Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Auch Delta Search eingefangen

Auch Delta Search eingefangen


Log-Analyse und Auswertung: Auch Delta Search eingefangen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 19.06.2013, 03:12   #1
schaule
 
Auch Delta Search eingefangen - Standard

Auch Delta Search eingefangen


Hallo auch ich hab mir delta search eingefangen.

Ich kann leider nur das Log von OTL anfügen. DIE OTL.TXT ist zu groß um angehängt zu werden
Die extra.txt habe ich auch nicht gefunden
Bei GMER hat sich das Programm immer an der gleichen stelle abgeschossen.

OTL logfile created on: 19.06.2013 03:40:13 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Florian\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 2,93 Gb Available Physical Memory | 73,23% Memory free
8,00 Gb Paging File | 6,79 Gb Available in Paging File | 84,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 390,53 Gb Total Space | 326,58 Gb Free Space | 83,63% Space Free | Partition Type: NTFS
Drive D: | 263,67 Gb Total Space | 225,86 Gb Free Space | 85,66% Space Free | Partition Type: NTFS
Drive E: | 277,21 Gb Total Space | 239,85 Gb Free Space | 86,52% Space Free | Partition Type: NTFS

Computer Name: FLORIAN-PC | User Name: Florian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.06.19 03:15:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe
PRC - [2013.06.13 02:21:42 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.06 12:23:19 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.05.06 12:22:49 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.05.02 22:47:39 | 000,216,968 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
PRC - [2013.04.05 12:55:09 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.05 12:51:51 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013.03.10 23:38:48 | 001,644,680 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.01.12 12:23:20 | 000,018,432 | ---- | M] () -- C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe
PRC - [2011.08.12 12:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2009.09.23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.01.22 19:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE


========== Modules (No Company Name) ==========

MOD - [2010.05.07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
MOD - [2010.05.07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
MOD - [2010.05.07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
MOD - [2010.05.07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
MOD - [2010.05.07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010.09.30 16:58:08 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2009.09.19 04:17:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.06.13 02:21:42 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013.06.12 03:57:24 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.18 01:06:28 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.05.06 12:23:19 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.04.05 12:55:09 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.05 12:51:51 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.22 06:07:18 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.12.25 04:26:00 | 000,541,760 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.01.12 12:23:20 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Users\Florian\AppData\LocalLow\WOT\IE\WOTUpdater.exe -- (WOTUpdater)
SRV - [2011.06.08 13:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.10.27 20:33:43 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2010.09.30 17:03:04 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2010.09.30 16:58:02 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.05.06 11:30:22 | 000,357,456 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.10.23 17:45:14 | 000,307,200 | ---- | M] (T-Systems Enterprise Services GmbH) [On_Demand | Stopped] -- D:\Programme\DSL-Manager\DslMgrSvc.exe -- (TDslMgrService)
SRV - [2008.01.22 19:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.04.05 12:56:27 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.04.05 12:56:27 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.04.05 12:56:27 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.08.17 10:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.05.18 10:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.05.18 10:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.05.18 10:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.05.14 22:02:14 | 006,465,760 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2010.05.14 22:00:52 | 000,329,952 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2010.05.07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 18:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2010.03.18 11:00:40 | 000,041,040 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2010.03.18 11:00:32 | 000,112,208 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouKE.Sys -- (LMouKE)
DRV:64bit: - [2010.03.18 11:00:16 | 000,057,936 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2010.03.18 11:00:00 | 000,063,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2010.03.18 10:59:12 | 000,089,680 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L8042mou.Sys -- (L8042mou)
DRV:64bit: - [2009.11.17 10:16:44 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)
DRV:64bit: - [2009.09.19 06:32:36 | 006,170,624 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.08.23 16:02:30 | 000,120,336 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.22 16:52:30 | 000,215,040 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.08.01 14:49:02 | 000,019,008 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dslmnlwf.sys -- (DslMNLwf)
DRV:64bit: - [2006.11.07 02:00:00 | 000,030,208 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmunet.sys -- (AVMUNET)
DRV - [2010.02.24 14:41:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2001.01.26 13:43:20 | 000,002,144 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\T-Com\DSLCheck\PciDumpr.sys -- (PciDumpr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 7B 45 29 86 6C CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {5867B61C-0F3F-4E79-BBEB-AC6A84A7813C}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{5867B61C-0F3F-4E79-BBEB-AC6A84A7813C}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{7DFC9838-F57D-4CB4-8039-E56A657F0795}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=954e5e63-611d-4e56-a6b1-702f0b9b3ab2&apn_sauid=01535169-D990-41BF-A8DA-76457173FFD7
IE - HKCU\..\SearchScopes\{814FB1F1-1458-4CA4-B117-79B2851D52B6}: "URL" = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: add-to-searchbox%40maltekraus.de:2.0
FF - prefs.js..extensions.enabledAddons: getmail%40webdesigns.ms11.net:3.4.10
FF - prefs.js..extensions.enabledAddons: linky%40gemal.dk:3.0.0
FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.7.0
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://www.google.de/search?q="
FF - prefs.js..network.proxy.autoconfig_url: "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%2 0shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20hos t%20%3D%3D%20's.hulu.com'%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMat ch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20(url.indexOf('turntable.fm')%20!%3D%20-1%20%26%26%20url.indexOf('static.turntable.fm')%20%3D%3D%20-1%20%26%26%20url.indexOf('s3.amazonaws.com')%20%3D%3D%20-1%20%26%26%20url.indexOf('ping.chartbeat.net')%20%3D%3D%20-1))%20%7B%20return%20'PROXY%20ab-us09.personalitycores.com%3A8000%3B%20PROXY%20ab-us15.personalitycores.com%3A8000%3B%20PROXY%20ab-us07.personalitycores.com%3A8000%3B%20PROXY%20ab-us14.personalitycores.com%3A8000%3B%20PROXY%20ab-us17.personalitycores.com%3A8000%3B%20PROXY%20ab-us01.personalitycores.com%3A8000%3B%20PROXY%20ab-us03.personalitycores.com%3A8000%3B%20PROXY%20ab-us08.personalitycores.com%3A8000%3B%20PROXY%20ab-us10.personalitycores.com%3A8000%3B%20PROXY%20ab-us18.personalitycores.com%3A8000%3B%20PROXY%20ab-us12.personalitycores.com%3A8000%3B%20PROXY%20ab-us16.personalitycores.com%3A8000%3B%20PROXY%20ab-us13.personalitycores.com%3A8000%3B%20PROXY%20ab-us11.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF - prefs.js..network.proxy.type: 2


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: D:\Programme\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: D:\Multimediaprogramme\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: D:\Multimediaprogramme\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: D:\Multimediaprogramme\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Florian\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.18 01:06:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.14 21:15:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012.01.14 20:33:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions
[2010.05.13 18:46:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.05.13 15:15:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.06.19 02:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\d3kcebxe.default\extensions
[2013.05.31 23:34:28 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\d3kcebxe.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.10.13 17:50:19 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\d3kcebxe.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2013.04.13 16:56:01 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\d3kcebxe.default\extensions\fb_add_on@avm.de
[2013.05.13 00:05:30 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\Florian\AppData\Roaming\mozilla\Firefox\Profiles\d3kcebxe.default\extensions\toolbar@ask.com
[2012.01.14 20:51:33 | 000,025,781 | ---- | M] () (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\d3kcebxe.default\extensions\add-to-searchbox@maltekraus.de.xpi
[2012.02.02 22:09:11 | 000,009,612 | ---- | M] () (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\d3kcebxe.default\extensions\getmail@webdesigns.ms11.net.xpi
[2013.06.15 17:30:58 | 000,375,787 | ---- | M] () (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\d3kcebxe.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
[2012.01.14 21:01:42 | 000,024,747 | ---- | M] () (No name found) -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\d3kcebxe.default\extensions\linky@gemal.dk.xpi
[2013.01.13 01:13:05 | 000,002,413 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\d3kcebxe.default\searchplugins\askcom.xml
[2013.06.19 02:34:29 | 000,001,294 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\d3kcebxe.default\searchplugins\delta.xml
[2012.01.14 20:54:12 | 000,001,202 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\d3kcebxe.default\searchplugins\my-video.xml
[2012.01.14 20:54:02 | 000,001,311 | ---- | M] () -- C:\Users\Florian\AppData\Roaming\mozilla\firefox\profiles\d3kcebxe.default\searchplugins\youtube---broadcast-yourself.xml
[2013.06.19 02:35:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions
[2013.05.18 01:06:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.18 01:06:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2012.02.03 14:46:19 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WOT) - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\Florian\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Florian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Florian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - D:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - D:\Programme\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.21.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46A21199-6841-4D64-908B-2AC9386B247B}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.06.19 03:19:36 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe
[2013.06.19 02:34:31 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\BabSolution
[2013.06.19 02:32:59 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Babylon
[2013.06.19 02:32:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.06.15 23:30:55 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Subversion
[2013.06.15 23:24:30 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\fltk.org
[2013.06.15 23:24:30 | 000,000,000 | ---D | C] -- C:\ProgramData\fltk.org
[2013.06.15 23:24:15 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\flightgear.org
[2013.06.15 23:24:15 | 000,000,000 | ---D | C] -- C:\ProgramData\flightgear.org
[2013.06.13 02:29:40 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Local\DOSBox
[2013.06.13 02:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
[2013.06.12 00:41:26 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\gramps
[2013.06.11 03:00:21 | 000,000,000 | ---D | C] -- C:\Users\Florian\AppData\Roaming\Genea
[2013.05.28 00:35:28 | 000,000,000 | ---D | C] -- C:\Users\Florian\dwhelper
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.06.19 03:37:33 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.19 03:37:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.19 03:37:20 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.19 03:32:34 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.19 03:32:34 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.19 03:30:37 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.19 03:30:37 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.19 03:30:37 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.19 03:30:37 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.19 03:30:37 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.19 03:15:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Florian\Desktop\OTL.exe
[2013.06.19 02:52:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.19 02:46:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.16 00:01:34 | 000,000,689 | ---- | M] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.06.15 23:57:37 | 000,000,048 | ---- | M] () -- C:\Windows\WinInit.ini
[2013.06.15 23:57:37 | 000,000,023 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2013.06.15 02:07:58 | 000,000,673 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.06.15 01:34:35 | 000,041,760 | ---- | M] () -- C:\Users\Florian\Fahrtenbuch.ods
[2013.06.14 20:12:10 | 000,069,866 | ---- | M] () -- C:\Windows\cdplayer.ini
[2013.06.13 02:21:42 | 000,075,136 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2013.06.13 02:20:11 | 000,268,952 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.06.13 01:31:22 | 000,682,280 | ---- | M] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.06.11 02:04:54 | 000,000,028 | ---- | M] () -- C:\Windows\ODBC.INI
[2013.06.07 00:41:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.05.24 18:39:44 | 000,109,056 | ---- | M] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.06.16 00:01:34 | 000,000,689 | ---- | C] () -- C:\Users\Public\Desktop\World of Tanks.lnk
[2013.06.15 23:57:37 | 000,000,048 | ---- | C] () -- C:\Windows\WinInit.ini
[2013.06.13 01:31:22 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2013.06.11 03:00:14 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013.06.07 00:41:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.05.24 18:43:08 | 004,548,079 | ---- | C] () -- C:\starssm11.rm
[2013.03.19 04:23:09 | 000,188,416 | RHS- | C] () -- C:\Windows\SysWow64\winDCE32.dll
[2013.01.12 05:53:55 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.12.02 15:32:57 | 000,010,523 | ---- | C] () -- C:\Users\Florian\Kalender.ods
[2012.11.01 23:12:08 | 000,020,510 | ---- | C] () -- C:\Users\Florian\geburtstagskalender.ods
[2012.09.14 23:24:54 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\PTQL5F.DLL
[2012.05.13 01:30:05 | 000,014,922 | ---- | C] () -- C:\Users\Florian\Vorlage Briefverkehr.ods
[2012.03.25 13:32:00 | 000,037,436 | ---- | C] () -- C:\Users\Florian\Merkblatt_zum_EU-Fuehrerschein-Scheckkartenfuehrerschein.pdf
[2012.03.25 13:32:00 | 000,029,126 | ---- | C] () -- C:\Users\Florian\poker-wertigkeit.pdf
[2012.03.25 13:32:00 | 000,018,752 | ---- | C] () -- C:\Users\Florian\Mondgrundstück.pdf
[2012.03.25 13:31:59 | 001,553,024 | ---- | C] () -- C:\Users\Florian\vonpotsdamnachworkuta.pdf
[2012.03.25 13:31:59 | 001,001,664 | ---- | C] () -- C:\Users\Florian\HAIX Pflegeanleitung.pdf
[2012.03.25 13:31:59 | 000,259,172 | ---- | C] () -- C:\Users\Florian\desktopbackup_Win7.jpg
[2012.03.25 13:31:59 | 000,254,300 | ---- | C] () -- C:\Users\Florian\HAIX Special Fighter Schnueranleitung.pdf
[2012.03.25 13:31:59 | 000,205,752 | ---- | C] () -- C:\Users\Florian\KFZ -Highlight Kfz Versicherung.pdf
[2012.03.25 13:31:59 | 000,186,201 | ---- | C] () -- C:\Users\Florian\kfz Flyer Schutzbriefleistung.pdf
[2012.03.25 13:31:59 | 000,154,482 | ---- | C] () -- C:\Users\Florian\hartz -ELO-Flugi - Rechte von Erwerbslosen.pdf
[2012.03.25 13:31:59 | 000,136,536 | ---- | C] () -- C:\Users\Florian\desktopbackup_Laptop.jpg
[2012.03.25 13:31:59 | 000,041,760 | ---- | C] () -- C:\Users\Florian\Fahrtenbuch.ods
[2012.03.25 13:31:59 | 000,013,773 | ---- | C] () -- C:\Users\Florian\Medikamentenplan.odt
[2012.03.25 13:31:59 | 000,011,972 | ---- | C] () -- C:\Users\Florian\Krawattenknoten_gross.gif
[2012.03.25 13:31:58 | 000,534,970 | ---- | C] () -- C:\Users\Florian\Quattro_Schild.pdf
[2012.03.25 13:31:58 | 000,328,716 | ---- | C] () -- C:\Users\Florian\quattro 98-Bedienungsanleitung-RE429NT-1.pdf
[2012.03.25 13:31:58 | 000,071,111 | ---- | C] () -- C:\Users\Florian\rufnamen.pdf
[2012.03.25 13:31:58 | 000,020,758 | ---- | C] () -- C:\Users\Florian\Trauerkartensprüche.odt
[2012.02.16 21:30:18 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2012.02.03 14:41:09 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.02.03 14:41:09 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.02.03 14:41:09 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.02.03 14:41:09 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.02.03 14:41:09 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.12.24 16:33:16 | 000,491,520 | ---- | C] () -- C:\Windows\ssndii.exe
[2011.11.24 18:40:13 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.09.17 16:38:20 | 000,000,595 | ---- | C] () -- C:\Windows\reConfig.ini
[2010.06.15 17:27:25 | 000,000,017 | ---- | C] () -- C:\Users\Florian\AppData\Local\resmon.resmoncfg
[2010.05.28 19:58:30 | 000,000,192 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\default.rss
[2010.05.28 19:58:30 | 000,000,000 | ---- | C] () -- C:\Users\Florian\AppData\Roaming\downloads.m3u
[2010.05.25 20:13:11 | 000,109,056 | ---- | C] () -- C:\Users\Florian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013.05.04 19:32:33 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Amazon
[2011.06.21 20:22:53 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Ashampoo
[2012.12.22 02:41:11 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Audacity
[2013.06.19 02:34:31 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\BabSolution
[2013.06.19 02:32:59 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Babylon
[2011.07.08 18:59:23 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\BitTorrent
[2010.05.10 19:11:08 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Canon
[2012.07.21 18:26:03 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\DVDVideoSoft
[2012.04.30 02:36:08 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.06.15 02:05:06 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\FileZilla
[2013.06.15 23:53:26 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\flightgear.org
[2013.06.15 23:29:36 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\fltk.org
[2013.01.12 04:57:24 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\FRITZ!
[2013.06.11 03:00:36 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Genea
[2011.11.24 19:51:17 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Geogrid
[2010.06.21 19:44:02 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\GetRightToGo
[2011.08.09 19:50:07 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\GMap.NET
[2013.06.12 00:41:47 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\gramps
[2013.02.12 23:16:11 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\ICQ
[2013.05.12 23:08:33 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\InspireSoft
[2013.05.12 23:08:52 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\JGsoft
[2010.05.10 20:11:12 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Leadertech
[2011.01.29 21:57:46 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\LibreOffice
[2010.05.13 23:29:18 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Lingo4u
[2011.08.19 23:51:00 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Need for Speed World
[2013.05.28 03:32:53 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Nettalk
[2011.10.09 02:08:47 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Nokia
[2011.10.09 02:08:47 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Nokia Ovi Suite
[2010.05.14 00:23:22 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\OpenOffice.org
[2012.01.14 20:29:06 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Opera
[2011.10.08 22:41:48 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\PC Suite
[2013.05.10 18:16:51 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\PDF Writer
[2010.11.06 22:16:38 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Scribus
[2010.11.06 22:27:55 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\SmartTools
[2010.05.09 15:07:36 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\SpeedProject
[2013.06.15 23:30:55 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Subversion
[2012.04.30 02:38:42 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\systweak
[2012.04.15 21:30:46 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\Thunderbird
[2010.05.13 15:15:01 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\TomTom
[2010.05.14 13:50:16 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\TuneUp Software
[2012.06.23 18:05:12 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\uTorrent
[2013.06.18 23:04:25 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\VSO
[2012.09.16 03:48:45 | 000,000,000 | ---D | M] -- C:\Users\Florian\AppData\Roaming\wargaming.net
[2011.04.30 16:42:08 | 000,000,000 | -HSD | M] -- C:\Users\Florian\AppData\Roaming\wyUpdate AU

========== Purity Check ==========



< End of report >

 

Themen zu Auch Delta Search eingefangen
adobe, antivir, avg, avira, avira searchfree toolbar, bho, canon, converter, error, explorer, firefox, flash player, format, google, home, intranet, log, logfile, mozilla, nodrives, opera, plug-in, programm, programme, realtek, registry, s3.amazonaws.com, scan, senden, software, windows


« Delta Search | Malware in e-Mail ZIP »


Ähnliche Themen: Auch Delta Search eingefangen


  1. 1.delta-search.com mit eingefangen
    Mülltonne - 09.01.2017 (3)
  2. babylon search und delta search als startseite im browser
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (9)
  3. delta search "eingefangen"
    Plagegeister aller Art und deren Bekämpfung - 20.03.2014 (4)
  4. Search d.p Engine. Ist das Delta-Search? Wenn nein, egal ich werde es nicht mehr los
    Log-Analyse und Auswertung - 27.01.2014 (11)
  5. Hallo auch ich hab mir delta search eingefangen.
    Log-Analyse und Auswertung - 30.09.2013 (5)
  6. Delta.search eingefangen und internetexplorer ist plötzlich portugiesisch statt deutsch
    Plagegeister aller Art und deren Bekämpfung - 24.09.2013 (21)
  7. Delta Search mit PicPick eingefangen
    Plagegeister aller Art und deren Bekämpfung - 01.08.2013 (3)
  8. Delta Search
    Plagegeister aller Art und deren Bekämpfung - 20.07.2013 (3)
  9. Delta Search und Babylon search - Malware durch Freeware, Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 16.07.2013 (37)
  10. delta search eingefangen
    Log-Analyse und Auswertung - 19.06.2013 (25)
  11. Delta-Search durch J-Downloader eingefangen
    Log-Analyse und Auswertung - 20.05.2013 (8)
  12. Delta search eingefangen
    Plagegeister aller Art und deren Bekämpfung - 25.04.2013 (9)
  13. Delta Search Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 17.04.2013 (6)
  14. Delta Search mit Spybot entfernt; Delta Search taucht jedoch in neuen Tab trotzdem auf
    Plagegeister aller Art und deren Bekämpfung - 16.04.2013 (10)
  15. Delta-Search hat mich leider auch erwischt
    Plagegeister aller Art und deren Bekämpfung - 09.04.2013 (15)
  16. Delta Search
    Plagegeister aller Art und deren Bekämpfung - 03.04.2013 (6)
  17. Delta Search und Babylon Search entfernt - Ist nun alles weg?
    Log-Analyse und Auswertung - 16.03.2013 (18)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Auch Delta Search eingefangen - Hallo auch ich hab mir delta search eingefangen. Ich kann leider nur das Log von OTL anfügen. DIE OTL.TXT ist zu groß um angehängt zu werden Die extra.txt habe ich - Auch Delta Search eingefangen...
Archiv
Du betrachtest: Auch Delta Search eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131