| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "searchnu.com/406..." lässt sich nicht entfernen!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
07.05.2013, 17:21
| #11 |
 |  "searchnu.com/406..." lässt sich nicht entfernen! Vielen Dank... Auf die Anwendung von "zoek" (wie in deiner vorletzten Antwort beschrieben) habe ich erst mal verzichtet. So sieht das jetzt aber schon sehr gut aus. "searchnu" ist eliminiert. Bleibt für mich nur noch ein kleines Problem: Wenn ich Firefox öffne, ist der erste Tab leer (war die letzten Tage auch so). Erst wenn ich einen neuen Tab öffne, erscheint die eigentlich eingerichtete Startseite (statt searchnu und statt der früheren Übersicht über die 9 zuletzt / am häufigsten genutzten Websites). Da trage ich aber wohl selbst die Schuld, da ich in der "about:config" rumgepfuscht hatte. :-( Falls du da keine spontane Idee hast, werde ich dazu mal googeln, wie ich die Grundeinstellungen wiederherstelle... Code:
ATTFilter All processes killed
========== OTL ==========
C:\Users\Snoopy\AppData\Roaming\mozilla\Firefox\Profiles\ex9yldm4.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}\content folder moved successfully.
C:\Users\Snoopy\AppData\Roaming\mozilla\Firefox\Profiles\ex9yldm4.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF}\components folder moved successfully.
C:\Users\Snoopy\AppData\Roaming\mozilla\Firefox\Profiles\ex9yldm4.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF} folder moved successfully.
========== FILES ==========
File\Folder C:\Users\Snoopy\AppData\Roaming\Mozilla\Firefox\Profiles\ex9yldm4.default\extensions\{C4A4F5A0-4B89-4392-AFAC-D58010E349AF} not found.
C:\Users\Snoopy\AppData\Local\VirtualStore\Program Files\Search Results Toolbar\Datamngr\x64 folder moved successfully.
C:\Users\Snoopy\AppData\Local\VirtualStore\Program Files\Search Results Toolbar\Datamngr folder moved successfully.
C:\Users\Snoopy\AppData\Local\VirtualStore\Program Files\Search Results Toolbar folder moved successfully.
C:\Users\Snoopy\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar\TrustChecker folder moved successfully.
C:\Users\Snoopy\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar\PTPCACHE folder moved successfully.
C:\Users\Snoopy\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Factory Cache 4.8\com.trolltech.Qt.QImageIOHandlerFactoryInterface:\C:\Users\Snoopy\AppData\Local\iLivid\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Trolltech\OrganizationDefaults\Qt Plugin Cache 4.8.false\C:\Users\Snoopy\AppData\Local\iLivid\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Datamngr\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar\ deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
User: Snoopy
->Temp folder emptied: 4558 bytes
->Temporary Internet Files folder emptied: 1525833 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 87368803 bytes
->Flash cache emptied: 1037 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 6326 bytes
RecycleBin emptied: 142848 bytes
Total Files Cleaned = 85,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05072013_174828
Files\Folders moved on Reboot...
C:\Users\Snoopy\AppData\Local\Temp\ehmsas.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Code:
ATTFilter OTL logfile created on: 07.05.2013 17:55:25 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Snoopy\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 54,97% Memory free 4,23 Gb Paging File | 3,15 Gb Available in Paging File | 74,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 102,51 Gb Total Space | 31,18 Gb Free Space | 30,42% Space Free | Partition Type: NTFS Drive D: | 39,06 Gb Total Space | 6,81 Gb Free Space | 17,44% Space Free | Partition Type: NTFS Drive E: | 7,48 Gb Total Space | 1,92 Gb Free Space | 25,72% Space Free | Partition Type: NTFS Computer Name: SNOOPY-PC | User Name: Snoopy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.05.07 15:05:28 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.05.04 11:42:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Snoopy\Desktop\OTL.exe PRC - [2013.03.30 21:11:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe PRC - [2013.03.30 21:10:55 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe PRC - [2013.03.30 21:10:42 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe PRC - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.11.05 22:03:39 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE PRC - [2012.09.08 20:06:10 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE PRC - [2011.06.14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Programme\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2009.10.26 14:46:54 | 001,458,176 | ---- | M] (Motorola Inc.) -- C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe PRC - [2009.06.19 12:44:02 | 000,195,072 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2009.04.11 08:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2009.02.06 18:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2008.01.19 09:33:39 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe PRC - [2007.04.24 03:11:44 | 000,106,593 | ---- | M] () -- C:\Programme\HP\QuickPlay\Kernel\TV\CLSched.exe PRC - [2007.04.24 03:11:42 | 000,262,243 | ---- | M] () -- C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvc.exe PRC - [2007.03.12 20:54:24 | 000,050,696 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe PRC - [2007.03.09 19:50:02 | 004,390,912 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe PRC - [2007.02.12 16:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2007.02.12 16:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2006.05.31 18:24:20 | 000,061,440 | ---- | M] (eMPIA Technology, Inc.) -- C:\WINDOWS\HCWemMON.exe ========== Modules (No Company Name) ========== MOD - [2013.02.14 11:14:49 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e64304962098e90f0d3f4c33c1b080a6\System.Windows.Forms.ni.dll MOD - [2013.01.15 10:43:10 | 001,593,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll MOD - [2013.01.15 10:41:35 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll MOD - [2013.01.15 10:41:26 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll MOD - [2007.04.24 03:11:44 | 000,339,968 | ---- | M] () -- C:\Programme\HP\QuickPlay\Kernel\TV\CLTinyDB.dll MOD - [2007.04.24 03:11:34 | 000,237,673 | ---- | M] () -- C:\Programme\HP\QuickPlay\Kernel\TV\CLCapEngine.dll MOD - [2007.04.24 03:11:34 | 000,114,787 | ---- | M] () -- C:\Programme\HP\QuickPlay\Kernel\TV\CLSchMgr.dll MOD - [2007.04.24 03:11:34 | 000,032,768 | ---- | M] () -- C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll MOD - [2007.04.24 03:10:44 | 000,061,440 | ---- | M] () -- C:\Programme\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll ========== Services (SafeList) ========== SRV - [2013.04.28 10:43:34 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.03.30 21:11:08 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.03.30 21:10:42 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.12.18 16:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.09.08 20:06:10 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv) SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2009.02.06 18:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2008.01.19 09:33:39 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2007.04.24 03:11:44 | 000,106,593 | ---- | M] () [Auto | Running] -- C:\Programme\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched) SRV - [2007.04.24 03:11:42 | 000,262,243 | ---- | M] () [Auto | Running] -- C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) SRV - [2007.02.12 16:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2006.10.26 23:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP2\WNt500x86\Sandra.sys -- (SANDRA) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp) DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive) DRV - [2013.03.30 21:11:10 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avipbb.sys -- (avipbb) DRV - [2013.03.30 21:11:10 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\avgntflt.sys -- (avgntflt) DRV - [2013.03.30 21:11:10 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\avkmgr.sys -- (avkmgr) DRV - [2013.03.02 18:17:58 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ssmdrv.sys -- (ssmdrv) DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2011.05.18 10:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt) DRV - [2011.05.18 10:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\usbser_lowerflt.sys -- (upperdev) DRV - [2011.05.18 10:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ccdcmbo.sys -- (nmwcdc) DRV - [2011.05.18 10:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\ccdcmb.sys -- (nmwcd) DRV - [2011.03.24 10:57:54 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\epmntdrv.sys -- (epmntdrv) DRV - [2011.03.24 10:57:54 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\EuGdiDrv.sys -- (EuGdiDrv) DRV - [2010.11.09 15:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\cpuz135_x32.sys -- (cpuz135) DRV - [2009.10.26 15:09:06 | 001,095,936 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\smserial.sys -- (smserial) DRV - [2009.10.03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008.11.17 15:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\NETw5v32.sys -- (NETw5v32) DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\pccsmcfd.sys -- (pccsmcfd) DRV - [2007.03.05 23:28:00 | 000,076,288 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Rtlh86.sys -- (RTL8169) DRV - [2007.03.01 14:49:58 | 002,216,448 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\NETw4v32.sys -- (NETw4v32) DRV - [2007.02.24 16:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk) DRV - [2007.01.23 19:03:28 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp) DRV - [2007.01.23 18:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk) DRV - [2006.11.30 19:24:58 | 000,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\eabfiltr.sys -- (eabfiltr) DRV - [2006.11.10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\afc.sys -- (Afc) DRV - [2006.09.13 18:21:46 | 000,292,864 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\emBDA.sys -- (USB28xxBGA) DRV - [2006.09.13 18:21:32 | 000,027,904 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\emOEM.sys -- (USB28xxOEM) DRV - [2006.06.28 18:54:00 | 000,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CPQBttn.sys -- (HBtnKey) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "mt-online.de" FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4 FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.01 20:31:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.12 19:49:46 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.07.17 15:38:37 | 000,000,000 | ---D | M] [2013.04.30 21:03:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Snoopy\AppData\Roaming\mozilla\Extensions [2013.05.07 17:48:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Snoopy\AppData\Roaming\mozilla\Firefox\Profiles\ex9yldm4.default\extensions [2012.11.30 22:01:38 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Snoopy\AppData\Roaming\mozilla\Firefox\Profiles\ex9yldm4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012.10.13 11:07:30 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Snoopy\AppData\Roaming\mozilla\Firefox\Profiles\ex9yldm4.default\extensions\de-DE@dictionaries.addons.mozilla.org [2013.05.01 20:31:39 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.05.05 21:44:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2009.07.04 09:20:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION [2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.03.30 23:42:20 | 000,000,027 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Programme\Canon\Easy-WebPrint\EWPBrowseLoader.dll () O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll () O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}] "C:\Users\Snoopy\AppData\Local\Temp\cis1825.exe" --PostUninstall {81EFDD93-DBBE-415B-BE6E-49B9664E3E82} File not found O4 - HKLM..\Run: [emMON] C:\Windows\HCWemMON.exe (eMPIA Technology, Inc.) O4 - HKLM..\Run: [HP Health Check Scheduler] C:\Programme\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard) O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [SMSERIAL] C:\Programme\Motorola\SMSERIAL\sm56hlpr.exe (Motorola Inc.) O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab (Reg Error: Key error.) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 10.17.2) O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Java Plug-in 1.7.0_17) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{03FF0B5D-C40A-45E2-B0CA-69FDF9AF86C2}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{88A1D3D2-DF7C-4E68-8DB4-042459EB3F3D}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Programme\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\img24.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Programme\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2012.01.21 18:59:44 | 000,000,000 | ---D | M] - D:\Automatisch zu iTunes hinzufügen -- [ NTFS ] O32 - AutoRun File - [2005.09.11 17:18:54 | 000,000,340 | -HS- | M] () - E:\AUTOMODE -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.05.05 21:48:01 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.05.05 21:45:59 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2013.05.05 21:45:59 | 000,000,000 | ---D | C] -- C:\Users\Snoopy\AppData\Local\Temp [2013.05.05 21:26:51 | 000,000,000 | ---D | C] -- C:\_OTL [2013.05.04 11:41:58 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Snoopy\Desktop\OTL.exe [2013.05.04 11:31:12 | 000,545,926 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Snoopy\Desktop\JRT.exe [2013.05.04 11:17:41 | 000,000,000 | ---D | C] -- C:\Users\Snoopy\Desktop\Parcourskarten [2013.05.01 20:31:41 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2013.04.27 16:43:15 | 000,000,000 | ---D | C] -- C:\Users\Snoopy\AppData\Roaming\inkscape [2013.04.27 16:35:31 | 000,000,000 | ---D | C] -- C:\Program Files\Inkscape [2013.04.18 21:01:32 | 000,000,000 | ---D | C] -- C:\Users\Snoopy\Desktop\In andere Ordner einfügen - auch das Exposé [2013.04.12 19:49:43 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox ========== Files - Modified Within 30 Days ========== [2013.05.07 17:53:38 | 000,000,148 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini [2013.05.07 17:52:14 | 000,414,912 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.07 17:51:25 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.07 17:51:24 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.07 17:51:19 | 000,031,966 | ---- | M] () -- C:\ProgramData\nvModes.001 [2013.05.07 17:51:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.07 17:45:01 | 000,007,603 | ---- | M] () -- C:\Users\Snoopy\AppData\Local\recently-used.xbel [2013.05.07 17:41:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.05 22:08:22 | 000,139,264 | ---- | M] () -- C:\Users\Snoopy\Desktop\SystemLook.exe [2013.05.05 21:38:57 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe [2013.05.05 21:38:32 | 001,269,060 | ---- | M] () -- C:\Users\Snoopy\Desktop\zoek.exe [2013.05.04 11:42:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Snoopy\Desktop\OTL.exe [2013.05.04 11:31:13 | 000,545,926 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Snoopy\Desktop\JRT.exe [2013.05.04 11:17:31 | 000,628,743 | ---- | M] () -- C:\Users\Snoopy\Desktop\adwcleaner.exe [2013.04.28 11:26:13 | 004,950,933 | ---- | M] () -- C:\Users\Snoopy\Desktop\Präsentation.pdf [2013.04.28 11:16:53 | 020,015,476 | ---- | M] () -- C:\Users\Snoopy\Desktop\Präsentation Förderausschuss.odp [2013.04.16 09:57:54 | 000,637,318 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.04.16 09:57:54 | 000,604,572 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.04.16 09:57:54 | 000,129,900 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.04.16 09:57:54 | 000,107,710 | ---- | M] () -- C:\Windows\System32\perfc009.dat ========== Files Created - No Company Name ========== [2013.05.07 17:45:01 | 000,007,603 | ---- | C] () -- C:\Users\Snoopy\AppData\Local\recently-used.xbel [2013.05.05 22:08:21 | 000,139,264 | ---- | C] () -- C:\Users\Snoopy\Desktop\SystemLook.exe [2013.05.05 21:45:59 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe [2013.05.05 21:38:30 | 001,269,060 | ---- | C] () -- C:\Users\Snoopy\Desktop\zoek.exe [2013.05.04 11:17:28 | 000,628,743 | ---- | C] () -- C:\Users\Snoopy\Desktop\adwcleaner.exe [2013.05.01 20:31:42 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.04.28 11:26:13 | 004,950,933 | ---- | C] () -- C:\Users\Snoopy\Desktop\Präsentation.pdf [2013.04.27 16:41:28 | 000,000,848 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk [2013.04.26 21:57:03 | 020,015,476 | ---- | C] () -- C:\Users\Snoopy\Desktop\Präsentation Förderausschuss.odp [2013.02.18 22:08:52 | 000,005,049 | -H-- | C] () -- C:\Windows\System32\BTImages.dat [2011.07.21 20:29:47 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.dat [2011.07.21 20:29:47 | 000,031,966 | ---- | C] () -- C:\ProgramData\nvModes.001 [2011.03.22 19:26:19 | 000,000,680 | ---- | C] () -- C:\Users\Snoopy\AppData\Local\d3d9caps.dat [2009.05.27 00:34:46 | 000,001,873 | ---- | C] () -- C:\Users\Snoopy\HP Hilfe und Support.lnk [2009.04.22 20:58:05 | 000,027,430 | ---- | C] () -- C:\Users\Snoopy\AppData\Roaming\nvModes.001 [2009.04.21 21:31:46 | 000,027,430 | ---- | C] () -- C:\Users\Snoopy\AppData\Roaming\nvModes.dat [2009.04.18 20:26:19 | 000,015,360 | ---- | C] () -- C:\Users\Snoopy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.03.25 19:26:16 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\Canon [2013.05.07 17:48:32 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\CheckPoint [2009.09.13 16:44:44 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\CoSoSys [2009.10.21 00:35:09 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\FreeFLVConverter [2012.08.11 14:48:44 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\GARMIN [2011.04.10 17:31:28 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\GetRightToGo [2009.10.20 23:06:21 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\GrabPro [2012.03.18 19:11:46 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\Imaging Sciences International [2013.04.27 16:43:16 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\inkscape [2012.03.10 20:15:51 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\LaunchPad [2011.01.30 19:01:51 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\Leadertech [2010.05.20 10:19:10 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\Nokia [2009.04.20 17:06:28 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\OpenOffice.org [2010.02.15 22:28:31 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\Orbit [2010.09.26 17:31:13 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\PC Suite [2009.04.20 19:49:54 | 000,000,000 | ---D | M] -- C:\Users\Snoopy\AppData\Roaming\ScanSoft ========== Purity Check ========== < End of report > |
| Themen zu "searchnu.com/406..." lässt sich nicht entfernen! |
| administrator, anti-malware, autostart, code, dateien, entfernen, explorer, fehler, gen, installation, logdatei, lässt sich nicht entfernen, löschen, neue, neuen, problem, schnell, search, seite, service, service pack 2, speicher, startseite, tab, version, vista, weiße seite |
Baum-Darstellung