| |
| |||||||
Antiviren-, Firewall- und andere Schutzprogramme: E-Mail Account gehakt? mail delivery-NachrichtenWindows 7 Sämtliche Fragen zur Bedienung von Firewalls, Anti-Viren Programmen, Anti Malware und Anti Trojaner Software sind hier richtig. Dies ist ein Diskussionsforum für Sicherheitslösungen für Windows Rechner. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
 |
13.06.2013, 20:53
| #1 |
 |  E-Mail Account gehakt? mail delivery-Nachrichten Hallo, so wie es aussieht wurde mein E-Mail Account gehakt. Seit gestern bekomme ich mail delivery-Nachrichten, sprich die Nachricht, dass E-Mails nicht versendet werden konnten. Ich habe allerdings keine E-Mails versendet. Es scheint also, dass jemand mein Account verwendet um E-Mails zu senden. Das schlimme ist, dass es sich dabei um "Inkasso-Firmen" handelt die Geldforderungen stellen. Zudem scheint ein Anhang dabei zu sein mit den "Bankdaten" (vermutlich virenverseuchter Anhang). Diese Sachen werden nun über meinen Account wahllos an Leute verschickt. Was kann ich tun? Passwort habe ich geändert. Wie kann ich sicherstellen, dass mein System sauber wird. Soll ich zudem aktiv werden und die Polizei anschaltet, nicht dass ich am Ende Probleme bekomme, da die Mails ja über meinen Account versendet werden (wurden). Bitte um Anweisungen bzgl. Logs etc. Vielen Dank im Voraus Klemens N. Edit: Habe leider den falschen Ordner erwischt. Bitte Thema verschieben! Sorry Geändert von baum89 (13.06.2013 um 21:08 Uhr) |
|
13.06.2013, 21:16
| #2 |
| | E-Mail Account gehakt? mail delivery-Nachrichten Habe hier schonmal die OTL-Logs..Thema bitte verschieben (leider im falschen Ordner geöffnet)OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 6/13/2013 9:55:52 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Malin\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2.99 Gb Total Physical Memory | 0.95 Gb Available Physical Memory | 31.94% Memory free 5.98 Gb Paging File | 3.35 Gb Available in Paging File | 56.07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 141.49 Gb Total Space | 24.66 Gb Free Space | 17.43% Space Free | Partition Type: NTFS Drive D: | 141.50 Gb Total Space | 36.21 Gb Free Space | 25.59% Space Free | Partition Type: NTFS Drive F: | 7.39 Gb Total Space | 6.41 Gb Free Space | 86.66% Space Free | Partition Type: FAT32 Computer Name: MALIN-PC | User Name: Malin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Malin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Malin\AppData\Local\Smartbar\Application\SnapDo.exe (Smartbar) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Users\Malin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\Opera\opera.exe (Opera Software) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics) PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe () PRC - C:\Windows\System32\StikyNot.exe (Microsoft Corporation) PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Windows\System32\Rezip.exe () ========== Modules (No Company Name) ========== MOD - C:\Users\Malin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_224.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\MACTrackBarLib.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\libglesv2.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\libegl.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Users\Malin\AppData\Roaming\Dropbox\bin\libcef.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Users\Malin\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll () MOD - C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll () MOD - C:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll () MOD - C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll () MOD - C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll () MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll () MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe () SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (OberonGameConsoleService) -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe () SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (Rezip) -- C:\Windows\System32\Rezip.exe () SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) ========== Driver Services (SafeList) ========== DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation) DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc) DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation) DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys () DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = hxxp://search.qip.ru/?query={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=hp&installDate=01/01/1970 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SMSN_deDE386DE386 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo" FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.startup.homepage: "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=hp" FF - prefs.js..extensions.enabledAddons: helperbar@helperbar.com:1.0 FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..keyword.URL: "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q=" FF - prefs.js..network.proxy.backup.ftp: "192.168.0.10" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.socks: "192.168.0.10" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "192.168.0.10" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "192.168.0.10" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.http: "192.168.0.10" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "192.168.0.10" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "192.168.0.10" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Malin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) [2011/01/19 18:28:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Malin\AppData\Roaming\mozilla\Extensions [2012/12/04 13:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions [2012/01/05 15:47:05 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011/05/13 19:40:42 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011/05/13 19:40:46 | 000,000,000 | ---D | M] (Plasmoo Search Engine) -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\engine@plasmoo.com [2012/12/04 13:53:28 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\helperbar@helperbar.com [2012/12/04 13:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\staged [2011/08/17 18:59:45 | 000,025,939 | ---- | M] () (No name found) -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\extensions\ffxtlbr@Facemoods.com.xpi [2012/02/02 20:50:06 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-1.xml [2011/05/14 12:50:50 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-2.xml [2011/06/27 17:41:22 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-3.xml [2011/08/21 17:45:30 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-4.xml [2011/09/01 19:17:20 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-5.xml [2011/09/08 17:42:32 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-6.xml [2011/10/09 13:26:18 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-7.xml [2011/11/10 21:37:36 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-8.xml [2011/05/08 18:27:51 | 000,001,056 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin.xml [2011/04/28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\plasmoo.xml [2013/01/29 17:52:49 | 000,002,399 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\Web Search.xml [2013/01/31 19:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012/01/08 21:24:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010/12/13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml ========== Chrome ========== CHR - default_search_provider: Web (Enabled) CHR - default_search_provider: search_url = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=hp&installDate=01/01/1970 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Malin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Malin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - Extension: Snap.Do = C:\Users\Malin\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\ CHR - Extension: AdBlock = C:\Users\Malin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\ CHR - Extension: Speed Dial 2 = C:\Users\Malin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.6.1.3_0\ O1 HOSTS File: ([2011/07/13 12:10:14 | 000,000,854 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Malin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O4 - HKLM..\Run: [APLangApp] C:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Malin\AppData\Local\Smartbar\Application\SnapDo.exe (Smartbar) O4 - HKCU..\Run: [GoogleChromeAutoLaunch_2BD2163C7093A13E363F07A8338CA236] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation) O4 - Startup: C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Malin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Malin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 10.11.2) O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25E5EC99-7CB0-4BB6-8BCE-20C4774EC441}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50910199-5D2C-45B7-9042-E2358248BFEE}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{735B7AD5-6684-4B0E-8DAD-8E1C842465F6}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/06/13 21:54:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Malin\Desktop\OTL.exe [2013/06/04 17:17:48 | 000,000,000 | R--D | C] -- C:\Users\Malin\Dropbox [2013/06/02 20:07:31 | 000,000,000 | ---D | C] -- C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2013/06/02 20:06:31 | 000,000,000 | ---D | C] -- C:\Users\Malin\AppData\Roaming\Dropbox [2013/05/16 17:18:58 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2013/05/16 17:18:57 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2013/05/16 17:18:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2013/05/16 17:18:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2013/05/16 17:18:55 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2013/05/16 17:18:54 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2013/05/16 17:18:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2013/05/16 17:18:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe [2013/05/16 17:18:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2013/05/16 17:18:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2013/05/16 08:18:24 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wwanprotdim.dll [2013/05/16 08:18:23 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2013/05/16 08:18:22 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys [2013/05/16 08:17:49 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\authui.dll [2013/05/16 08:17:49 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe [2010/11/11 19:37:33 | 075,019,048 | ---- | C] (Apple Inc.) -- C:\Users\Malin\iTunesSetup.exe ========== Files - Modified Within 30 Days ========== [2013/06/13 21:54:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Malin\Desktop\OTL.exe [2013/06/13 21:44:02 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013/06/13 21:13:03 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/06/13 21:09:04 | 000,001,138 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2339853823-2107313754-116825072-1001UA.job [2013/06/13 21:09:04 | 000,001,116 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2339853823-2107313754-116825072-1001Core.job [2013/06/13 20:53:51 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/06/13 20:13:00 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013/06/13 12:47:48 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2013/06/13 12:47:48 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2013/06/13 10:52:51 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/06/13 10:52:51 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/06/13 10:45:02 | 3209,216,000 | -HS- | M] () -- C:\hiberfil.sys [2013/06/10 16:59:05 | 000,654,400 | ---- | M] () -- C:\windows\System32\perfh007.dat [2013/06/10 16:59:05 | 000,616,242 | ---- | M] () -- C:\windows\System32\perfh009.dat [2013/06/10 16:59:05 | 000,130,240 | ---- | M] () -- C:\windows\System32\perfc007.dat [2013/06/10 16:59:05 | 000,106,622 | ---- | M] () -- C:\windows\System32\perfc009.dat [2013/06/07 15:16:20 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/06/05 19:45:17 | 000,002,285 | ---- | M] () -- C:\Users\Malin\Desktop\Search.lnk [2013/06/04 17:17:48 | 000,001,039 | ---- | M] () -- C:\Users\Malin\Desktop\Dropbox.lnk [2013/06/02 20:07:43 | 000,001,049 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013/05/17 22:34:50 | 000,017,790 | ---- | M] () -- C:\Users\Malin\Desktop\lah2007051041.jpg [2013/05/17 16:13:42 | 001,701,977 | ---- | M] () -- C:\Users\Malin\Desktop\LH_WEBCKI.DE.STANDALONE.4tAaNuTDoIYo6PLSk2APF2.pdf [2013/05/16 22:18:48 | 003,810,344 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013/06/05 19:45:17 | 000,002,383 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk [2013/06/05 19:45:17 | 000,002,285 | ---- | C] () -- C:\Users\Malin\Desktop\Search.lnk [2013/06/04 17:17:48 | 000,001,039 | ---- | C] () -- C:\Users\Malin\Desktop\Dropbox.lnk [2013/06/02 20:07:43 | 000,001,049 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013/05/17 22:34:50 | 000,017,790 | ---- | C] () -- C:\Users\Malin\Desktop\lah2007051041.jpg [2013/05/17 16:13:09 | 001,701,977 | ---- | C] () -- C:\Users\Malin\Desktop\LH_WEBCKI.DE.STANDALONE.4tAaNuTDoIYo6PLSk2APF2.pdf [2012/09/07 15:32:31 | 000,000,112 | ---- | C] () -- C:\ProgramData\G21837FyG.dat [2012/09/07 15:32:17 | 000,000,001 | ---- | C] () -- C:\ProgramData\15KfV5b3.exe_.b [2012/09/07 15:32:17 | 000,000,001 | ---- | C] () -- C:\ProgramData\15KfV5b3.exe.b [2012/08/26 13:08:45 | 000,001,411 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\fotobuch.xml [2012/08/26 13:05:46 | 000,302,688 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\fotobuch-tcache.xml [2012/08/26 13:05:45 | 000,034,712 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\fotobuch-cache7.xml [2012/03/17 17:41:14 | 000,000,278 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\wklnhst.dat [2012/01/31 19:15:44 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe [2012/01/31 19:15:42 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll [2012/01/31 19:15:42 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll [2012/01/31 19:15:42 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll [2012/01/31 19:15:42 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll [2011/06/18 15:48:38 | 000,001,606 | ---- | C] () -- C:\Users\Malin\.recently-used.xbel [2011/06/16 18:08:30 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll [2011/06/16 18:08:30 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys [2011/01/31 16:50:41 | 000,006,144 | ---- | C] () -- C:\Users\Malin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/13 17:47:22 | 000,467,935 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\mdbu.bin [2010/08/13 17:18:56 | 000,272,896 | ---- | C] () -- C:\Users\Malin\Howtohaveagoodday.pps [2010/07/03 22:46:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/07/03 20:54:30 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:A42A9F39 @Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:ABE89FFE < End of report > OTL Logfile: Code:
ATTFilter OTL logfile created on: 6/13/2013 9:55:52 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Malin\Desktop Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2.99 Gb Total Physical Memory | 0.95 Gb Available Physical Memory | 31.94% Memory free 5.98 Gb Paging File | 3.35 Gb Available in Paging File | 56.07% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files Drive C: | 141.49 Gb Total Space | 24.66 Gb Free Space | 17.43% Space Free | Partition Type: NTFS Drive D: | 141.50 Gb Total Space | 36.21 Gb Free Space | 25.59% Space Free | Partition Type: NTFS Drive F: | 7.39 Gb Total Space | 6.41 Gb Free Space | 86.66% Space Free | Partition Type: FAT32 Computer Name: MALIN-PC | User Name: Malin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Malin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Malin\AppData\Local\Smartbar\Application\SnapDo.exe (Smartbar) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Users\Malin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\Opera\opera.exe (Opera Software) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avscan.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe () PRC - C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe (SEC) PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe (SAMSUNG Electronics) PRC - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe () PRC - C:\Windows\System32\StikyNot.exe (Microsoft Corporation) PRC - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Windows\System32\Rezip.exe () ========== Modules (No Company Name) ========== MOD - C:\Users\Malin\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_224.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\MACTrackBarLib.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.dll () MOD - C:\Users\Malin\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\libglesv2.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\libegl.dll () MOD - C:\Program Files\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Users\Malin\AppData\Roaming\Dropbox\bin\libcef.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Users\Malin\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll () MOD - C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll () MOD - C:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll () MOD - C:\windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll () MOD - C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll () MOD - C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll () MOD - C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe () SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (OberonGameConsoleService) -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe () SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (Rezip) -- C:\Windows\System32\Rezip.exe () SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.) ========== Driver Services (SafeList) ========== DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation) DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation) DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc) DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation) DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation) DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys () DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4 IE - HKLM\..\URLSearchHook: - No CLSID value found IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}: "URL" = hxxp://search.qip.ru/?query={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.qip.ru IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=hp&installDate=01/01/1970 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7SMSN_deDE386DE386 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo" FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Web Search" FF - prefs.js..browser.startup.homepage: "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=hp" FF - prefs.js..extensions.enabledAddons: helperbar@helperbar.com:1.0 FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9 FF - prefs.js..keyword.URL: "hxxp://feed.snap.do/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q=" FF - prefs.js..network.proxy.backup.ftp: "192.168.0.10" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.socks: "192.168.0.10" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "192.168.0.10" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "192.168.0.10" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.http: "192.168.0.10" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.no_proxies_on: "" FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "192.168.0.10" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "192.168.0.10" FF - prefs.js..network.proxy.ssl_port: 8080 FF - prefs.js..network.proxy.type: 1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Malin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) [2011/01/19 18:28:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Malin\AppData\Roaming\mozilla\Extensions [2012/12/04 13:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions [2012/01/05 15:47:05 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2011/05/13 19:40:42 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2011/05/13 19:40:46 | 000,000,000 | ---D | M] (Plasmoo Search Engine) -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\engine@plasmoo.com [2012/12/04 13:53:28 | 000,000,000 | ---D | M] ("Snap.Do ") -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\helperbar@helperbar.com [2012/12/04 13:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Malin\AppData\Roaming\mozilla\Firefox\Profiles\6hy3dgi9.default\extensions\staged [2011/08/17 18:59:45 | 000,025,939 | ---- | M] () (No name found) -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\extensions\ffxtlbr@Facemoods.com.xpi [2012/02/02 20:50:06 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-1.xml [2011/05/14 12:50:50 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-2.xml [2011/06/27 17:41:22 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-3.xml [2011/08/21 17:45:30 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-4.xml [2011/09/01 19:17:20 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-5.xml [2011/09/08 17:42:32 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-6.xml [2011/10/09 13:26:18 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-7.xml [2011/11/10 21:37:36 | 000,000,950 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin-8.xml [2011/05/08 18:27:51 | 000,001,056 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\icqplugin.xml [2011/04/28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\plasmoo.xml [2013/01/29 17:52:49 | 000,002,399 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\mozilla\firefox\profiles\6hy3dgi9.default\searchplugins\Web Search.xml [2013/01/31 19:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions [2012/01/08 21:24:58 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010/12/13 14:36:54 | 000,002,035 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml ========== Chrome ========== CHR - default_search_provider: Web (Enabled) CHR - default_search_provider: search_url = hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=ds&q={searchTerms}&installDate=01/01/1970 CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://feed.snapdo.com/?publisher=SnapdoOpenCandy&dpid=SnapdoOpenCandy&co=DE&userid=7940af1c-3c82-457c-af97-29b9af76362b&searchtype=hp&installDate=01/01/1970 CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.110\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Malin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Malin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - Extension: Snap.Do = C:\Users\Malin\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\ CHR - Extension: AdBlock = C:\Users\Malin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0\ CHR - Extension: Speed Dial 2 = C:\Users\Malin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.6.1.3_0\ O1 HOSTS File: ([2011/07/13 12:10:14 | 000,000,854 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 activate.adobe.com O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O2 - BHO: (QIPBHO Class) - {A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE} - C:\Users\Malin\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll (qip.ru) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ) O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.) O4 - HKLM..\Run: [APLangApp] C:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [NvCplDaemon] C:\windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Malin\AppData\Local\Smartbar\Application\SnapDo.exe (Smartbar) O4 - HKCU..\Run: [GoogleChromeAutoLaunch_2BD2163C7093A13E363F07A8338CA236] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation) O4 - Startup: C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Malin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Malin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 10.11.2) O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{25E5EC99-7CB0-4BB6-8BCE-20C4774EC441}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50910199-5D2C-45B7-9042-E2358248BFEE}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{735B7AD5-6684-4B0E-8DAD-8E1C842465F6}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/06/13 21:54:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Malin\Desktop\OTL.exe [2013/06/04 17:17:48 | 000,000,000 | R--D | C] -- C:\Users\Malin\Dropbox [2013/06/02 20:07:31 | 000,000,000 | ---D | C] -- C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox [2013/06/02 20:06:31 | 000,000,000 | ---D | C] -- C:\Users\Malin\AppData\Roaming\Dropbox [2013/05/16 17:18:58 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mshtml.tlb [2013/05/16 17:18:57 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jscript9.dll [2013/05/16 17:18:55 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ieui.dll [2013/05/16 17:18:55 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesetup.dll [2013/05/16 17:18:55 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\jsproxy.dll [2013/05/16 17:18:54 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msfeeds.dll [2013/05/16 17:18:54 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iesysprep.dll [2013/05/16 17:18:54 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\RegisterIEPKEYs.exe [2013/05/16 17:18:54 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ie4uinit.exe [2013/05/16 17:18:54 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\iernonce.dll [2013/05/16 08:18:24 | 000,040,960 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wwanprotdim.dll [2013/05/16 08:18:23 | 002,347,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys [2013/05/16 08:18:22 | 000,218,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys [2013/05/16 08:17:49 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\authui.dll [2013/05/16 08:17:49 | 000,101,720 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\consent.exe [2010/11/11 19:37:33 | 075,019,048 | ---- | C] (Apple Inc.) -- C:\Users\Malin\iTunesSetup.exe ========== Files - Modified Within 30 Days ========== [2013/06/13 21:54:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Malin\Desktop\OTL.exe [2013/06/13 21:44:02 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013/06/13 21:13:03 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013/06/13 21:09:04 | 000,001,138 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2339853823-2107313754-116825072-1001UA.job [2013/06/13 21:09:04 | 000,001,116 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-2339853823-2107313754-116825072-1001Core.job [2013/06/13 20:53:51 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013/06/13 20:13:00 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013/06/13 12:47:48 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerApp.exe [2013/06/13 12:47:48 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\System32\FlashPlayerCPLApp.cpl [2013/06/13 10:52:51 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/06/13 10:52:51 | 000,014,512 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/06/13 10:45:02 | 3209,216,000 | -HS- | M] () -- C:\hiberfil.sys [2013/06/10 16:59:05 | 000,654,400 | ---- | M] () -- C:\windows\System32\perfh007.dat [2013/06/10 16:59:05 | 000,616,242 | ---- | M] () -- C:\windows\System32\perfh009.dat [2013/06/10 16:59:05 | 000,130,240 | ---- | M] () -- C:\windows\System32\perfc007.dat [2013/06/10 16:59:05 | 000,106,622 | ---- | M] () -- C:\windows\System32\perfc009.dat [2013/06/07 15:16:20 | 000,002,129 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013/06/05 19:45:17 | 000,002,285 | ---- | M] () -- C:\Users\Malin\Desktop\Search.lnk [2013/06/04 17:17:48 | 000,001,039 | ---- | M] () -- C:\Users\Malin\Desktop\Dropbox.lnk [2013/06/02 20:07:43 | 000,001,049 | ---- | M] () -- C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013/05/17 22:34:50 | 000,017,790 | ---- | M] () -- C:\Users\Malin\Desktop\lah2007051041.jpg [2013/05/17 16:13:42 | 001,701,977 | ---- | M] () -- C:\Users\Malin\Desktop\LH_WEBCKI.DE.STANDALONE.4tAaNuTDoIYo6PLSk2APF2.pdf [2013/05/16 22:18:48 | 003,810,344 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013/06/05 19:45:17 | 000,002,383 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk [2013/06/05 19:45:17 | 000,002,285 | ---- | C] () -- C:\Users\Malin\Desktop\Search.lnk [2013/06/04 17:17:48 | 000,001,039 | ---- | C] () -- C:\Users\Malin\Desktop\Dropbox.lnk [2013/06/02 20:07:43 | 000,001,049 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013/05/17 22:34:50 | 000,017,790 | ---- | C] () -- C:\Users\Malin\Desktop\lah2007051041.jpg [2013/05/17 16:13:09 | 001,701,977 | ---- | C] () -- C:\Users\Malin\Desktop\LH_WEBCKI.DE.STANDALONE.4tAaNuTDoIYo6PLSk2APF2.pdf [2012/09/07 15:32:31 | 000,000,112 | ---- | C] () -- C:\ProgramData\G21837FyG.dat [2012/09/07 15:32:17 | 000,000,001 | ---- | C] () -- C:\ProgramData\15KfV5b3.exe_.b [2012/09/07 15:32:17 | 000,000,001 | ---- | C] () -- C:\ProgramData\15KfV5b3.exe.b [2012/08/26 13:08:45 | 000,001,411 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\fotobuch.xml [2012/08/26 13:05:46 | 000,302,688 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\fotobuch-tcache.xml [2012/08/26 13:05:45 | 000,034,712 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\fotobuch-cache7.xml [2012/03/17 17:41:14 | 000,000,278 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\wklnhst.dat [2012/01/31 19:15:44 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe [2012/01/31 19:15:42 | 000,974,848 | ---- | C] () -- C:\windows\System32\cis-2.4.dll [2012/01/31 19:15:42 | 000,081,920 | ---- | C] () -- C:\windows\System32\issacapi_bs-2.3.dll [2012/01/31 19:15:42 | 000,065,536 | ---- | C] () -- C:\windows\System32\issacapi_pe-2.3.dll [2012/01/31 19:15:42 | 000,057,344 | ---- | C] () -- C:\windows\System32\issacapi_se-2.3.dll [2011/06/18 15:48:38 | 000,001,606 | ---- | C] () -- C:\Users\Malin\.recently-used.xbel [2011/06/16 18:08:30 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll [2011/06/16 18:08:30 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys [2011/01/31 16:50:41 | 000,006,144 | ---- | C] () -- C:\Users\Malin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010/12/13 17:47:22 | 000,467,935 | ---- | C] () -- C:\Users\Malin\AppData\Roaming\mdbu.bin [2010/08/13 17:18:56 | 000,272,896 | ---- | C] () -- C:\Users\Malin\Howtohaveagoodday.pps [2010/07/03 22:46:26 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010/07/03 20:54:30 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== Alternate Data Streams ========== @Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:A42A9F39 @Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:ABE89FFE < End of report > Geändert von baum89 (13.06.2013 um 21:32 Uhr) |
|
13.06.2013, 21:24
| #3 |
  | E-Mail Account gehakt? mail delivery-Nachrichten da ist aufjedenfall malware auf dem pc
__________________mfg HardStyler3 |
|
13.06.2013, 21:42
| #4 | |
 | E-Mail Account gehakt? mail delivery-Nachrichten Öhm Zitat:
|
|
13.06.2013, 21:46
| #5 | |
| | E-Mail Account gehakt? mail delivery-NachrichtenZitat:
|
|
13.06.2013, 21:58
| #6 |
| | E-Mail Account gehakt? mail delivery-Nachrichten Damit blockt man die Adobe Registrierung mehr morgen |
|
13.06.2013, 22:04
| #7 | |
| | E-Mail Account gehakt? mail delivery-NachrichtenZitat:
was gegen die regeln zur bereinigung verstößt  |
|
13.06.2013, 22:08
| #8 | |
| | E-Mail Account gehakt? mail delivery-NachrichtenZitat:
|
|
13.06.2013, 22:09
| #9 | |
| | E-Mail Account gehakt? mail delivery-NachrichtenZitat:
 |
|
13.06.2013, 22:10
| #10 | |
| | E-Mail Account gehakt? mail delivery-NachrichtenZitat:
|
|
14.06.2013, 09:05
| #11 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | E-Mail Account gehakt? mail delivery-NachrichtenZitat:
 Legitime Originalsoftware ist sauber. Punkt. Hat etwas mit Vertrauenswürdigkeit zu tun. Überleg mal, wenn du zB Medikamente einmal original aus der Apotheke und einmal von irgendeinem Dealer in der nächsten schmuddeligen Straßenecke vergleichst. Welche Medikamente sind wohl riskanter? Der Dealer streckt und panscht. Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.06.2013, 09:10
| #12 | |
| | E-Mail Account gehakt? mail delivery-NachrichtenZitat:
ja, da geb ich dir wohl recht. Wie gesagt, es handelt sich nicht um meinen Rechner. Deswegen kann ich nichts konkretes dazu sagen. Es wurde allerdings definitiv nicht bewusst getan. Verstehe allerdings die Gründe die du nennst. Unterstütze solche Software ebenfalls in keinster weise. Schade, dass mir so nicht geholfen werden kann. Trotzdem danke für die Antwort. Thread kann dann wohl zu. |
|
14.06.2013, 09:13
| #13 |
| /// TB-Senior | E-Mail Account gehakt? mail delivery-Nachrichten Reicht es nicht wenn man in diesem Fall alles löscht, was von Adobe ist (sieht man ja am Namen) und dann nur das Kostenlose (Flash Player und Acrobat Reader) wieder drauf tut? Müsste man sich für Photoshop oder Acrobat Pro oder was es nun war bloß nach einer billigen Alternative umsehen oder Geld locker machen... aber das ist beim Neuaufsetzen das Gleiche |
|
14.06.2013, 09:17
| #14 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | E-Mail Account gehakt? mail delivery-NachrichtenZitat:
 Das geht nit. Man kann nicht völlig unbewusst sich eine illegale Software besorgen und die auch noch "völlig unbewusst" ausführen  Unbewusst klingt eher nach einer (sry) Ausrede, aber es ist auch völlig egal ob das Zeug mit purer Absicht oder "völlig unbewusst" rauf kam, das spielt keine Rolle, wir bereinigen grundsätzlich Rechner mit illegaler Software nicht.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.06.2013, 09:18
| #15 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  E-Mail Account gehakt? mail delivery-NachrichtenZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu E-Mail Account gehakt? mail delivery-Nachrichten |
| account, aktiv, anhang, bankdaten, e-mail, e-mails, gen, gestern, konnte, leute, polizei, probleme, sache, sachen, sauber, schaltet, schei, sichers, sicherstellen, stelle, system, vermutlich, versendet, verseuchter, verwendet |
E-Mail Account gehakt? mail delivery-Nachrichten
Linear-Darstellung
