Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Weiterleitungen und ,,Recommended for you"-Popups

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.05.2012, 12:38   #1
Suche Hilfe
 
Weiterleitungen und ,,Recommended for you"-Popups - Standard

Weiterleitungen und ,,Recommended for you"-Popups



Liebes Trojaner-Board,

seit kurzem habe ich Probleme mit meinem Internetbrowser, egal, welchen ich verwende.

Häufiger kommt es vor, dass beim klicken auf einen Link nicht die gewünschte Seite öffnet, sondern stattdessen eine weiße Seite und links oben der Text ,,The document has moved, redirecting..." woraufhin ich auf eine Reklameseite weitergeleitet werde. Es kommt unregelmäßig vor.

Als Zweites klappt, ebenfalls unregelmäßig, unten rechts regelmäßig ein (Flash-?)Popup auf, häufiger in Form eines iPhones, mit Werbung. Es lässt sich nicht schließen, wenn man auf das eingeblendete Kreuz klickt, verkleinert es sich bloß zu einem Balken, auf welchem steht: ,,Recommended for you".

Kein Anti-Malware-Programm hat mir effektiv helfen können. Auf englischsprachigen Foren ist das Thema bereits aufgetreten, es scheint, als könne das nur ein Profi lösen. Also, hier kommt Ihr ins Spiel:

Die OTL.txt ist zu groß für den Anhang, deswegen poste ich sie hier, sorry!OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 5/4/2012 12:30:11 PM - Run 2
OTL by OldTimer - Version 3.2.42.2 Folder = C:\Users\Igel\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.87 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 54.59% Memory free
7.73 Gb Paging File | 5.84 Gb Available in Paging File | 75.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.59 Gb Total Space | 378.59 Gb Free Space | 83.65% Space Free | Partition Type: NTFS
Drive D: | 13.08 Gb Total Space | 1.61 Gb Free Space | 12.28% Space Free | Partition Type: NTFS
Drive E: | 503.64 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: HEDGEHOGSPLACE | User Name: Igel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/05/04 10:54:26 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Igel\Desktop\OTL.exe
PRC - [2012/04/15 19:55:25 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe
PRC - [2012/04/04 07:53:54 | 001,496,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/05/21 00:59:30 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/05/21 00:59:28 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2010/01/15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/01 06:02:50 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 06:02:48 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2008/11/20 19:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/04/15 19:55:26 | 000,783,360 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
MOD - [2012/04/15 19:55:26 | 000,316,928 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
MOD - [2012/04/15 19:55:26 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
MOD - [2012/04/15 19:55:26 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
MOD - [2012/04/15 19:55:26 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
MOD - [2012/04/15 19:55:26 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
MOD - [2012/04/15 19:55:26 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
MOD - [2012/04/15 19:55:26 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
MOD - [2012/04/15 19:55:26 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
MOD - [2012/04/15 19:55:26 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
MOD - [2012/04/15 19:55:26 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
MOD - [2012/04/15 19:55:26 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
MOD - [2012/04/15 19:55:26 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll
MOD - [2012/04/14 11:27:19 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012/04/12 14:00:07 | 009,389,568 | ---- | M] () -- C:\Users\Igel\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
MOD - [2012/04/12 07:28:10 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d932bdb0712c33e0000c75035dbe74d1\PresentationFramework.ni.dll
MOD - [2012/04/12 07:27:57 | 012,431,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5c37600b4ae4ffeaeff645bb16a58137\System.Windows.Forms.ni.dll
MOD - [2012/04/12 07:27:52 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\b7bec10dca3f27113cc91c24b79c8f75\System.Drawing.ni.dll
MOD - [2012/04/12 07:27:44 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\66fdd11e758f6c833fbc173338c1ff5b\PresentationCore.ni.dll
MOD - [2012/04/04 07:53:52 | 000,249,232 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
MOD - [2012/02/17 15:56:18 | 000,997,888 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\0794d7af09099432ebfb51af1d7f15ae\System.Management.ni.dll
MOD - [2012/02/17 15:56:17 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\966a138f3aed60400472ac415bd16bc8\IAStorUtil.ni.dll
MOD - [2012/02/16 16:16:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\6954c7f14ea634672cdacf2cd793497e\PresentationFramework.Aero.ni.dll
MOD - [2012/02/16 16:16:01 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll
MOD - [2012/02/16 16:16:00 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\c06a0517281bb4a9c7fcaeb58d38cd63\System.Data.ni.dll
MOD - [2012/02/16 16:15:21 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\585ac5899ab444221c8b41df13b194bc\WindowsBase.ni.dll
MOD - [2012/02/16 16:15:17 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll
MOD - [2012/02/16 16:15:15 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll
MOD - [2012/02/16 16:15:14 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll
MOD - [2011/10/17 10:39:22 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll
MOD - [2011/09/15 15:34:15 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/10/17 06:12:44 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/10/17 06:12:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010/09/28 15:00:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/09/28 15:00:30 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/09/28 15:00:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2010/05/04 16:36:28 | 000,970,752 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2009/06/10 23:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012/04/05 12:34:24 | 000,035,648 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2010/05/27 18:59:40 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/04/16 14:51:00 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/05 12:34:26 | 002,143,552 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012/04/05 12:34:22 | 000,028,992 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012/03/22 15:45:32 | 000,489,256 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe -- (BBSvc)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/21 15:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/06/02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/04/04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/01/15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/10/01 06:02:50 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/10/01 06:02:48 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/10 03:45:54 | 004,162,784 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam C210(UVC)
DRV:64bit: - [2010/05/27 19:39:12 | 006,856,192 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/05/27 18:25:36 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/04/21 06:18:44 | 010,326,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/03/04 16:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/03/04 05:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 11:32:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/09/17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/02/09 11:48:24 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {EF6FB47C-220D-4E45-BC9D-25270D07BC74}
IE:64bit: - HKLM\..\SearchScopes\{4EA10339-2BFE-4F4C-8640-59421B2DE924}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{CB16F83A-36BC-4219-BFFE-9F9DF8FEE274}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{EF6FB47C-220D-4E45-BC9D-25270D07BC74}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\..\SearchScopes,DefaultScope = {EF6FB47C-220D-4E45-BC9D-25270D07BC74}
IE - HKLM\..\SearchScopes\{4EA10339-2BFE-4F4C-8640-59421B2DE924}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{CB16F83A-36BC-4219-BFFE-9F9DF8FEE274}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{EF6FB47C-220D-4E45-BC9D-25270D07BC74}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
IE - HKCU\..\SearchScopes,DefaultScope = {EF6FB47C-220D-4E45-BC9D-25270D07BC74}
IE - HKCU\..\SearchScopes\{4EA10339-2BFE-4F4C-8640-59421B2DE924}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKCU\..\SearchScopes\{CB16F83A-36BC-4219-BFFE-9F9DF8FEE274}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
IE - HKCU\..\SearchScopes\{EF6FB47C-220D-4E45-BC9D-25270D07BC74}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
 
 
O1 HOSTS File: ([2012/04/03 20:49:54 | 000,001,401 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 68.168.222.226 www.google-analytics.com.
O1 - Hosts: 68.168.222.226 ad-emea.doubleclick.net.
O1 - Hosts: 68.168.222.226 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe (Hewlett-Packard)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKCU..\Run: [Steam] C:\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Igel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{949B8CCE-1090-4681-9C9F-352EB60A6F6C}: NameServer = 195.50.140.182 195.50.140.114
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\picturemover.exe: Debugger - C:\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\steam.exe: Debugger - C:\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\picturemover.exe: Debugger - C:\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\steam.exe: Debugger - C:\TuneUp Utilities 2012\TUAutoReactivator64.exe (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/09/29 04:50:06 | 000,000,063 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{dfb421d2-d9b0-11df-ada0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{dfb421d2-d9b0-11df-ada0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\_Autorun\Autorun.exe -- [2003/09/26 03:05:52 | 000,073,728 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 90 Days ==========
 
[2012/05/04 10:56:41 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/05/04 10:55:55 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/05/04 10:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/04 10:55:55 | 000,000,000 | ---D | C] -- C:\Malwarebytes' Anti-Malware
[2012/05/04 10:55:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/05/04 10:54:26 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Igel\Desktop\OTL.exe
[2012/05/04 02:45:12 | 000,000,000 | ---D | C] -- C:\Users\Igel\AppData\Local\Mozilla
[2012/05/04 02:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/05/04 01:19:26 | 155,885,352 | ---- | C] (Kaspersky Lab) -- C:\Users\Igel\Desktop\kav12.0.0.374de_de.exe
[2012/05/03 23:37:37 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/04/29 23:03:47 | 000,000,000 | ---D | C] -- C:\Users\Igel\AppData\Roaming\Malwarebytes
[2012/04/29 19:38:01 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
[2012/04/24 21:06:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/04/24 21:05:53 | 000,035,648 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012/04/24 21:05:53 | 000,028,992 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012/04/24 21:05:14 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012/04/24 21:05:13 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012/04/24 21:05:13 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012/04/24 21:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012/04/24 21:04:59 | 000,000,000 | ---D | C] -- C:\Users\Igel\AppData\Roaming\TuneUp Software
[2012/04/24 21:04:55 | 000,000,000 | ---D | C] -- C:\TuneUp Utilities 2012
[2012/04/24 21:03:30 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/04/24 21:03:21 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/04/23 19:40:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/04/23 19:40:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/04/18 01:24:21 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/18 01:24:21 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/18 01:24:20 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/18 01:24:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/18 01:24:20 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/18 01:24:20 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/18 01:24:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/18 01:24:19 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/18 01:24:19 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/18 01:24:19 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/18 01:24:19 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/16 18:58:14 | 000,000,000 | ---D | C] -- C:\Users\Igel\AppData\Roaming\Google
[2012/04/16 18:58:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/04/16 18:57:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
[2012/04/16 18:57:39 | 000,000,000 | ---D | C] -- C:\Google SketchUp 8
[2012/04/16 14:42:37 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/04/16 14:42:37 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/04/16 14:42:37 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/04/16 14:42:37 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/04/16 14:42:37 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/04/16 14:42:37 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/04/16 14:42:37 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/04/16 14:42:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/04/16 14:42:37 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/04/16 14:42:37 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/04/16 14:42:37 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/04/16 14:42:37 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/04/16 14:42:37 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/04/16 14:42:37 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/04/16 14:42:37 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/04/16 14:42:37 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/04/16 14:42:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/04/16 14:42:37 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/04/16 14:42:37 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/04/16 14:42:37 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/04/16 14:42:37 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/04/16 14:42:37 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/04/16 14:42:37 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/04/16 14:42:37 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/04/16 14:42:37 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/04/16 14:42:37 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/04/16 14:42:37 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/04/16 14:42:37 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/04/16 14:42:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/04/16 14:42:37 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/04/16 14:42:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/04/16 14:42:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/04/16 14:42:37 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/04/16 14:42:37 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/04/16 14:42:37 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/04/16 14:42:37 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/04/16 14:42:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/04/16 14:42:37 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/04/16 14:42:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/04/16 14:42:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/04/16 14:42:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/04/16 14:42:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/04/16 14:42:37 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/04/16 14:42:37 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/04/16 14:42:37 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/04/16 14:42:36 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/04/16 14:42:36 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/04/16 14:42:36 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/04/16 14:42:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/04/16 14:42:36 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/04/16 14:42:36 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/04/16 14:42:36 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/04/16 14:42:36 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/04/16 14:42:36 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/04/16 14:42:36 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/04/16 14:42:36 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/04/16 14:42:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/04/16 14:42:36 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/04/16 14:42:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/04/16 14:42:36 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/04/16 14:42:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/04/16 14:41:38 | 000,265,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012/04/16 14:41:38 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/04/14 11:27:17 | 008,741,536 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/12 01:13:21 | 005,504,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/12 01:13:21 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/12 01:13:21 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/12 01:12:09 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/12 01:12:09 | 000,022,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/12 01:12:08 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/02 00:04:02 | 000,418,464 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/02 00:03:43 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012/03/17 16:23:21 | 001,837,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/03/17 16:23:21 | 001,541,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/17 16:23:21 | 000,902,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/03/17 16:23:21 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/03/17 16:23:21 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/03/17 16:22:29 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/17 16:22:29 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/17 16:22:29 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/17 16:22:29 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/17 16:22:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/02/22 12:51:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2012/02/16 07:58:45 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012/02/16 07:58:43 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012/02/16 07:58:43 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012/02/16 07:58:39 | 000,634,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012/02/04 13:15:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/02/04 13:15:09 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
 
========== Files - Modified Within 90 Days ==========
 
[2012/05/04 12:27:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/04 11:10:45 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/04 11:10:45 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/04 11:05:05 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/05/04 11:05:05 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/05/04 11:05:05 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/05/04 11:05:05 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/05/04 11:05:05 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/05/04 10:58:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/04 10:57:59 | 3113,545,728 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/04 10:55:55 | 000,000,710 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/05/04 10:54:26 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Igel\Desktop\OTL.exe
[2012/05/04 01:50:48 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/05/04 01:30:33 | 000,017,408 | ---- | M] () -- C:\Users\Igel\AppData\Local\WebpageIcons.db
[2012/05/04 01:28:09 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/05/04 01:24:06 | 155,885,352 | ---- | M] (Kaspersky Lab) -- C:\Users\Igel\Desktop\kav12.0.0.374de_de.exe
[2012/05/03 22:13:19 | 000,000,328 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForIgel.job
[2012/04/29 19:38:18 | 001,526,976 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/24 21:05:10 | 000,001,770 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/04/24 21:05:10 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/04/22 22:33:05 | 000,157,419 | ---- | M] () -- C:\Users\Igel\Desktop\20120628_***_8KZLP8.pdf
[2012/04/18 15:40:49 | 000,011,653 | ---- | M] () -- C:\Users\Igel\Documents\U-Bahn Ruhr.odt
[2012/04/17 13:14:58 | 000,018,485 | ---- | M] () -- C:\Users\Igel\Documents\U-Bahn Ruhr Var.odt
[2012/04/16 18:57:45 | 000,001,637 | ---- | M] () -- C:\Users\Public\Desktop\Google SketchUp 8.lnk
[2012/04/16 17:58:28 | 000,001,445 | ---- | M] () -- C:\Users\Igel\Desktop\Internet Explorer.lnk
[2012/04/16 14:51:00 | 000,418,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/04/16 14:51:00 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/04/16 14:42:37 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012/04/16 14:42:37 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012/04/16 14:42:37 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012/04/16 14:42:37 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012/04/16 14:42:37 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012/04/16 14:42:37 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012/04/16 14:42:37 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012/04/16 14:42:37 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/04/16 14:42:37 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012/04/16 14:42:37 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012/04/16 14:42:37 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012/04/16 14:42:37 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012/04/16 14:42:37 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012/04/16 14:42:37 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012/04/16 14:42:37 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012/04/16 14:42:37 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012/04/16 14:42:37 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/04/16 14:42:37 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012/04/16 14:42:37 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012/04/16 14:42:37 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012/04/16 14:42:37 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012/04/16 14:42:37 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012/04/16 14:42:37 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012/04/16 14:42:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012/04/16 14:42:37 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012/04/16 14:42:37 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012/04/16 14:42:37 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012/04/16 14:42:37 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012/04/16 14:42:37 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012/04/16 14:42:37 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012/04/16 14:42:37 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012/04/16 14:42:37 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012/04/16 14:42:37 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012/04/16 14:42:37 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/16 14:42:37 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012/04/16 14:42:37 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012/04/16 14:42:37 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012/04/16 14:42:37 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012/04/16 14:42:37 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012/04/16 14:42:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012/04/16 14:42:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012/04/16 14:42:37 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012/04/16 14:42:37 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012/04/16 14:42:37 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012/04/16 14:42:37 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012/04/16 14:42:37 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012/04/16 14:42:36 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012/04/16 14:42:36 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012/04/16 14:42:36 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012/04/16 14:42:36 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012/04/16 14:42:36 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012/04/16 14:42:36 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012/04/16 14:42:36 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012/04/16 14:42:36 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012/04/16 14:42:36 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012/04/16 14:42:36 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012/04/16 14:42:36 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012/04/16 14:42:36 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012/04/16 14:42:36 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012/04/16 14:42:36 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012/04/16 14:42:36 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/16 14:42:36 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012/04/16 14:42:36 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012/04/16 14:41:38 | 000,265,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2012/04/16 14:41:38 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2012/04/16 10:12:43 | 000,028,270 | ---- | M] () -- C:\Users\Igel\Documents\RGutachten 249-12.odt
[2012/04/16 00:37:14 | 000,390,997 | ---- | M] () -- C:\Users\Igel\Desktop\Application_***.pdf
[2012/04/15 23:13:00 | 000,017,895 | ---- | M] () -- C:\Users\Igel\Documents\Abfalltonne.odt
[2012/04/15 19:55:26 | 000,001,835 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2012/04/14 11:27:17 | 008,741,536 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/04/13 21:37:01 | 087,227,952 | ---- | M] () -- C:\Users\Igel\Desktop\avira_free_antivirus_de.exe
[2012/04/10 11:39:42 | 000,024,658 | ---- | M] () -- C:\Users\Igel\Documents\RGutachten ***.odt
[2012/04/10 10:27:16 | 000,023,447 | ---- | M] () -- C:\Users\Igel\Documents\Klauselerinnerungserwiderung ***.odt
[2012/04/09 01:00:00 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHEDGEHOGSPLACE$.job
[2012/04/08 23:10:31 | 000,015,193 | ---- | M] () -- C:\Users\Igel\Documents\GuV Speyernparty.ods
[2012/04/05 12:34:28 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012/04/05 12:34:26 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012/04/05 12:34:26 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012/04/05 12:34:24 | 000,035,648 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2012/04/05 12:34:22 | 000,028,992 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/03 20:49:54 | 000,001,401 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/03/27 23:28:16 | 000,003,294 | ---- | M] () -- C:\Users\Igel\.recently-used.xbel
[2012/03/26 19:49:52 | 000,014,167 | ---- | M] () -- C:\Users\Igel\Documents\Kuendigung Wohnung.odt
[2012/03/26 19:27:56 | 000,017,185 | ---- | M] () -- C:\Users\Igel\Documents\Kuendigung Vodafone Festnetz.odt
[2012/03/26 13:55:18 | 000,022,275 | ---- | M] () -- C:\Users\Igel\Documents\Anschreiben FHDO.odt
[2012/03/26 09:29:55 | 005,433,351 | ---- | M] () -- C:\Users\Igel\Desktop\dortmund.pdf
[2012/03/26 09:26:41 | 000,008,713 | ---- | M] () -- C:\Users\Igel\Desktop\Groll.odt
[2012/03/18 09:56:34 | 000,315,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/06 08:43:21 | 005,504,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/06 07:59:41 | 003,958,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/06 07:59:41 | 003,902,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/05 23:12:22 | 000,053,247 | ---- | M] () -- C:\Users\Igel\Desktop\Magisterarbeit_Teil_Otherness_(2).odt
[2012/03/02 18:12:30 | 000,018,054 | ---- | M] () -- C:\Users\Igel\Documents\Anschreiben Formblatt.odt
[2012/03/01 11:13:01 | 000,026,280 | ---- | M] () -- C:\Users\Igel\Documents\Klageschrift 364-11.odt
[2012/03/01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/03/01 08:45:41 | 000,220,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/03/01 08:40:14 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/03/01 02:40:47 | 001,666,052 | ---- | M] () -- C:\Users\Igel\Desktop\Amtrak_System0211_101web.pdf
[2012/02/29 00:49:38 | 000,008,614 | ---- | M] () -- C:\Users\Igel\Documents\spanische noten.ods
[2012/02/28 18:17:16 | 000,017,147 | ---- | M] () -- C:\Users\Igel\Documents\Speyer endgültig.ods
[2012/02/28 15:14:49 | 000,228,336 | ---- | M] () -- C:\Users\Igel\Documents\UC_diploma.jpg
[2012/02/28 15:14:29 | 001,134,978 | ---- | M] () -- C:\Users\Igel\Documents\UC_back.jpg
[2012/02/28 15:14:11 | 001,221,943 | ---- | M] () -- C:\Users\Igel\Documents\UC_face.jpg
[2012/02/28 14:40:49 | 000,213,142 | ---- | M] () -- C:\Users\Igel\Documents\dap-bewerbungsbogen-2010.pdf
[2012/02/28 13:50:33 | 000,081,759 | ---- | M] () -- C:\Users\Igel\Documents\Curriculum.pdf
[2012/02/28 13:50:23 | 000,083,501 | ---- | M] () -- C:\Users\Igel\Documents\Lebenslauf.pdf
[2012/02/28 13:40:24 | 000,018,530 | ---- | M] () -- C:\Users\Igel\Documents\Lebenslauf.odt
[2012/02/28 13:33:46 | 000,020,407 | ---- | M] () -- C:\Users\Igel\Documents\Curriculum.odt
[2012/02/28 08:56:48 | 002,311,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/02/28 08:48:57 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/02/28 08:48:36 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/02/28 08:45:47 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/02/28 08:43:16 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/02/28 08:39:50 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/02/28 03:11:21 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/02/28 03:09:51 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/02/28 03:06:48 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/02/28 03:03:31 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/02/28 02:59:59 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/02/22 17:59:48 | 000,029,039 | ---- | M] () -- C:\Users\Igel\Desktop\dap-checkliste-2011.pdf
[2012/02/15 12:53:50 | 000,020,126 | ---- | M] () -- C:\Users\Igel\Documents\Autoklage.odt
[2012/02/15 08:27:54 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/02/15 07:44:57 | 000,826,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/02/14 20:10:04 | 000,008,297 | ---- | M] () -- C:\Users\Igel\Documents\Kalks.ods
[2012/02/14 18:12:10 | 000,021,697 | ---- | M] () -- C:\Users\Igel\Documents\Reiseklage.odt
[2012/02/14 01:41:28 | 000,021,609 | ---- | M] () -- C:\Users\Igel\Documents\Pferdeklage.odt
[2012/02/13 17:08:44 | 000,010,158 | ---- | M] () -- C:\Users\Igel\Documents\Pferdeklage.ods
[2012/02/10 08:18:10 | 001,541,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/02/10 08:17:55 | 001,837,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2012/02/10 08:17:54 | 000,902,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2012/02/10 08:17:54 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2012/02/10 08:17:54 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2012/02/08 16:56:31 | 000,532,394 | ---- | M] () -- C:\Users\Igel\Desktop\linienplan_schnellverkehr_2012.pdf
[2012/02/08 16:52:56 | 000,306,424 | ---- | M] () -- C:\Users\Igel\Desktop\MDB69859-nrw_sbahnkoelnrheinruhr_liniennetz.pdf
[2012/02/06 23:20:19 | 000,036,412 | ---- | M] () -- C:\Users\Igel\Documents\BRRecht 2-2012.odt
[2012/02/04 16:18:16 | 000,018,750 | ---- | M] () -- C:\Users\Igel\Documents\BRR 2-2012 Linkliste.odt
[2012/02/04 13:02:58 | 260,071,347 | ---- | M] () -- C:\Users\Igel\Desktop\WeTransfer-qtmYcPkR.zip
 
========== Files Created - No Company Name ==========
 
[2012/05/04 10:55:55 | 000,000,710 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/05/04 01:30:33 | 000,017,408 | ---- | C] () -- C:\Users\Igel\AppData\Local\WebpageIcons.db
[2012/04/29 19:38:48 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/04/29 19:38:18 | 001,526,976 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/04/24 21:05:10 | 000,001,770 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/04/24 21:05:10 | 000,001,762 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2012/04/24 21:05:10 | 000,001,750 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/04/22 22:33:05 | 000,157,419 | ---- | C] () -- C:\Users\Igel\Desktop\20120628_***_8KZLP8.pdf
[2012/04/17 13:14:56 | 000,018,485 | ---- | C] () -- C:\Users\Igel\Documents\U-Bahn Ruhr Var.odt
[2012/04/17 12:33:51 | 000,011,653 | ---- | C] () -- C:\Users\Igel\Documents\U-Bahn Ruhr.odt
[2012/04/16 18:57:45 | 000,001,637 | ---- | C] () -- C:\Users\Public\Desktop\Google SketchUp 8.lnk
[2012/04/16 17:58:28 | 000,001,445 | ---- | C] () -- C:\Users\Igel\Desktop\Internet Explorer.lnk
[2012/04/16 14:42:37 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/04/16 14:42:36 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/04/15 23:54:24 | 000,390,997 | ---- | C] () -- C:\Users\Igel\Desktop\Application_***.pdf
[2012/04/15 19:55:26 | 000,001,847 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2012/04/15 19:55:26 | 000,001,835 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2012/04/13 21:15:35 | 087,227,952 | ---- | C] () -- C:\Users\Igel\Desktop\avira_free_antivirus_de.exe
[2012/04/13 18:21:26 | 000,028,270 | ---- | C] () -- C:\Users\Igel\Documents\RGutachten 249-12.odt
[2012/04/10 11:37:52 | 000,024,658 | ---- | C] () -- C:\Users\Igel\Documents\RGutachten 3_C_127-12.odt
[2012/04/09 23:46:39 | 000,023,447 | ---- | C] () -- C:\Users\Igel\Documents\Klauselerinnerungserwiderung ***.odt
[2012/04/08 22:59:37 | 000,015,193 | ---- | C] () -- C:\Users\Igel\Documents\GuV Speyernparty.ods
[2012/04/02 00:04:04 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/03/27 23:28:16 | 000,003,294 | ---- | C] () -- C:\Users\Igel\.recently-used.xbel
[2012/03/26 19:49:50 | 000,014,167 | ---- | C] () -- C:\Users\Igel\Documents\Kuendigung Wohnung.odt
[2012/03/26 19:27:54 | 000,017,185 | ---- | C] () -- C:\Users\Igel\Documents\Kuendigung Vodafone Festnetz.odt
[2012/03/26 10:04:49 | 000,022,275 | ---- | C] () -- C:\Users\Igel\Documents\Anschreiben FHDO.odt
[2012/03/26 09:29:49 | 005,433,351 | ---- | C] () -- C:\Users\Igel\Desktop\dortmund.pdf
[2012/03/26 09:26:40 | 000,008,713 | ---- | C] () -- C:\Users\Igel\Desktop\Groll.odt
[2012/03/08 08:00:39 | 000,000,354 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForHEDGEHOGSPLACE$.job
[2012/03/05 23:12:21 | 000,053,247 | ---- | C] () -- C:\Users\Igel\Desktop\Magisterarbeit_Teil_Otherness_(2).odt
[2012/03/02 17:55:27 | 000,018,054 | ---- | C] () -- C:\Users\Igel\Documents\Anschreiben Formblatt.odt
[2012/03/01 02:40:43 | 001,666,052 | ---- | C] () -- C:\Users\Igel\Desktop\Amtrak_System0211_101web.pdf
[2012/02/29 14:14:26 | 000,026,280 | ---- | C] () -- C:\Users\Igel\Documents\Klageschrift 364-11.odt
[2012/02/28 15:20:36 | 000,008,614 | ---- | C] () -- C:\Users\Igel\Documents\spanische noten.ods
[2012/02/28 15:14:49 | 000,228,336 | ---- | C] () -- C:\Users\Igel\Documents\UC_diploma.jpg
[2012/02/28 15:14:29 | 001,134,978 | ---- | C] () -- C:\Users\Igel\Documents\UC_back.jpg
[2012/02/28 15:14:11 | 001,221,943 | ---- | C] () -- C:\Users\Igel\Documents\UC_face.jpg
[2012/02/28 13:49:10 | 000,213,142 | ---- | C] () -- C:\Users\Igel\Documents\dap-bewerbungsbogen-2010.pdf
[2012/02/22 19:02:39 | 000,029,039 | ---- | C] () -- C:\Users\Igel\Desktop\dap-checkliste-2011.pdf
[2012/02/14 20:10:03 | 000,008,297 | ---- | C] () -- C:\Users\Igel\Documents\Kalks.ods
[2012/02/14 18:38:26 | 000,020,126 | ---- | C] () -- C:\Users\Igel\Documents\Autoklage.odt
[2012/02/14 15:20:18 | 000,021,697 | ---- | C] () -- C:\Users\Igel\Documents\Reiseklage.odt
[2012/02/13 17:08:43 | 000,010,158 | ---- | C] () -- C:\Users\Igel\Documents\Pferdeklage.ods
[2012/02/08 22:30:59 | 000,021,609 | ---- | C] () -- C:\Users\Igel\Documents\Pferdeklage.odt
[2012/02/08 17:05:31 | 000,306,424 | ---- | C] () -- C:\Users\Igel\Desktop\MDB69859-nrw_sbahnkoelnrheinruhr_liniennetz.pdf
[2012/02/08 17:05:11 | 000,532,394 | ---- | C] () -- C:\Users\Igel\Desktop\linienplan_schnellverkehr_2012.pdf
[2012/02/06 13:32:52 | 000,036,412 | ---- | C] () -- C:\Users\Igel\Documents\BRRecht 2-2012.odt
[2012/02/04 16:18:14 | 000,018,750 | ---- | C] () -- C:\Users\Igel\Documents\BRR 2-2012 Linkliste.odt
[2012/02/04 12:54:28 | 260,071,347 | ---- | C] () -- C:\Users\Igel\Desktop\WeTransfer-qtmYcPkR.zip
[2011/09/08 15:35:31 | 000,001,854 | ---- | C] () -- C:\Users\Igel\AppData\Roaming\GhostObjGAFix.xml
[2011/05/03 18:54:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/12/09 05:25:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/11/10 03:45:32 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2010/11/10 03:45:30 | 010,871,128 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2010/11/10 03:45:20 | 000,316,248 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010/10/17 06:27:52 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010/10/17 06:27:52 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/10/17 06:27:52 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/10/17 06:27:52 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010/10/17 06:27:52 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010/10/17 05:53:51 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010/09/28 15:00:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
 
========== LOP Check ==========
 
[2012/02/04 13:13:19 | 000,000,000 | ---D | M] -- C:\Users\Igel\AppData\Roaming\BitZipper
[2011/05/30 10:39:11 | 000,000,000 | ---D | M] -- C:\Users\Igel\AppData\Roaming\elsterformular
[2012/02/28 20:37:48 | 000,000,000 | ---D | M] -- C:\Users\Igel\AppData\Roaming\gtk-2.0
[2010/12/13 00:33:41 | 000,000,000 | ---D | M] -- C:\Users\Igel\AppData\Roaming\OpenOffice.org
[2012/04/15 19:55:28 | 000,000,000 | ---D | M] -- C:\Users\Igel\AppData\Roaming\Opera
[2010/12/08 20:39:48 | 000,000,000 | ---D | M] -- C:\Users\Igel\AppData\Roaming\PictureMover
[2012/04/24 21:04:59 | 000,000,000 | ---D | M] -- C:\Users\Igel\AppData\Roaming\TuneUp Software
[2010/12/13 00:00:06 | 000,000,000 | ---D | M] -- C:\Users\Igel\AppData\Roaming\WinBatch
[2012/04/02 06:46:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---


Wenn mir jemand helfen kann, so melde er sich hier bitte.

Euer
Suche

Okay, Update:

Nach einigem hin und her habe ich nun die hosts-Datei im etc-Ordner editiert, sprich: Alles daraus gelöscht, was mir nicht sauber vorkam.

Das Problem scheint gelöst zu sein; da meine Nerd-Eigenschaft aber von mancher Seite schon angezweifelt wurde, kann ich natürlich nicht garantieren, dass dies auch der Fall ist und ich nicht bloß an irgendwelchen Symptomen herumgedoktort habe.

Bevor ich also eine Anleitung hier gebe, wie mein Vorgehen genau aussah, bitte ich zunächst einen Admin um Stellungnahme zu meinen Zweifeln.

Vielen Dank und stay cool!
Euer
Suche
Angehängte Dateien
Dateityp: txt mbam-log-2012-05-04 (10-58-50).txt (2,1 KB, 171x aufgerufen)
Dateityp: txt Extras.Txt (53,7 KB, 186x aufgerufen)

Alt 05.05.2012, 00:51   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitungen und ,,Recommended for you"-Popups - Standard

Weiterleitungen und ,,Recommended for you"-Popups



Zitat:
Okay, Update:

Nach einigem hin und her habe ich nun die hosts-Datei im etc-Ordner editiert, sprich: Alles daraus gelöscht, was mir nicht sauber vorkam.
Naja nicht alles ist direkt ein Malwareproblem. Es kommt v.a. darauf an, was denn nun GENAU in der hostsfile stand. Das weißt du wohl nicht mehr oder?
__________________

__________________

Alt 05.05.2012, 01:55   #3
Suche Hilfe
 
Weiterleitungen und ,,Recommended for you"-Popups - Standard

Weiterleitungen und ,,Recommended for you"-Popups



Der jetzige Inhalt meiner hosts-Datei lautet:

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
::1 localhost

In den Zeilen darunter stand noch:

68.168.222.226 www.google-analytics.com
68.168.222.226 ad-emea.doubleclick.net
68.168.222.226 www.statcounter.com
108.163.215.51 www.google-analytics.com
108.163.215.51 ad-emea.doubleclick.net
108.163.215.51 www.statcounter.com

Jene sechs Zeilen habe ich gelöscht.
__________________

Alt 06.05.2012, 19:01   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Weiterleitungen und ,,Recommended for you"-Popups - Standard

Weiterleitungen und ,,Recommended for you"-Popups



Diese ganzen Werbebanner-Domains kannst du aussperren => Blocking Unwanted Parasites with a Hosts File
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Weiterleitungen und ,,Recommended for you"-Popups
adobe, antivirus, autorun, avira, bho, bingbar, browser, defender, document, explorer, firefox, flash player, format, helper, home, hosts-datei, kaspersky, logfile, moved, object, popup, realtek, registry, scan, searchscopes, security, security scan, sketchup, software, symantec, trojaner-board, version=1.0, vodafone, weiterleitung, weiße seite, windows, öffnet



Ähnliche Themen: Weiterleitungen und ,,Recommended for you"-Popups


  1. Trotz allgemeiner Handlungsschritte immer noch Werbung, PopUps und Weiterleitungen
    Log-Analyse und Auswertung - 09.09.2015 (14)
  2. Immediate PC Scan Recommended entfernen
    Anleitungen, FAQs & Links - 21.08.2015 (2)
  3. "Digital More Ads" Popups fluten meinen Browser trotz Adblocker
    Log-Analyse und Auswertung - 20.05.2015 (9)
  4. 12 Weiterleitungen bei "tracert" Eingabe über cmd.exe
    Log-Analyse und Auswertung - 27.11.2014 (5)
  5. Java Recommended entfernen
    Anleitungen, FAQs & Links - 24.08.2014 (2)
  6. Windows 7: Popups, unerwünschte Seiten, unerwünschte Weiterleitungen bei Internetnutzung
    Log-Analyse und Auswertung - 11.04.2014 (13)
  7. "This is a Recommended download" entfernen
    Anleitungen, FAQs & Links - 12.01.2014 (2)
  8. Unerwünschte Popups "Hole Media Player" bei Firefox-Anwendung
    Log-Analyse und Auswertung - 05.01.2014 (7)
  9. windows 7 - programme schließen nicht, surfen unmöglich wegen ständigen Popups und Weiterleitungen, lange Ladezeiten der Programme -Virus?
    Plagegeister aller Art und deren Bekämpfung - 22.12.2013 (9)
  10. "Antiviren Werbung" "Langsamer PC" "PC stürzt ab" Banner und Popups beim surfen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (28)
  11. Fake-Popups zu "survey-central.deadlyblessing" öffnen sich
    Plagegeister aller Art und deren Bekämpfung - 03.08.2013 (16)
  12. Chitka Popups/ falsche Weiterleitungen
    Log-Analyse und Auswertung - 16.04.2013 (9)
  13. Popups, Weiterleitungen auf andere Webseiten, falscher Zeichensatz
    Plagegeister aller Art und deren Bekämpfung - 17.02.2010 (6)
  14. IE8 - Popups nach install von "Keygen.Exterminate.It!.1.68.02.03.45057.exe"
    Log-Analyse und Auswertung - 11.02.2010 (3)
  15. Weiterleitungen und Popups Im IE
    Log-Analyse und Auswertung - 18.02.2009 (3)
  16. Recommended Hotfix/SED.exe Bitte um Hilfe
    Log-Analyse und Auswertung - 15.12.2004 (2)
  17. Brauche Hilfe, wenn möglich schnell, "Only the best" popups
    Log-Analyse und Auswertung - 23.10.2004 (2)

Zum Thema Weiterleitungen und ,,Recommended for you"-Popups - Liebes Trojaner-Board, seit kurzem habe ich Probleme mit meinem Internetbrowser, egal, welchen ich verwende. Häufiger kommt es vor, dass beim klicken auf einen Link nicht die gewünschte Seite öffnet, sondern - Weiterleitungen und ,,Recommended for you"-Popups...
Archiv
Du betrachtest: Weiterleitungen und ,,Recommended for you"-Popups auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.