming\TuneUp Software
[2012.06.17 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\.kde
[2012.08.01 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Bitdreamers
[2011.09.16 12:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Canneverbe Limited
[2012.04.10 10:19:01 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\COMPUTERBILD Cloud
[2012.08.15 20:32:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Dropbox
[2011.09.10 09:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Engelmann Media
[2012.07.05 12:15:32 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\EPSON
[2011.09.28 18:00:07 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!
[2011.09.27 20:54:37 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.07.10 19:27:56 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Miranda
[2011.12.29 19:49:28 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Motorola
[2012.08.26 10:57:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Mp3tag
[2011.09.10 08:38:03 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\NetSpeedMonitor
[2011.09.18 14:21:26 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Rovio
[2012.03.28 10:44:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\S.A.D
[2012.08.25 10:01:53 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Spotify
[2012.08.02 09:50:15 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\STRATO
[2011.10.14 22:49:29 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\TuneUp Software
[2012.03.23 17:41:44 | 000,000,000 | -HSD | M] -- C:\Users\Jens\AppData\Roaming\wyUpdate AU
[2011.10.09 13:55:52 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\XMedia Recode
[2012.08.15 13:01:40 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\YoWindow
[2012.08.22 19:35:01 | 000,001,112 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004Core.job
[2012.08.26 16:35:02 | 000,001,134 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-650777869-3418373650-919073663-1004UA.job
[2012.06.13 08:04:58 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.06.17 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\.kde
[2011.11.16 10:00:25 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Adobe
[2012.08.01 21:56:17 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Bitdreamers
[2011.09.16 12:37:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Canneverbe Limited
[2012.04.10 10:19:01 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\COMPUTERBILD Cloud
[2011.10.09 13:47:07 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\DivX
[2012.08.15 20:32:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Dropbox
[2011.09.10 09:57:43 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Engelmann Media
[2012.07.05 12:15:32 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\EPSON
[2011.09.28 18:00:07 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!
[2011.09.27 20:54:37 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2011.09.14 10:19:14 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Google
[2011.10.24 11:14:53 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\HP
[2011.09.09 17:35:18 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Identities
[2011.10.24 21:46:12 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\InstallShield
[2012.03.28 07:19:16 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Logitech
[2011.09.09 18:46:46 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Macromedia
[2012.08.25 10:05:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Media Center Programs
[2012.05.01 23:31:23 | 000,000,000 | --SD | M] -- C:\Users\Jens\AppData\Roaming\Microsoft
[2012.07.10 19:27:56 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Miranda
[2011.12.29 19:49:28 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Motorola
[2012.08.22 18:41:01 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Mozilla
[2012.08.26 10:57:22 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Mp3tag
[2012.01.15 18:34:05 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Nero
[2011.09.10 08:38:03 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\NetSpeedMonitor
[2011.09.18 14:21:26 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Rovio
[2012.03.28 10:44:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\S.A.D
[2012.08.25 10:01:53 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Spotify
[2012.08.02 09:50:15 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\STRATO
[2012.03.30 18:19:23 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\tor
[2011.10.14 22:49:29 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\TuneUp Software
[2012.08.03 21:21:42 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\vlc
[2011.09.11 15:28:47 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\WinRAR
[2012.03.23 17:41:44 | 000,000,000 | -HSD | M] -- C:\Users\Jens\AppData\Roaming\wyUpdate AU
[2011.10.09 13:55:52 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\XMedia Recode
[2011.10.22 12:25:02 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\Yahoo!
[2012.08.15 13:01:40 | 000,000,000 | ---D | M] -- C:\Users\Jens\AppData\Roaming\YoWindow
 
< %APPDATA%\*.exe /s >
[2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.05.24 20:39:24 | 000,872,144 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 20:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\Jens\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.05.12 10:47:36 | 009,478,320 | ---- | M] (Spotify Ltd) -- C:\Users\Jens\AppData\Roaming\Spotify\spotify.exe
[2012.05.12 10:47:36 | 000,932,528 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\*.* >
[2012.07.12 04:54:17 | 000,000,174 | -HS- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
[2012.05.04 11:37:45 | 000,001,134 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
[2012.08.02 11:09:47 | 000,001,260 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\STRATO HiDrive.lnk
[2012.08.15 13:00:37 | 000,001,042 | ---- | M] () -- C:\Users\Jens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk
 
< %APPDATA%\*AcroIEH*.* >
 
< %APPDATA%\*.exe >
 
< %APPDATA%\*.tmp >
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
         
--- --- ---
__________________
Gruß Jens

Alt 29.08.2012, 19:02   #10
t'john
/// Helfer-Team
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Lasse SUPERAntiSpyware laufen: http://www.trojaner-board.de/51871-a...tispyware.html
__________________
Mfg, t'john
Das TB unterstützen

Alt 30.08.2012, 15:37   #11
JensF
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



So, auch das habe ich gemacht und es wurden 39 TrackingCokies und 1 Critical... gefunden.

Habe alles löschen lassen und den Rechner neu gestartet.

Superfish ist immer noch da.....
__________________
Gruß Jens

Alt 30.08.2012, 21:17   #12
t'john
/// Helfer-Team
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Wo ist das Log?

NEU LADEN!
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
Mfg, t'john
Das TB unterstützen

Alt 31.08.2012, 09:14   #13
JensF
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Das Log habe ich doch glatt vergessen.

Hier das Log von SuperAntiSpyware

Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 08/30/2012 at 10:45 AM

Application Version : 5.5.1012

Core Rules Database Version : 9149
Trace Rules Database Version: 6961

Scan type       : Complete Scan
Total Scan Time : 02:02:42

Operating System Information
Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned      : 777
Memory threats detected   : 0
Registry items scanned    : 74493
Registry threats detected : 0
File items scanned        : 129474
File threats detected     : 40

Trojan.Agent/Gen-Yoddos
	C:\PROGRAM FILES\WINRAR\DEFAULT.SFX

Adware.Tracking Cookie
	.doubleclick.net [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.xiti.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.aok.122.2o7.net [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.superrtl.122.2o7.net [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.ad.adnet.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.googleadservices.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.etracker.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.googleadservices.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atdmt.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.c.atdmt.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.c.atdmt.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.apmebf.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.apmebf.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.fastclick.net [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.ad.adnet.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adtech.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adfarm1.adition.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.statcounter.com [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.elitepartner.de [ C:\USERS\CHARLINE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	mediaservice.mirror-image.com [ C:\USERS\CHARLINE\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YHCXU6S8 ]
	.xiti.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.histats.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.histats.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.e-2dj6wjkooncjocq.stats.esomniture.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	wstat.wibiya.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.doubleclick.net [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.autoscout24.112.2o7.net [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	accounts.google.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	accounts.google.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.stats.paypal.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.paypal.112.2o7.net [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.etracker.de [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	in.getclicky.com [ C:\USERS\JENS\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
         

ADW Cleaner lasse ich gleich nochmal laufen.


Hier der ADW Cleaner Log

Zitat:
# AdwCleaner v2.000 - Datei am 08/31/2012 um 09:19:55 erstellt
# Aktualisiert am 30/08/2012 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : Jens - TOWER
# Normaler Modus : Normal
# Ausgeführt unter : C:\Users\Jens\Desktop\adwcleaner (1).exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Jens\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

Datei : C:\Users\Charline\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1103 octets] - [25/08/2012 11:32:53]
AdwCleaner[S1].txt - [1120 octets] - [26/08/2012 12:37:56]
AdwCleaner[R2].txt - [1103 octets] - [31/08/2012 09:17:29]
AdwCleaner[R3].txt - [1164 octets] - [31/08/2012 09:18:11]
AdwCleaner[R4].txt - [1095 octets] - [31/08/2012 09:19:55]

########## EOF - C:\AdwCleaner[R4].txt - [1155 octets] ##########
__________________
Gruß Jens

Geändert von JensF (31.08.2012 um 09:21 Uhr) Grund: ADW Log hinzugefügt

Alt 31.08.2012, 20:25   #14
t'john
/// Helfer-Team
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Scan mit SystemLook

Hiermit prüfe ich, ob für diese Infektion übliche Einträge noch vorhanden sind. Das Tool ändert nichts, wirft mir nur die nötigen Infos aus.

Lade SystemLook von jpshortstuff von einem der folgenden Spiegel herunter und speichere das Tool auf dem Desktop (falls noch nicht vorhanden).

Download Mirror #1

User mit 64Bit-Windows-Versionen benutzen diese Version => http://jpshortstuff.247fixes.com/SystemLook_x64.exe
  • Doppelklick auf die SystemLook.exe, um das Tool zu starten.
    Vista- und Windows 7-User unbedingt mit Rechtsklick und als Administrator starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :regfind 
    superfish
    
    :folderfind 
    superfish
    
    :filefind 
    superfish
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Wenn der Suchlauf beendet ist, wird sich Dein Editor mit den Ergebnissen öffnen, diese hier in den Thread posten.
  • Die Ergebnisse werden auf dem Desktop als SystemLook.txt gespeichert.
__________________
Mfg, t'john
Das TB unterstützen

Alt 01.09.2012, 17:06   #15
JensF
 
Was ist Superfish.com bei Google Chrome? - Standard

Was ist Superfish.com bei Google Chrome?



Hi, so das ganze ist nun auch fertig und es wurde tatsächlich was gefunden.

Zitat:
SystemLook 30.07.11 by jpshortstuff
Log created at 16:50 on 01/09/2012 by Jens
Administrator - Elevation successful

========== regfind ==========

Searching for "superfish"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]
"DllName"="SuperfishIEAddon.dll;SuperfishIEAddon.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}]
"DllName"="SuperfishIEAddon.dll;SuperfishIEAddon.dll"

========== folderfind ==========

Searching for "superfish"
No folders found.

========== filefind ==========

Searching for "superfish"
No files found.

Searching for " "
No files found.

-= EOF =-
__________________
Gruß Jens

Antwort

Themen zu Was ist Superfish.com bei Google Chrome?
aufrufe, aufrufen, browser, chrome, google, google chrome, hallo zusammen, namens, nutze, schlimmes, seite, statusleiste, superfish.com, wenig, zusammen, {74f475fa-6c75-43bd-aab9-ecda6184f600}



Ähnliche Themen: Was ist Superfish.com bei Google Chrome?


  1. ESET hat Diverses gefunden, Laptop extrem langsam, andauernde Fehlermeldungen Chrome"Ups Google Chrome ...."
    Plagegeister aller Art und deren Bekämpfung - 19.07.2015 (165)
  2. Chrome (Win 8.1) öffnet selbständig Tabs mit Werbung (Verdacht auf Superfish)
    Log-Analyse und Auswertung - 21.03.2015 (27)
  3. Google Chrome - öffnet eine andere Seite beim Starten von Google Chrome (Win7)
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (29)
  4. Browser Chrome Tabs öffnen selbständig, Seite wechselnd umgeleitet, Sound schaltet ein, Superfish.com als PUP nicht entfernbar
    Plagegeister aller Art und deren Bekämpfung - 11.06.2014 (17)
  5. Win 7: Google Chrome/Mozilla firefox lässt vermehrt Werbung auf Webseiten zu & Google Suchergebnisse scheinen manipuliert zu sein
    Log-Analyse und Auswertung - 29.04.2014 (8)
  6. SM.de in Google Chrome - Wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 22.03.2014 (9)
  7. Bettersurf in Google Chrome
    Plagegeister aller Art und deren Bekämpfung - 06.02.2014 (11)
  8. Bettersurf in Google Chrome
    Mülltonne - 29.01.2014 (1)
  9. Probleme mit Google Chrome
    Plagegeister aller Art und deren Bekämpfung - 15.12.2013 (18)
  10. Google Chrome stürzt ab!
    Alles rund um Windows - 28.10.2013 (2)
  11. Ungewolltest Pop Up im Google Chrome
    Log-Analyse und Auswertung - 29.07.2013 (13)
  12. Google Chrome stürzt ab!
    Log-Analyse und Auswertung - 29.07.2013 (3)
  13. Google Chrome Problem
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (18)
  14. Google Chrome und Avira
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (7)
  15. Kein Ton bei Google Chrome
    Alles rund um Windows - 17.06.2012 (0)
  16. Google Chrome leitet Trojaner-Board Treffer bei Google auf dollarade.com um!
    Diskussionsforum - 07.02.2012 (18)

Zum Thema Was ist Superfish.com bei Google Chrome? - Hallo zusammen, ich nutze schon seit geraumer Zeit den Browser Chrome. Nun ist mir aufgefallen das egal welche Seite ich aufrufe unten in der Statusleiste beim aufrufen auch immer auf - Was ist Superfish.com bei Google Chrome?...
Archiv
Du betrachtest: Was ist Superfish.com bei Google Chrome? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.