Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Browser (Google) leiten auf Spam-Seiten, keine Suche möglich

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 23.08.2012, 10:01   #1
Bischy
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Hallo, ich bin zum ersten mal mit so etwas konfrontiert und etwas hilflos. Ich habe bereits gegoogelt, sobald ich aber eine Lösung gegunden habe, leitet mich der Browser wieder auf eine x-beliebige Spamseite weiter im Register steht kurz eine IP mit 91.....?
Ich habe Panda Coud Antivirus Free und einen Systemcheck durchgeführt. Keine Verbesserung. CCleaner durchlaufen lassen, auch keine Verbesserung. Dann habe ich mit HijackThis ein Logfile erzeugt, die Auswertung hilft mir aber auch nicht weiter.
Vielleicht kann mir ja einer von euch Profis weiterhelfen.
hier das Logfile:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:28:17, on 23.08.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16448)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe
C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe
C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe
C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\CompeGPS\CompeGPSDev.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Rani\Downloads\HiJackThis204 (1).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Speckie - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - C:\Users\Rani\AppData\Roaming\Speckie\bin32\Speckie32.dll
O2 - BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O2 - BHO: GMX Toolbar BHO - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: GMX Toolbar - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll
O3 - Toolbar: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll
O4 - HKLM\..\Run: [Panda Security URL Filtering] "C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe"
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BackupAndRecoveryMonitor.exe] C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe
O4 - HKLM\..\Run: [TrayMonitor.exe] C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [CompeGPSDev] "C:\Program Files (x86)\CompeGPS\CompeGPSDev.exe" -cie "C:\Program Files (x86)\CompeGPS\CompeGPSDev.bat"
O4 - HKLM\..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Premium_Sonderedition\TrayServer_de.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-837266586-758456707-2396322252-1004\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Acronis Agent User')
O4 - HKUS\S-1-5-21-837266586-758456707-2396322252-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Acronis Agent User')
O4 - HKUS\S-1-5-18\..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f (User 'Default user')
O4 - Startup: Samsung SSD Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe
O4 - Global Startup: CineForm Status.lnk = C:\Program Files (x86)\CineForm\Tools\GoProCineFormStatusViewer.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Free YouTube Download - C:\Users\Rani\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rani\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
O9 - Extra button: (no name) - {E6846530-6088-4AA3-932F-C6245CE59A4C} - C:\Users\Rani\AppData\Roaming\Speckie\bin32\Speckie32.dll
O9 - Extra 'Tools' menuitem: Einstellungen Speckie - {E6846530-6088-4AA3-932F-C6245CE59A4C} - C:\Users\Rani\AppData\Roaming\Speckie\bin32\Speckie32.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} (GMNRev Class) - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: gmx - {8FAF0273-9CA8-4EFC-9536-1E35E254D5CD} - C:\Program Files (x86)\GMX Toolbar\IE\uitb.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Acronis Remote Agent Service (AcronisAgent) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Acronis Managed Machine Service (MMS) - Acronis - C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Panda Cloud Antivirus Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe
O23 - Service: Qualcomm Gobi 2000 Download Service (HP) (QDLService2kHP) - QUALCOMM, Inc. - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13509 bytes

Alt 24.08.2012, 14:38   #2
t'john
/// Helfer-Team
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich





1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

2. Schritt
Systemscan mit OTL (bebilderte Anleitung)

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden)- Doppelklick auf die OTL.exe

  • Vista und Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Wähle Scanne Alle Benuzer
  • Oben findest Du ein Kästchen mit Ausgabe. Wähle bitte Minimale Ausgabe
  • Unter Extra Registrierung, wähle bitte Benutze SafeList
  • Klicke nun auf Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 24.08.2012, 17:39   #3
Bischy
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Hallo, Danke für die Hilfe!
Momentan scheint sich das Problem wieder von selbst erledigt zu haben. Ich schicke euch dennoch die beiden Log-Files, weil bestimmt nicht alles in Ordnung ist.
Beim ersten Lauf von Malwarebytes wurden 1 gefunden und entfernt. Leider hab ich die Log nicht mehr.OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.08.2012 17:17:20 - Run 1
OTL by OldTimer - Version 3.2.58.1     Folder = C:\Users\Rani\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 5,03 Gb Available Physical Memory | 64,04% Memory free
15,72 Gb Paging File | 12,90 Gb Available in Paging File | 82,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 237,95 Gb Total Space | 168,73 Gb Free Space | 70,91% Space Free | Partition Type: NTFS
 
Computer Name: RANI-HP | User Name: Rani | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Rani\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Digital Trends Club\HI-epanel-Reporting.exe ()
PRC - C:\Program Files (x86)\Digital Trends Club\HI-epanel-Updater.exe ()
PRC - C:\Program Files (x86)\Digital Trends Club\HI-epanel-Process-Connector.exe ()
PRC - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\CompeGPS\CompeGPSDev.exe (CompeGPS Team SL (https:\www.compegps.com))
PRC - C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
PRC - C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe (Acronis)
PRC - C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe (Acronis)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe (QUALCOMM, Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe ( Hewlett-Packard Development Company, L.P.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Digital Trends Club\HI-epanel-Process-Connector.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (DpHost) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (HI-epanel-Reporting-Service) -- C:\Program Files (x86)\Digital Trends Club\HI-epanel-Reporting.exe ()
SRV - (HI-epanel-Update-Service) -- C:\Program Files (x86)\Digital Trends Club\HI-epanel-Updater.exe ()
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (PSUAService) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Panda Security, S.L.)
SRV - (NanoServiceMain) -- C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (AcronisAgent) -- C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe (Acronis)
SRV - (MMS) -- C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe (Acronis)
SRV - (HP ProtectTools Service) -- C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (HPFSService) -- C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (QDLService2kHP) -- C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kHP.exe (QUALCOMM, Inc.)
SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (PSINProt) -- C:\Windows\SysNative\drivers\PSINProt.sys (Panda Security, S.L.)
DRV:64bit: - (PSINKNC) -- C:\Windows\SysNative\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV:64bit: - (PSINProc) -- C:\Windows\SysNative\drivers\PSINProc.sys (Panda Security, S.L.)
DRV:64bit: - (PSINAflt) -- C:\Windows\SysNative\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV:64bit: - (PSINFile) -- C:\Windows\SysNative\drivers\PSINFile.sys (Panda Security, S.L.)
DRV:64bit: - (NNSSTRM) -- C:\Windows\SysNative\drivers\NNSStrm.sys (Panda Security, S.L.)
DRV:64bit: - (NNSTLSC) -- C:\Windows\SysNative\drivers\NNStlsc.sys (Panda Security, S.L.)
DRV:64bit: - (NNSSMTP) -- C:\Windows\SysNative\drivers\NNSSmtp.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPRV) -- C:\Windows\SysNative\drivers\NNSPrv.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPROT) -- C:\Windows\SysNative\drivers\NNSProt.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPOP3) -- C:\Windows\SysNative\drivers\NNSPop3.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPIHSW) -- C:\Windows\SysNative\drivers\NNSPihsw.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPICC) -- C:\Windows\SysNative\drivers\NNSpicc.sys (Panda Security, S.L.)
DRV:64bit: - (NNSNAHSL) -- C:\Windows\SysNative\drivers\NNSNAHSL.sys (Panda Security, S.L.)
DRV:64bit: - (NNSIDS) -- C:\Windows\SysNative\drivers\NNSIds.sys (Panda Security, S.L.)
DRV:64bit: - (NNSHTTP) -- C:\Windows\SysNative\drivers\NNSHttp.sys (Panda Security, S.L.)
DRV:64bit: - (NNSALPC) -- C:\Windows\SysNative\drivers\NNSAlpc.sys (Panda Security, S.L.)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (PSKMAD) -- C:\Windows\SysNative\drivers\PSKMAD.sys (Panda Security)
DRV:64bit: - (hotcore3) -- C:\Windows\SysNative\drivers\hotcore3.sys (Paragon Software Group)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (qcusbnethp2k) -- C:\Windows\SysNative\drivers\qcusbnethp2k.sys (QUALCOMM Incorporated)
DRV:64bit: - (qcusbserhp2k) -- C:\Windows\SysNative\drivers\qcusbserhp2k.sys (QUALCOMM Incorporated)
DRV:64bit: - (qcfilterhp2k) -- C:\Windows\SysNative\drivers\qcfilterhp2k.sys (QUALCOMM Incorporated)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (e1kexpress) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (rismcx64) -- C:\Windows\SysNative\drivers\rismcx64.sys (RICOH Company, Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FC F1 AD 87 9F 40 CD 01  [binary data]
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes,DefaultScope = {11F9290F-4B49-4A9C-94F1-924E4096A039}
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{03A7AE23-BBF7-4D40-A4F3-32D1F8A147BB}: "URL" = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{11F9290F-4B49-4A9C-94F1-924E4096A039}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{221DF1AD-A385-4C45-8938-C210F6361545}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=amznsearch.de.ms-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = hxxp://www.google.com/search?ie=utf-8&oe=utf-8&rlz=1V4IPYX&q={searchTerms}
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{4BE31FE1-BCB3-4292-B403-0E14F166D56E}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{5318F2C1-EC98-438E-AC2B-0D59B1F0CF46}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8D7C55C0-ED01-4B67-A87B-28F8FA9C4BD2&apn_sauid=0862ABBA-862A-4C62-B32D-6B26A083E33D
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{5DC67E4C-49E9-40E6-A441-0D795D5092A6}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{8FD91AF1-F7DF-473C-B4B3-8CBE6545C82D}: "URL" = hxxp://www.youtube.de/results?search_query={searchTerms}
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{BFF4156A-4A94-4DE1-BCF6-D16E2C92BE1B}: "URL" = hxxp://www.wetter.com/suche/?search={searchTerms}&search_type_weather=1&search_type_site=1
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{C61BC75C-0D9A-496D-B68D-D430EB878723}: "URL" = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://www.startfenster.com"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2012.06.02 12:39:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gacela2@nurago.com: C:\Program Files (x86)\Digital Trends Club [2012.08.24 17:12:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.02 13:46:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.06.02 13:46:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rani\AppData\Roaming\mozilla\Extensions
[2012.08.16 12:02:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rani\AppData\Roaming\mozilla\Firefox\Profiles\odp3yr2v.default\extensions
[2012.07.04 19:27:38 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Rani\AppData\Roaming\mozilla\Firefox\Profiles\odp3yr2v.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.08.11 11:30:43 | 000,002,299 | ---- | M] () -- C:\Users\Rani\AppData\Roaming\Mozilla\Firefox\Profiles\odp3yr2v.default\searchplugins\askcom.xml
[2012.06.02 13:46:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (Digital Trends Club) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\x64\Gacela2.dll (HI-epanel)
O2:64bit: - BHO: (Speckie) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - C:\Users\Rani\AppData\Roaming\Speckie\bin64\Speckie64.dll (Versoworks Pty Ltd)
O2:64bit: - BHO: (GMX Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\GMX Toolbar\IE\uitb.dll File not found
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Digital Trends Club) - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\Gacela2.dll (HI-epanel)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Speckie) - {8CE7F568-67FA-4432-BA39-F5AFD68E7B8B} - C:\Users\Rani\AppData\Roaming\Speckie\bin32\Speckie32.dll (Versoworks Pty Ltd)
O2 - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (GMX Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\GMX Toolbar\IE\uitb.dll File not found
O3 - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll ()
O3:64bit: - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\Toolbar\WebBrowser: (GMX Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\GMX Toolbar\IE\uitb.dll File not found
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Common Files\Acronis\Timounter\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [BackupAndRecoveryMonitor.exe] C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryMonitor.exe (Acronis)
O4 - HKLM..\Run: [CompeGPSDev] C:\Program Files (x86)\CompeGPS\CompeGPSDev.exe (CompeGPS Team SL (https:\www.compegps.com))
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Panda Security URL Filtering] C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filtering.exe (Panda Security)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [TrayMonitor.exe] C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe (Acronis)
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_MX_Premium_Sonderedition\TrayServer_de.exe (MAGIX AG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-837266586-758456707-2396322252-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-837266586-758456707-2396322252-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Rani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk = C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Rani\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rani\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Rani\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Rani\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra 'Tools' menuitem : Ãœber Digital Trends Club - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\x64\Gacela2.dll (HI-epanel)
O9:64bit: - Extra 'Tools' menuitem : Einstellungen Speckie - {E6846530-6088-4AA3-932F-C6245CE59A4C} - C:\Users\Rani\AppData\Roaming\Speckie\bin64\Speckie64.dll (Versoworks Pty Ltd)
O9 - Extra 'Tools' menuitem : Über Digital Trends Club - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\Digital Trends Club\Gacela2.dll (HI-epanel)
O9 - Extra 'Tools' menuitem : Einstellungen Speckie - {E6846530-6088-4AA3-932F-C6245CE59A4C} - C:\Users\Rani\AppData\Roaming\Speckie\bin32\Speckie32.dll (Versoworks Pty Ltd)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab (Bitdefender QuickScan Control)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab (GMNRev Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D35BA20E-959C-4BC3-A38D-A2586B78A019}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FADDEA44-B0E6-474E-A8A9-3AB4918B6D27}: DhcpNameServer = 140.0.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF1BD632-F5CC-42A6-A04A-F7C865EA950B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.08.24 16:17:25 | 000,000,000 | ---D | C] -- C:\Users\Rani\AppData\Roaming\Malwarebytes
[2012.08.24 16:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.24 16:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.24 16:17:10 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.24 16:17:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.24 16:12:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Trends Club
[2012.08.24 16:11:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digital Trends Club
[2012.08.24 09:51:18 | 000,057,928 | ---- | C] (Panda Security) -- C:\Windows\SysNative\drivers\PSKMAD.sys
[2012.08.23 20:50:43 | 000,000,000 | ---D | C] -- C:\Users\Rani\Documents\USB_Stick
[2012.08.23 17:04:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.08.23 17:04:11 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012.08.23 17:04:11 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012.08.23 17:04:11 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012.08.23 17:04:11 | 000,095,744 | ---- | C] (pdfforge GbR) -- C:\Windows\SysNative\pdfcmon.dll
[2012.08.23 17:04:10 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2012.08.23 17:04:10 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2012.08.23 17:04:10 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2012.08.23 17:04:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012.08.23 17:04:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012.08.23 16:51:40 | 000,000,000 | ---D | C] -- C:\Users\Rani\Documents\Bank
[2012.08.23 09:48:45 | 000,000,000 | ---D | C] -- C:\Users\Rani\AppData\Roaming\QuickScan
[2012.08.23 09:29:57 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.08.23 06:45:39 | 000,000,000 | ---D | C] -- C:\Users\Rani\AppData\Roaming\proDAD
[2012.08.23 06:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
[2012.08.23 06:45:38 | 000,506,824 | ---- | C] (proDAD GmbH) -- C:\Windows\SysWow64\prodad-codec.dll
[2012.08.23 06:23:46 | 000,329,728 | ---- | C] (proDAD GmbH) -- C:\Windows\SysWow64\proDAD-PA-Support.dll
[2012.08.23 06:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\proDAD
[2012.08.23 06:23:07 | 000,000,000 | ---D | C] -- C:\ProgramData\proDAD
[2012.08.22 18:13:20 | 000,000,000 | ---D | C] -- C:\Users\Rani\AppData\Local\MAGIX
[2012.08.22 14:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geopainting.com
[2012.08.22 14:37:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Geopainting.com
[2012.08.22 12:59:26 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Program Files
[2012.08.22 12:10:25 | 000,000,000 | ---D | C] -- C:\Users\Rani\Documents\MAGIX
[2012.08.22 11:40:34 | 000,000,000 | ---D | C] -- C:\Users\Rani\AppData\Local\Xara
[2012.08.22 11:40:34 | 000,000,000 | ---D | C] -- C:\Users\Rani\Documents\MAGIX_MusicEditor
[2012.08.22 11:40:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Shared
[2012.08.22 11:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2012.08.22 11:39:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2012.08.22 11:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2012.08.22 11:39:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\MAGIX Services
[2012.08.22 11:22:13 | 000,000,000 | ---D | C] -- C:\Users\Rani\Documents\MAGIX Downloads
[2012.08.22 11:22:13 | 000,000,000 | ---D | C] -- C:\Users\Rani\AppData\Roaming\MAGIX
[2012.08.21 21:10:40 | 000,000,000 | ---D | C] -- C:\Users\Rani\Documents\GPS
[2012.08.21 16:05:34 | 000,000,000 | ---D | C] -- C:\Users\Rani\AppData\Local\GoPro
[2012.08.21 15:04:11 | 000,000,000 | ---D | C] -- C:\Users\Rani\AppData\Roaming\GoPro
[2012.08.21 14:40:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CineForm
[2012.08.21 14:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoPro
[2012.08.21 14:40:46 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.08.21 14:39:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012.08.21 14:39:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GoPro
[2012.08.16 12:04:15 | 000,000,000 | ---D | C] -- C:\Users\Rani\.swt
[2012.08.16 12:03:25 | 000,000,000 | ---D | C] -- C:\Users\Rani\Eigene Routen
[2012.08.16 12:02:52 | 000,000,000 | ---D | C] -- C:\Users\Rani\.hgt
[2012.08.16 10:43:00 | 000,000,000 | ---D | C] -- C:\Users\Rani\AppData\Roaming\NVIDIA
[2012.08.16 10:42:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompeGPSDownloader
[2012.08.16 10:42:13 | 000,000,000 | ---D | C] -- C:\ProgramData\CompeGPSDownloader
[2012.08.16 10:42:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CompeGPSDownloader
[2012.08.16 10:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompeGPS
[2012.08.16 10:41:49 | 000,000,000 | ---D | C] -- C:\Users\Rani\Documents\CompeGPS
[2012.08.16 10:41:37 | 000,000,000 | ---D | C] -- C:\ProgramData\CompeGPS
[2012.08.16 10:41:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CompeGPS
[2012.08.15 21:15:14 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.08.15 21:15:14 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.08.15 21:15:13 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.08.15 21:15:13 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.08.15 21:15:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.08.15 21:15:12 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.08.15 21:15:12 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.08.15 21:15:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.08.15 21:15:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.08.15 21:15:11 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.08.15 21:15:11 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.08.15 21:15:10 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.08.15 21:15:10 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.08.15 10:46:12 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012.08.15 10:46:12 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012.08.15 10:46:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012.08.15 10:46:10 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.08.15 10:46:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.08.15 10:46:09 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.08.15 10:46:09 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012.08.15 10:46:07 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.08.15 01:20:55 | 000,000,000 | ---D | C] -- C:\Users\Rani\Documents\Urlaub
[2012.08.14 17:45:20 | 001,919,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\wdfcoinstaller01005.dll
[2012.08.14 17:45:20 | 000,018,432 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys
[2012.08.14 17:45:18 | 001,885,488 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysWow64\BttnCmns.dll
[2012.08.14 17:45:18 | 001,863,680 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysWow64\BttnCmn.dll
[2012.08.14 17:43:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\swsetup
[2012.08.11 01:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012.08.11 01:43:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012.08.11 01:42:32 | 000,227,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.07.26 08:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Cloud Antivirus
 
========== Files - Modified Within 30 Days ==========
 
[2012.08.24 17:21:27 | 009,481,438 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.24 17:21:27 | 000,694,430 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2012.08.24 17:21:27 | 000,693,454 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2012.08.24 17:21:27 | 000,691,192 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2012.08.24 17:21:27 | 000,689,726 | ---- | M] () -- C:\Windows\SysNative\perfh015.dat
[2012.08.24 17:21:27 | 000,689,108 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2012.08.24 17:21:27 | 000,679,342 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2012.08.24 17:21:27 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.24 17:21:27 | 000,623,144 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2012.08.24 17:21:27 | 000,617,568 | ---- | M] () -- C:\Windows\SysNative\perfh01D.dat
[2012.08.24 17:21:27 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.24 17:21:27 | 000,462,172 | ---- | M] () -- C:\Windows\SysNative\perfh006.dat
[2012.08.24 17:21:27 | 000,448,586 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat
[2012.08.24 17:21:27 | 000,433,388 | ---- | M] () -- C:\Windows\SysNative\perfh00B.dat
[2012.08.24 17:21:27 | 000,137,062 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2012.08.24 17:21:27 | 000,134,840 | ---- | M] () -- C:\Windows\SysNative\perfc015.dat
[2012.08.24 17:21:27 | 000,133,752 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2012.08.24 17:21:27 | 000,132,940 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2012.08.24 17:21:27 | 000,130,140 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2012.08.24 17:21:27 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.24 17:21:27 | 000,127,144 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2012.08.24 17:21:27 | 000,123,740 | ---- | M] () -- C:\Windows\SysNative\perfc01D.dat
[2012.08.24 17:21:27 | 000,121,788 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2012.08.24 17:21:27 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.24 17:21:27 | 000,082,148 | ---- | M] () -- C:\Windows\SysNative\perfc00B.dat
[2012.08.24 17:21:27 | 000,079,804 | ---- | M] () -- C:\Windows\SysNative\perfc006.dat
[2012.08.24 17:21:27 | 000,077,096 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat
[2012.08.24 17:12:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.24 16:17:12 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.24 09:58:26 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.24 09:58:26 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.24 09:51:15 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\Muanxizx.job
[2012.08.24 09:51:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.24 09:51:06 | 2033,745,919 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.23 17:04:27 | 000,096,599 | ---- | M] () -- C:\Users\Rani\Documents\krankenkosten1.ods
[2012.08.22 22:11:14 | 000,014,193 | ---- | M] () -- C:\Users\Rani\Documents\Akutklinik.ods
[2012.08.22 20:33:25 | 000,659,329 | ---- | M] () -- C:\Users\Rani\Documents\Akutklinik.xml
[2012.08.22 20:07:04 | 000,012,166 | ---- | M] () -- C:\Users\Rani\Documents\Nitsch Zahlungen.ods
[2012.08.22 14:54:30 | 000,118,784 | RHS- | M] () -- C:\Windows\SysWow64\MFPlays.dll
[2012.08.22 13:13:01 | 000,453,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.21 14:40:50 | 000,001,210 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
[2012.08.16 16:48:01 | 004,983,155 | ---- | M] () -- C:\Users\Rani\Documents\Manual_TwoNav_Sportiva_22_de.pdf
[2012.08.15 20:15:57 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.08.15 20:15:57 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.08.13 16:58:17 | 000,010,958 | ---- | M] () -- C:\Users\Rani\Documents\Kreditkartenabrechnung_4998xxxxxxxx0504_per_2012_07_20.pdf
[2012.08.13 16:58:12 | 000,021,889 | ---- | M] () -- C:\Users\Rani\Documents\Kontoauszug_12127643_Nr_2012_008_per_2012_08_03.pdf
 
========== Files Created - No Company Name ==========
 
[2012.08.24 16:17:12 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.22 22:11:12 | 000,014,193 | ---- | C] () -- C:\Users\Rani\Documents\Akutklinik.ods
[2012.08.22 20:07:02 | 000,012,166 | ---- | C] () -- C:\Users\Rani\Documents\Nitsch Zahlungen.ods
[2012.08.22 19:42:11 | 000,659,329 | ---- | C] () -- C:\Users\Rani\Documents\Akutklinik.xml
[2012.08.22 14:54:31 | 000,000,312 | ---- | C] () -- C:\Windows\tasks\Muanxizx.job
[2012.08.22 14:54:30 | 000,118,784 | RHS- | C] () -- C:\Windows\SysWow64\MFPlays.dll
[2012.08.21 14:40:50 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk
[2012.08.16 17:21:16 | 004,983,155 | ---- | C] () -- C:\Users\Rani\Documents\Manual_TwoNav_Sportiva_22_de.pdf
[2012.08.13 17:51:37 | 000,021,889 | ---- | C] () -- C:\Users\Rani\Documents\Kontoauszug_12127643_Nr_2012_008_per_2012_08_03.pdf
[2012.08.13 17:51:28 | 000,010,958 | ---- | C] () -- C:\Users\Rani\Documents\Kreditkartenabrechnung_4998xxxxxxxx0504_per_2012_07_20.pdf
[2012.07.09 18:17:39 | 000,003,584 | ---- | C] () -- C:\Users\Rani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.03 14:34:24 | 000,002,706 | ---- | C] () -- C:\Users\Rani\AppData\Local\recently-used.xbel
[2011.05.19 08:50:58 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPPassFilter.dll.hpsign
[2011.05.19 08:50:58 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPCrProv.dll.hpsign
[2011.01.02 22:10:27 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011.01.02 22:10:16 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011.01.02 22:10:05 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011.01.02 21:02:28 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.01.02 21:02:23 | 000,217,536 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.01.02 21:02:17 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.01.02 21:02:13 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.01.02 21:02:06 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== LOP Check ==========
 
[2012.06.03 20:11:11 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\1&1 Mail & Media GmbH
[2012.06.19 19:24:53 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\Acronis
[2012.07.04 19:41:33 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\Audacity
[2012.06.02 11:28:30 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\Buhl Data Service
[2012.06.02 11:28:23 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\Buhl Data Service GmbH
[2012.06.11 17:17:26 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\Canon
[2012.06.02 12:43:02 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\DigitalPersona
[2012.07.11 23:00:14 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\DVDVideoSoft
[2012.07.04 19:27:38 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.08.23 09:32:31 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\FileZilla
[2012.08.23 16:18:06 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\Foxit Software
[2012.08.21 15:04:11 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\GoPro
[2012.08.22 18:17:33 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\MAGIX
[2012.07.09 17:56:10 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\OpenCandy
[2012.06.04 11:02:12 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\OpenOffice.org
[2012.06.02 13:43:52 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\Opera
[2012.06.02 13:24:06 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\Panda Security
[2012.08.23 17:04:13 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\pdfforge
[2012.08.23 08:56:48 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\proDAD
[2012.08.23 09:48:51 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\QuickScan
[2012.06.27 10:13:48 | 000,000,000 | ---D | M] -- C:\Users\Rani\AppData\Roaming\Speckie
[2012.08.24 09:51:15 | 000,000,312 | ---- | M] () -- C:\Windows\Tasks\Muanxizx.job
[2012.08.22 09:31:07 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
--- --- ---

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.24.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Rani :: RANI-HP [Administrator]

24.08.2012 17:31:14
mbam-log-2012-08-24 (17-31-14).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 574890
Laufzeit: 50 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)


Vielen Dank für die Hilfe
__________________

Alt 24.08.2012, 17:48   #4
t'john
/// Helfer-Team
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

  • Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
  • Starte die OTL.exe.
    Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
  • Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:


Code:
ATTFilter
:OTL
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes,DefaultScope = {11F9290F-4B49-4A9C-94F1-924E4096A039} 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{03A7AE23-BBF7-4D40-A4F3-32D1F8A147BB}: "URL" = http://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{11F9290F-4B49-4A9C-94F1-924E4096A039}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{221DF1AD-A385-4C45-8938-C210F6361545}: "URL" = http://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=amznsearch.de.ms-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://www.google.com/search?ie=utf-8&oe=utf-8&rlz=1V4IPYX&q={searchTerms} 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{4BE31FE1-BCB3-4292-B403-0E14F166D56E}: "URL" = http://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{5318F2C1-EC98-438E-AC2B-0D59B1F0CF46}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8D7C55C0-ED01-4B67-A87B-28F8FA9C4BD2&apn_sauid=0862ABBA-862A-4C62-B32D-6B26A083E33D 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{5DC67E4C-49E9-40E6-A441-0D795D5092A6}: "URL" = http://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{8FD91AF1-F7DF-473C-B4B3-8CBE6545C82D}: "URL" = http://www.youtube.de/results?search_query={searchTerms} 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{BFF4156A-4A94-4DE1-BCF6-D16E2C92BE1B}: "URL" = http://www.wetter.com/suche/?search={searchTerms}&search_type_weather=1&search_type_site=1 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\SearchScopes\{C61BC75C-0D9A-496D-B68D-D430EB878723}: "URL" = http://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms} 
IE - HKU\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - prefs.js..browser.search.defaultengine: "Google" 
FF - prefs.js..browser.search.defaultenginename: "Google" 
FF - prefs.js..browser.search.order.1: "Ask.com" 
FF - prefs.js..browser.search.selectedEngine: "Ask.com" 
FF - prefs.js..browser.startup.homepage: "http://www.startfenster.com" 
FF - user.js - File not found 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found 
O2:64bit: - BHO: (GMX Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\GMX Toolbar\IE\uitb.dll File not found 
O3:64bit: - HKLM\..\Toolbar: (GMX Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\GMX Toolbar\IE\uitb.dll File not found 
O3:64bit: - HKU\S-1-5-21-837266586-758456707-2396322252-1001\..\Toolbar\WebBrowser: (GMX Toolbar) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\GMX Toolbar\IE\uitb.dll File not found 
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found 
O4 - HKU\.DEFAULT..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found 
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn] reg.exe delete "HKCU\Software\AppDataLow\Software\panda2_0dn" /f File not found 
O4 - HKU\S-1-5-18..\RunOnce: [panda2_0dn_XP] reg.exe delete "HKCU\Software\panda2_0dn" /f File not found 
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O4 - HKU\S-1-5-21-837266586-758456707-2396322252-1004..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found 
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found 
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found 
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. 
O32 - HKLM CDRom: AutoRun - 1 

[2012.08.11 01:44:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask 
[2012.08.21 14:40:50 | 000,001,210 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk 


[2012.08.24 09:51:15 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\Muanxizx.job 
:Files

C:\Users\Rani\AppData\Local\{*}
C:\ProgramData\*.exe
C:\ProgramData\TEMP
C:\Users\Rani\AppData\Local\Temp\*.exe
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
         
  • Schließe alle Programme.
  • Klicke auf den Fix Button.
  • Wenn OTL einen Neustart verlangt, bitte zulassen.
  • Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
    Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!
__________________
Mfg, t'john
Das TB unterstützen

Alt 24.08.2012, 23:03   #5
Bischy
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Hallo, super die Anleitung, ich hoffe, ich habe dieses Mal alles richtig gemacht.


Code:
ATTFilter
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-837266586-758456707-2396322252-1001\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{03A7AE23-BBF7-4D40-A4F3-32D1F8A147BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03A7AE23-BBF7-4D40-A4F3-32D1F8A147BB}\ not found.
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{11F9290F-4B49-4A9C-94F1-924E4096A039}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11F9290F-4B49-4A9C-94F1-924E4096A039}\ not found.
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{221DF1AD-A385-4C45-8938-C210F6361545}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{221DF1AD-A385-4C45-8938-C210F6361545}\ not found.
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}\ not found.
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4BE31FE1-BCB3-4292-B403-0E14F166D56E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4BE31FE1-BCB3-4292-B403-0E14F166D56E}\ not found.
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5318F2C1-EC98-438E-AC2B-0D59B1F0CF46}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5318F2C1-EC98-438E-AC2B-0D59B1F0CF46}\ not found.
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5DC67E4C-49E9-40E6-A441-0D795D5092A6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5DC67E4C-49E9-40E6-A441-0D795D5092A6}\ not found.
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8FD91AF1-F7DF-473C-B4B3-8CBE6545C82D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FD91AF1-F7DF-473C-B4B3-8CBE6545C82D}\ not found.
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BFF4156A-4A94-4DE1-BCF6-D16E2C92BE1B}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BFF4156A-4A94-4DE1-BCF6-D16E2C92BE1B}\ not found.
Registry key HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\SearchScopes\{C61BC75C-0D9A-496D-B68D-D430EB878723}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C61BC75C-0D9A-496D-B68D-D430EB878723}\ not found.
HKU\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "Google" removed from browser.search.defaultengine
Prefs.js: "Google" removed from browser.search.defaultenginename
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "Ask.com" removed from browser.search.selectedEngine
Prefs.js: "hxxp://www.startfenster.com" removed from browser.startup.homepage
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF42D4A8-016E-4fcd-B1EB-837659FD77C6}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{C424171E-592A-415a-9EB1-DFD6D95D3530} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C424171E-592A-415a-9EB1-DFD6D95D3530}\ deleted successfully.
64bit-Registry value HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C424171E-592A-415A-9EB1-DFD6D95D3530} deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\panda2_0dn deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\panda2_0dn_XP deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\panda2_0dn not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\panda2_0dn_XP not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-21-837266586-758456707-2396322252-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\EnableLUA deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\PromptOnSecureDesktop deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\ProgramData\Ask\APN-Stub folder moved successfully.
C:\ProgramData\Ask folder moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CineForm Status.lnk moved successfully.
C:\Windows\Tasks\Muanxizx.job moved successfully.
========== FILES ==========
C:\Users\Rani\AppData\Local\{4F538531-4A1C-40E2-8F16-A8F6619D9152} folder moved successfully.
C:\Users\Rani\AppData\Local\{7544AE0F-BA86-4024-A58F-DD1C5128FB62} folder moved successfully.
C:\Users\Rani\AppData\Local\{78C30857-CD0C-4A73-9EA1-65224BEEE81A} folder moved successfully.
File\Folder C:\ProgramData\*.exe not found.
File\Folder C:\ProgramData\TEMP not found.
C:\Users\Rani\AppData\Local\Temp\Foxit Updater.exe moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\tmp folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\muffin folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\host folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\8 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\55 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\50 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\49 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\44 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\41 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\3 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\29 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\27 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\26 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\25 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0 folder moved successfully.
C:\Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache folder moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Rani\Desktop\cmd.bat deleted successfully.
C:\Users\Rani\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Acronis Agent User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: Rani
->Temp folder emptied: 746445567 bytes
->Temporary Internet Files folder emptied: 210709414 bytes
->FireFox cache emptied: 60036518 bytes
->Flash cache emptied: 2000 bytes
 
User: user
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 66340 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 607 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 45753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50568 bytes
RecycleBin emptied: 1404444 bytes
 
Total Files Cleaned = 972,00 mb
 
 
OTL by OldTimer - Version 3.2.58.1 log created on 08242012_233824

Files\Folders moved on Reboot...
C:\Users\Rani\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Rani\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Rani\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGIBM1OM\122649-browser-google-leiten-spam-seiten-keine-suche-moeglich[1].htm moved successfully.
C:\Users\Rani\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SGIBM1OM\pconnect[1].htm moved successfully.
C:\Users\Rani\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FFNQ8TFQ\wmsmd[2].htm moved successfully.
C:\Users\Rani\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5MD3C2SX\home[1].htm moved successfully.
C:\Windows\temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Windows\temp\FXSTIFFDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         


Alt 24.08.2012, 23:19   #6
t'john
/// Helfer-Team
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Sehr gut!

Wie laeuft der Rechner?

1. Schritt
Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".
danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.
__________________
--> Browser (Google) leiten auf Spam-Seiten, keine Suche möglich

Alt 25.08.2012, 09:01   #7
Bischy
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Hallo, schade, zu früh gefreut. Das Mistding ist wieder da! Sobald ich einen Link aus der Suche öffnen möchte, komme ich auf eine andere Seite. Oft erscheint zuerst ihavenet.de (com?) in der Suchleiste.

Code:
ATTFilter
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Rani :: RANI-HP [Administrator]

25.08.2012 09:07:11
mbam-log-2012-08-25 (09-07-11).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 565747
Laufzeit: 50 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Code:
ATTFilter
# AdwCleaner v1.801 - Logfile created 08/25/2012 at 10:03:04
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Rani - RANI-HP
# Boot Mode : Normal
# Running from : C:\Users\Rani\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Rani\AppData\Roaming\OpenCandy
Folder Found : C:\Users\Rani\AppData\Roaming\pdfforge
File Found : C:\Users\Rani\AppData\Roaming\Mozilla\Firefox\Profiles\odp3yr2v.default\searchplugins\Askcom.xml

***** [Registry] *****

Key Found : HKCU\Software\ilivid
Key Found : HKCU\Software\Softonic
[x64] Key Found : HKCU\Software\ilivid
[x64] Key Found : HKCU\Software\Softonic

***** [Registre - GUID] *****

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (de)

Profile name : default 
File : C:\Users\Rani\AppData\Roaming\Mozilla\Firefox\Profiles\odp3yr2v.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1340 octets] - [25/08/2012 10:03:04]

########## EOF - C:\AdwCleaner[R1].txt - [1468 octets] ##########
         

Alt 25.08.2012, 15:57   #8
t'john
/// Helfer-Team
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Sehr gut!


  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.




danach:


Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html
__________________
Mfg, t'john
Das TB unterstützen

Alt 25.08.2012, 19:29   #9
Bischy
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Es geht vpran!

Code:
ATTFilter
# AdwCleaner v1.801 - Logfile created 08/25/2012 at 20:23:05
# Updated 14/08/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : Rani - RANI-HP
# Boot Mode : Normal
# Running from : C:\Users\Rani\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Rani\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Rani\AppData\Roaming\pdfforge
File Deleted : C:\Users\Rani\AppData\Roaming\Mozilla\Firefox\Profiles\odp3yr2v.default\searchplugins\Askcom.xml

***** [Registry] *****

Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Softonic

***** [Registre - GUID] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (de)

Profile name : default 
File : C:\Users\Rani\AppData\Roaming\Mozilla\Firefox\Profiles\odp3yr2v.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1463 octets] - [25/08/2012 10:03:04]
AdwCleaner[R2].txt - [1523 octets] - [25/08/2012 10:04:14]
AdwCleaner[S1].txt - [1261 octets] - [25/08/2012 20:23:05]

########## EOF - C:\AdwCleaner[S1].txt - [1389 octets] ##########
         
Code:
ATTFilter
Emsisoft Anti-Malware - Version 6.6
Letztes Update: 25.08.2012 20:45:17

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\
Archiv Scan: An
ADS Scan: An

Scan Beginn:	25.08.2012 20:45:51

C:\_OTL\MovedFiles\08242012_233824\C_Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\134f6e3a-3d7b24f0 -> kuca\kucc.class 	gefunden: Exploit.Java.CVE-2012!E2
C:\_OTL\MovedFiles\08242012_233824\C_Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\134f6e3a-3d7b24f0 -> kuca\kuca.class 	gefunden: Exploit.Java.CVE-2012!E2
C:\_OTL\MovedFiles\08242012_233824\C_Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\134f6e3a-3d7b24f0 -> kuca\kucb.class 	gefunden: Exploit.Java.CVE-2012!E2
C:\_OTL\MovedFiles\08242012_233824\C_Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5199d3ea-400a0c35 -> rt0a\rt0a.class 	gefunden: Exploit.Java.CVE-2012-1723!E2
C:\_OTL\MovedFiles\08242012_233824\C_Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5199d3ea-400a0c35 -> rt0a\rt0c.class 	gefunden: Exploit.Java.Blacole!E2
C:\_OTL\MovedFiles\08242012_233824\C_Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5199d3ea-400a0c35 -> rt0a\rt0d.class 	gefunden: Java.CVE!E2
C:\Users\Rani\Downloads\goog1e_gpsmapedit_tool_key.zip -> goog1e_gpsmapedit_tool_key.com 	gefunden: Trojan.Win32.Pirminay!E2

Gescannt	824679
Gefunden	7

Scan Ende:	25.08.2012 21:01:59
Scan Zeit:	0:16:08
         

Alt 26.08.2012, 01:07   #10
t'john
/// Helfer-Team
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Sehr gut!



Deinstalliere:
Emsisoft Anti-Malware


ESET Online Scanner

Vorbereitung

  • Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
  • Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
  • Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.
Los geht's

  • Lade und starte Eset Smartinstaller
  • Haken setzen bei YES, I accept the Terms of Use.
  • Klick auf Start.
  • Haken setzen bei Remove found threads und Scan archives.
  • Klick auf Start.
  • Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Finish drücken.
  • Browser schließen.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset
__________________
Mfg, t'john
Das TB unterstützen

Alt 26.08.2012, 22:31   #11
Bischy
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=30e95270bfe17e49bb5e955773ff1ae0
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-26 09:22:13
# local_time=2012-08-26 11:22:13 (+0100, Mitteleuropäische Sommerzeit   )
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=1538 16774142 20 0 2726073 2726073 0 0
# compatibility_mode=5893 16776574 100 94 368439 97639428 0 0
# compatibility_mode=8192 67108863 100 0 361 361 0 0
# scanned=378445
# found=6
# cleaned=6
# scan_time=6554
C:\Users\Rani\Downloads\iLividSetupV1 (1).exe	Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
C:\Users\Rani\Downloads\iLividSetupV1.exe	Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
C:\_OTL\MovedFiles\08242012_233824\C_Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\5199d3ea-400a0c35	Java/Exploit.CVE-2012-1723.AL trojan (deleted - quarantined)	00000000000000000000000000000000	C
C:\_OTL\MovedFiles\08242012_233824\C_Users\Rani\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\134f6e3a-3d7b24f0	Java/Exploit.CVE-2012-0507.CL trojan (deleted - quarantined)	00000000000000000000000000000000	C
E:\Spiele\GAMEBOOSTER\gamebooster.exe	a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
E:\System_Programme\SoftonicDownloader_fuer_pdfcreator.exe	Win32/SoftonicDownloader.D application (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
         

Alt 27.08.2012, 00:53   #12
t'john
/// Helfer-Team
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Java aktualisieren

Dein Java ist nicht mehr aktuell. Älter Versionen enthalten Sicherheitslücken, die von Malware missbraucht werden können.
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 6 ) herunter laden.
  • Wenn die Installation beendet wurde
    Start --> Systemsteuerung --> Programme und deinstalliere alle älteren Java Versionen.
  • Starte deinen Rechner neu sobald alle älteren Versionen deinstalliert wurden.
Nach dem Neustart
  • Öffne erneut die Systemsteuerung --> Programme und klicke auf das Java Symbol.
  • Im Reiter Allgemein, klicke unter Temporäre Internetdateien auf Einstellungen.
  • Klicke auf Dateien löschen....
  • Gehe sicher das überall ein Hacken gesetzt ist und klicke OK.
  • Klicke erneut OK.


Dann so einstellen: http://www.trojaner-board.de/105213-...tellungen.html

Danach poste (kopieren und einfuegen) mir, was du hier angezeigt bekommst: PluginCheck
__________________
Mfg, t'john
Das TB unterstützen

Alt 27.08.2012, 08:07   #13
Bischy
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Code:
ATTFilter
Internet Explorer 9.0 ist aktuell

Flash 11,3,300,271 ist veraltet! 
Aktualisieren Sie bitte auf die neueste Version!



Java (1,7,0,6) ist aktuell.

Adobe Reader ist nicht installiert oder aktiviert.
         

Alt 27.08.2012, 17:45   #14
t'john
/// Helfer-Team
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Standard

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Noch Probleme?
__________________
Mfg, t'john
Das TB unterstützen

Alt 27.08.2012, 19:00   #15
Bischy
 
Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Daumen hoch

Browser (Google) leiten auf Spam-Seiten, keine Suche möglich



Hallo t,john,
im Moment läufts und ich bin ganz schön froh, dass Du das hinbekommen hast. Vielen vielen Dank!
Künftig werde ich mich vorsichtiger im Netz bewegen und einen großen Bogen um Keygeneratoren und die angeblich ach so geprüften Dateien machen.

Großartig, dass es solche Foren gibt.
Gruß Bischy

Antwort

Themen zu Browser (Google) leiten auf Spam-Seiten, keine Suche möglich
adobe, adobe flash player, antivirus, appdatalow, bho, browser, cloud, converter, defender, einstellungen, explorer, flash player, google, helper, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, launch, leitet, logfile, mozilla, mp3, nvidia, object, security, software, windows



Ähnliche Themen: Browser (Google) leiten auf Spam-Seiten, keine Suche möglich


  1. Windows Vista: Browser leiten best. Seiten um, mbam macht kein update
    Log-Analyse und Auswertung - 08.04.2014 (17)
  2. Google-Links leiten mich auf falsche Seiten
    Plagegeister aller Art und deren Bekämpfung - 04.02.2013 (23)
  3. Google-Ergebnisse leiten auf andere Seiten weiter
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (26)
  4. Google und Bing leiten auf falsche Seiten weiter
    Log-Analyse und Auswertung - 23.05.2011 (1)
  5. Mozilla und IE (Vista) leiten mich bei Google-Such-Ergebnisse auf falsche Seiten
    Log-Analyse und Auswertung - 05.04.2011 (28)
  6. Browser öffnet Google Seiten oder Werbung, Google Suche funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 20.01.2011 (26)
  7. Google Suchergebnisse (Firefox) leiten manchmal über search.pro falsche Seiten weiter
    Plagegeister aller Art und deren Bekämpfung - 20.10.2010 (17)
  8. Browser stürzen ab, leiten auf unbekannte Seiten um
    Log-Analyse und Auswertung - 09.07.2010 (10)
  9. Browser leiten bei google auf falsche Seiten weiter Quelle: http://board.protecus.de
    Plagegeister aller Art und deren Bekämpfung - 16.12.2009 (7)
  10. Google-Ergebnisse leiten auf andere Seiten um
    Log-Analyse und Auswertung - 02.09.2009 (28)
  11. Riesenproblem (Bei google wechsel andere Seiten, Keine Downloads möglich, usw.]
    Log-Analyse und Auswertung - 20.01.2009 (25)
  12. Probleme bei der Google-Suche/keine Verbindung zu div. Anti-Spyware-Seiten
    Mülltonne - 15.01.2009 (1)
  13. Google lädt bei Suche andere Seiten-Kann keine Antispy Programme installieren-Virus?
    Log-Analyse und Auswertung - 23.12.2008 (0)
  14. Google-Links leiten mich auf falsche Seiten...
    Log-Analyse und Auswertung - 21.12.2008 (2)
  15. Google Suchergebnisse leiten auf falsche Seiten / Andauerndernde Pop Ups
    Plagegeister aller Art und deren Bekämpfung - 12.12.2008 (6)
  16. Keine Suche bei Yahoo und Google möglich
    Log-Analyse und Auswertung - 13.06.2008 (1)
  17. Keine Suche bei Google möglich
    Plagegeister aller Art und deren Bekämpfung - 13.05.2008 (3)

Zum Thema Browser (Google) leiten auf Spam-Seiten, keine Suche möglich - Hallo, ich bin zum ersten mal mit so etwas konfrontiert und etwas hilflos. Ich habe bereits gegoogelt, sobald ich aber eine Lösung gegunden habe, leitet mich der Browser wieder auf - Browser (Google) leiten auf Spam-Seiten, keine Suche möglich...
Archiv
Du betrachtest: Browser (Google) leiten auf Spam-Seiten, keine Suche möglich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.