Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.11.2012, 21:20   #1
Spades
 
Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste) - Standard

Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste)



Hallo allerseits,

erstmal: Toll, dass es so ein Forum gibt!

Vor zwei Tagen habe ich Abends festgestellt, dass sich in Firefox bei Klicks auf einen beliebigen Link in einem neuen Tab eine Unterseite der Domain iminent.com öffnete, auch wenn das natürlich nicht das eigentliche Ziel des Links war.

Der genaue Link war hxxp://de.iminent.com/LandingDirect/348/texteffects?refid=348&SourceId=355&CreativeId=17618502&LineItemId=5400510&PublisherId=780266&SectionId=1095&ym=00009725a7a016da243b8a9aad57a08ea3814

Die Suche in diversen Foren ergab, dass es mit Iminent (kenne ich überhaupt nicht) häufiger Probleme gibt: Meistens fand ich allerdings nur Hinweise auf eine installierte Toolbar, die Google als Standardsuchmaschine überschrieb. Mein Fehler tauchte nicht auf. Daher habe ich erstmal Malwarebytes und Avast laufen lassen, aber es kamen keine wirklichen Ergebnisse.

Zwei Tage nachdem die Probleme aufgetaucht waren, bin ich jetzt wieder am selben Rechner. Und siehe da: Keine Umleitungen mehr! Jetzt frage ich mich natürlich die klassischen Fragen:
  1. Was war das?
  2. Ist es weg?

Ich habe (hoffentlich) korrekt alle Logfiles erstellt und hier angehängt. Würde mich sehr freuen, wenn von Euch mal jemand schauen könnte, ob noch was verdächtiges drin hängt (würde mich nicht wundern - PC läuft schon seit zwei Jahren ohne größere Scans).

Vielen Dank schonmal im Voraus für die Mühen!

PS: OTL gab mir nur eine OTL.txt, keine EXTRAS.txt. Keine Ahnung, was da schiefgelaufen ist. Eine Fehlermeldung kam nicht. Außerdem ist die OTL.txt zu groß, deshalb hier als Code:

OTL.txt
Code:
ATTFilter
OTL logfile created on: 11/8/2012 8:21:19 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Besitzer\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.25 Gb Total Physical Memory | 2.67 Gb Available Physical Memory | 82.23% Memory free
7.09 Gb Paging File | 6.69 Gb Available in Paging File | 94.45% Paging File free
Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97.65 Gb Total Space | 14.25 Gb Free Space | 14.60% Space Free | Partition Type: NTFS
Drive D: | 195.31 Gb Total Space | 11.16 Gb Free Space | 5.72% Space Free | Partition Type: NTFS
Drive E: | 172.79 Gb Total Space | 1.23 Gb Free Space | 0.71% Space Free | Partition Type: NTFS
 
Computer Name: REAKZZ | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Documents and Settings\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - E:\Games\Tribes\HiPatchService.exe (Hi-Rez Studios)
PRC - C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
PRC - C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Logitech, Inc.)
PRC - C:\WINDOWS\system32\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\system32\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\WINDOWS\tsnpstd3.exe ()
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\FixCamera.exe ()
PRC - C:\WINDOWS\vsnpstd3.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files\AVAST Software\Avast\defs\12110800\algo.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll ()
MOD - C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll ()
MOD - C:\Program Files\TeraCopy\TeraCopy.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
MOD - C:\WINDOWS\tsnpstd3.exe ()
MOD - C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe ()
MOD - C:\Program Files\ASUS\EPU-4 Engine\AsSpindownTimeout.dll ()
MOD - C:\WINDOWS\FixCamera.exe ()
MOD - C:\WINDOWS\vsnpstd3.exe ()
MOD - C:\WINDOWS\CTXFIGER.DLL ()
MOD - C:\WINDOWS\system32\AsIO.dll ()
MOD - C:\Program Files\ASUS\EPU-4 Engine\pngio.dll ()
MOD - C:\WINDOWS\system32\pdfcmnnt.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TunngleService) -- C:\Program Files\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre7\bin\jqs.exe (Oracle Corporation)
SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (HiPatchService) -- E:\Games\Tribes\HiPatchService.exe (Hi-Rez Studios)
SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (UMVPFSrv) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (LBTServ) -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (NMSAccess) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe ()
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (DAUpdaterSvc) -- E:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (SandraAgentSrv) -- C:\Program Files\SiSoftware Sandra Lite 2009.SP4\RpcAgentSrv.exe (SiSoftware)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (ZSMC0305) -- System32\Drivers\usbVM305.sys File not found
DRV - (WDICA) --  File not found
DRV - (rt2870) -- system32\DRIVERS\rt2870.sys File not found
DRV - (PDRFRAME) --  File not found
DRV - (PDRELI) --  File not found
DRV - (PDFRAME) --  File not found
DRV - (PDCOMP) --  File not found
DRV - (PCIDump) --  File not found
DRV - (lbrtfdc) --  File not found
DRV - (i2omgmt) --  File not found
DRV - (FilterService) -- system32\DRIVERS\lvuvcflt.sys File not found
DRV - (Changer) --  File not found
DRV - (aswSnx) -- C:\WINDOWS\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\WINDOWS\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\WINDOWS\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\WINDOWS\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMon2) -- C:\WINDOWS\System32\drivers\aswmon2.sys (AVAST Software)
DRV - (Aavmker4) -- C:\WINDOWS\System32\drivers\aavmker4.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (LVUVC) -- C:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (IntcAzAudAddService) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.)
DRV - (ACEDRV06) -- C:\WINDOWS\system32\drivers\ACEDRV06.sys (Protect Software GmbH)
DRV - (tbhsd) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (ha20x2k) -- C:\WINDOWS\system32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV - (emupia) -- C:\WINDOWS\system32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV - (ctsfm2k) -- C:\WINDOWS\system32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV - (ctprxy2k) -- C:\WINDOWS\system32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV - (ossrv) -- C:\WINDOWS\system32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV - (ctdvda2k) -- C:\WINDOWS\system32\drivers\ctdvda2k.sys (Creative Technology Ltd)
DRV - (ctaud2k) -- C:\WINDOWS\system32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV - (ctac32k) -- C:\WINDOWS\system32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV - (CTEXFIFX.SYS) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTEXFIFX) -- C:\WINDOWS\system32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV - (CTHWIUT.SYS) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CTHWIUT) -- C:\WINDOWS\system32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT.SYS) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (CT20XUT) -- C:\WINDOWS\system32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV - (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (LUsbFilt) -- C:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouKE) -- C:\WINDOWS\system32\drivers\LMouKE.Sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (LBeepKE) -- C:\WINDOWS\system32\drivers\LBeepKE.sys (Logitech, Inc.)
DRV - (L8042mou) -- C:\WINDOWS\system32\drivers\L8042mou.Sys (Logitech, Inc.)
DRV - (L8042Kbd) -- C:\WINDOWS\system32\drivers\L8042Kbd.sys (Logitech, Inc.)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (taphss) -- C:\WINDOWS\system32\drivers\taphss.sys (AnchorFree Inc)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (Monfilt) -- C:\WINDOWS\system32\drivers\Monfilt.sys (Creative Technology Ltd.)
DRV - (Ambfilt) -- C:\WINDOWS\system32\drivers\Ambfilt.sys (Creative)
DRV - (StarOpen) -- C:\WINDOWS\System32\drivers\StarOpen.sys ()
DRV - (L1e) -- C:\WINDOWS\system32\drivers\l1e51x86.sys (Atheros Communications, Inc.)
DRV - (tap0901t) -- C:\WINDOWS\system32\drivers\tap0901t.sys (Tunngle.net)
DRV - (SANDRA) -- C:\Program Files\SiSoftware Sandra Lite 2009.SP4\WNt500x86\sandra.sys (SiSoftware)
DRV - (mv61xx) -- C:\WINDOWS\system32\drivers\mv61xx.sys (Marvell Semiconductor, Inc.)
DRV - (acedrv11) -- C:\WINDOWS\system32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (mrdd) -- C:\WINDOWS\system32\drivers\mrdd.sys (Marvell Semiconductor, Inc.)
DRV - (AsIO) -- C:\WINDOWS\system32\drivers\AsIO.sys ()
DRV - (FWLANUSB) -- C:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (avmeject) -- C:\WINDOWS\system32\drivers\avmeject.sys (AVM Berlin)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (SynasUSB) -- C:\WINDOWS\system32\drivers\synasUSB.sys (SIA Syncrosoft)
DRV - (WPN111) -- C:\WINDOWS\system32\drivers\WPN111.sys (NETGEAR, Inc.)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
DRV - (DNINDIS5) -- C:\WINDOWS\system32\DNINDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1220945662-1383384898-682003330-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1220945662-1383384898-682003330-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1220945662-1383384898-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1220945662-1383384898-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.145
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Besitzer\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/01/09 20:09:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/11/05 20:58:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/28 18:39:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/11/01 21:14:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2012/11/01 21:14:29 | 000,000,000 | ---D | M]
 
[2012/01/09 23:22:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Besitzer\Application Data\Mozilla\Extensions
[2012/11/08 20:11:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Besitzer\Application Data\Mozilla\Firefox\Profiles\k11zvts9.default\extensions
[2012/10/28 18:39:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/09 20:09:33 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2009/12/18 03:00:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2012/10/28 18:39:26 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/09/12 17:24:55 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/09/12 17:24:55 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/12 17:24:55 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/09/12 17:24:55 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/09/12 17:24:55 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/09/12 17:24:55 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.spon.de/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.spon.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.79\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.79\gears.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Unity Player (Enabled) = C:\Documents and Settings\Besitzer\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: AT_JamesWhite = C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0\
CHR - Extension: avast! WebRep = C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Besitzer\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
 
O1 HOSTS File: ([2011/08/08 20:32:18 | 000,000,812 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1       activate.adobe.com         #phone-home von adobe unterbinden
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-1220945662-1383384898-682003330-1003\..\Toolbar\WebBrowser: (Gutscheinmieze) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - C:\Documents and Settings\Besitzer\Application Data\Gutscheinmieze\toolbar.dll File not found
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTxfiHlp] C:\WINDOWS\System32\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [Six Engine] C:\Program Files\ASUS\EPU-4 Engine\FourEngine.exe ()
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe ()
O4 - HKLM..\Run: [Tweak UI 1.33 deutsch] C:\WINDOWS\System32\TWEAKUI.CPL (Brummelchen@gmx.at)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1220945662-1383384898-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1220945662-1383384898-682003330-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D9097D0-566B-4FFD-91DA-76146E74E487}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FCE933F6-3900-4E5A-92EF-53B268ADA3B2}: DhcpNameServer = 192.168.10.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\Besitzer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Besitzer\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/14 13:41:47 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{171b7e5b-ff21-11de-8b72-0023542553c9}\Shell - "" = AutoRun
O33 - MountPoints2\{171b7e5b-ff21-11de-8b72-0023542553c9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{171b7e5b-ff21-11de-8b72-0023542553c9}\Shell\AutoRun\command - "" = H:\pushinst.exe
O33 - MountPoints2\{d989b093-bdb6-11df-8bf2-0023542553c9}\Shell\AutoRun\command - "" = N:\wd_windows_tools\WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/11/06 01:11:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Wise PC Doctor
[2012/11/06 01:11:52 | 000,000,000 | ---D | C] -- C:\Program Files\Wise PC Doctor
[2012/11/06 00:56:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Besitzer\Desktop\OTL.exe
[2012/11/06 00:54:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Besitzer\Application Data\Malwarebytes
[2012/11/06 00:54:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/11/06 00:54:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012/11/06 00:54:49 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/11/06 00:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/11/06 00:47:29 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/11/06 00:47:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Besitzer\Start Menu\Programs\Revo Uninstaller
[2012/11/06 00:33:05 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/11/01 21:14:27 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2012/10/28 18:55:33 | 000,027,136 | ---- | C] (Tunngle.net) -- C:\WINDOWS\System32\drivers\tap0901t.sys
[2012/10/28 18:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Besitzer\My Documents\Tunngle
[2012/10/28 18:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Besitzer\Application Data\Tunngle
[2012/10/28 18:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Tunngle
[2012/10/28 18:55:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2012/10/28 18:55:32 | 000,000,000 | ---D | C] -- C:\Program Files\Tunngle
[2012/10/28 18:55:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\Tunngle
[2012/10/28 18:39:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/28 18:24:44 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/10/28 17:45:41 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2012/10/28 17:45:19 | 005,947,392 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvopencl.dll
[2012/10/28 17:45:19 | 001,009,512 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispco32.dll
[2012/10/28 17:45:19 | 000,888,168 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvdispgenco32.dll
[2012/10/28 17:45:18 | 017,551,360 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvcompiler.dll
[2012/10/28 17:33:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NVIDIA
[2012/10/24 23:41:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Besitzer\Desktop\backups
[2012/10/13 16:40:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2012/10/13 16:39:44 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/10/13 16:39:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/10/13 16:28:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2012/10/13 16:28:23 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/11/08 20:14:30 | 000,494,342 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/11/08 20:14:30 | 000,084,760 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/11/08 20:14:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/11/08 20:10:14 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/11/08 20:09:35 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/11/08 20:09:23 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/11/08 20:09:20 | 3488,657,408 | -HS- | M] () -- C:\hiberfil.sys
[2012/11/08 20:09:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\lvuvc.hs
[2012/11/08 20:08:09 | 000,054,400 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx
[2012/11/08 20:08:09 | 000,054,400 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx
[2012/11/08 20:08:09 | 000,000,788 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000005-00000000-00000002-00001102-00000005-00311102}.rfx
[2012/11/08 20:07:51 | 000,000,176 | ---- | M] () -- C:\Documents and Settings\Besitzer\defogger_reenable
[2012/11/08 20:05:04 | 000,000,990 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1383384898-682003330-1003UA.job
[2012/11/06 00:59:06 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/11/06 00:56:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Besitzer\Desktop\OTL.exe
[2012/11/06 00:47:29 | 000,000,917 | ---- | M] () -- C:\Documents and Settings\Besitzer\Desktop\Revo Uninstaller.lnk
[2012/11/06 00:31:09 | 000,158,653 | ---- | M] () -- C:\Documents and Settings\Besitzer\Desktop\20121106003108.pdf
[2012/11/06 00:30:27 | 000,158,658 | ---- | M] () -- C:\Documents and Settings\Besitzer\Desktop\20121106003027.pdf
[2012/11/06 00:29:19 | 000,163,443 | ---- | M] () -- C:\Documents and Settings\Besitzer\Desktop\20121106002918.pdf
[2012/11/06 00:02:20 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/11/05 22:05:00 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1220945662-1383384898-682003330-1003Core.job
[2012/11/05 20:58:11 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/11/04 13:22:01 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2012/11/01 18:51:10 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\Access.dat
[2012/10/30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/10/30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/10/30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/10/30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/10/30 23:51:57 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/10/30 23:51:57 | 000,089,752 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/10/30 23:51:56 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/10/30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/10/30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/10/30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/10/30 13:33:16 | 000,000,223 | RHS- | M] () -- C:\boot.ini
[2012/10/28 19:31:09 | 003,622,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/10/28 18:55:33 | 000,000,666 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Tunngle beta.lnk
[2012/10/28 17:45:40 | 001,101,436 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/10/28 17:45:40 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/10/28 17:45:37 | 001,101,436 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/10/28 17:45:37 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012/10/28 16:12:39 | 000,254,095 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012/10/27 15:53:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/10/27 01:00:00 | 000,000,348 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-REAKZZ-Besitzer.job
[2012/10/15 23:19:43 | 000,467,307 | ---- | M] () -- C:\Documents and Settings\Besitzer\Desktop\Ticket Bahn Weihnachten.pdf
[2012/10/14 16:40:12 | 000,000,862 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Müller Foto.lnk
[2012/10/13 16:40:33 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/10/13 16:28:41 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/10/12 10:06:41 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\Besitzer\Desktop\Google Chrome.lnk
[2012/10/12 10:06:41 | 000,002,287 | ---- | M] () -- C:\Documents and Settings\Besitzer\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/10/11 11:37:11 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\Documents and Settings\All Users\Application Data\*.tmp files -> C:\Documents and Settings\All Users\Application Data\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/11/08 20:07:41 | 000,000,176 | ---- | C] () -- C:\Documents and Settings\Besitzer\defogger_reenable
[2012/11/08 20:03:20 | 3488,657,408 | -HS- | C] () -- C:\hiberfil.sys
[2012/11/06 00:54:50 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/11/06 00:47:29 | 000,000,917 | ---- | C] () -- C:\Documents and Settings\Besitzer\Desktop\Revo Uninstaller.lnk
[2012/11/06 00:31:08 | 000,158,653 | ---- | C] () -- C:\Documents and Settings\Besitzer\Desktop\20121106003108.pdf
[2012/11/06 00:30:27 | 000,158,658 | ---- | C] () -- C:\Documents and Settings\Besitzer\Desktop\20121106003027.pdf
[2012/11/06 00:29:19 | 000,163,443 | ---- | C] () -- C:\Documents and Settings\Besitzer\Desktop\20121106002918.pdf
[2012/11/01 18:49:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2012/10/28 18:55:33 | 000,000,666 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Tunngle beta.lnk
[2012/10/28 17:45:37 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/10/28 17:45:37 | 001,101,436 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/10/28 17:45:37 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/10/28 17:45:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012/10/28 17:45:19 | 002,811,988 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/10/28 17:45:19 | 000,012,210 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2012/10/15 23:19:43 | 000,467,307 | ---- | C] () -- C:\Documents and Settings\Besitzer\Desktop\Ticket Bahn Weihnachten.pdf
[2012/10/13 16:40:33 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2012/10/13 16:28:41 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2012/10/01 23:16:46 | 000,961,654 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1220945662-1383384898-682003330-1003-0.dat
[2012/09/29 16:16:49 | 000,453,086 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/09/05 20:52:57 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Besitzer\Application Data\Adobe PNG Format CS5 Prefs
[2012/08/26 15:20:58 | 000,000,874 | ---- | C] () -- C:\Documents and Settings\Besitzer\Application Data\SquadManagerOptions.xml
[2012/08/05 10:33:50 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\Besitzer\.recently-used.xbel
[2012/05/08 19:22:32 | 000,835,584 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2012/05/08 19:22:31 | 000,356,352 | ---- | C] () -- C:\WINDOWS\tsnpstd3.exe
[2012/05/08 19:22:31 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2012/05/08 19:22:28 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2012/05/08 19:22:28 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2012/05/08 19:22:28 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2012/05/08 19:22:28 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[2012/02/17 16:01:19 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/18 07:44:00 | 010,920,984 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2012/01/18 07:44:00 | 000,336,408 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2012/01/18 07:44:00 | 000,104,472 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2012/01/08 19:13:25 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2011/11/17 02:40:38 | 000,028,418 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2011/10/24 12:09:14 | 000,000,042 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2011/10/24 11:21:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcreg.dat
[2011/10/24 11:21:26 | 000,000,000 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011/10/24 11:11:50 | 000,000,231 | ---- | C] () -- C:\WINDOWS\cncscore.ini
[2011/09/07 23:41:18 | 000,000,032 | R--- | C] () -- C:\Documents and Settings\All Users\hash.dat
[2011/08/18 18:19:09 | 000,004,505 | ---- | C] () -- C:\Documents and Settings\Besitzer\.heldEinstellungen4_1.xml
[2011/08/18 18:19:09 | 000,000,292 | ---- | C] () -- C:\Documents and Settings\Besitzer\.dsa4.properties
[2011/08/12 11:20:14 | 000,015,896 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2011/08/09 18:55:26 | 000,002,892 | ---- | C] () -- C:\WINDOWS\System32\audcon.sys
[2011/08/08 21:29:22 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\Besitzer\Local Settings\Application Data\Adobe Für Web speichern 12.0 Prefs
[2011/03/30 18:49:30 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2011/02/12 13:24:43 | 000,020,480 | ---- | C] () -- C:\WINDOWS\FixCamera.exe
[2010/12/13 21:55:41 | 000,000,072 | ---- | C] () -- C:\Documents and Settings\Besitzer\.gtk-bookmarks
[2010/09/10 20:27:20 | 000,000,440 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2010/09/01 19:24:07 | 000,308,072 | ---- | C] () -- C:\Documents and Settings\Besitzer\Application Data\mdbu.bin
[2009/11/23 13:27:38 | 011,808,768 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sandra.mda
[2009/11/14 16:38:54 | 000,232,960 | ---- | C] () -- C:\Documents and Settings\Besitzer\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/12/17 08:07:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/08/30 21:29:36 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 13:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012/10/13 16:40:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2011/07/16 12:54:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2010/07/28 09:54:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVM
[2012/05/15 01:22:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Battle.net
[2011/06/06 17:30:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2012/09/16 20:51:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2010/09/26 10:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2010/07/28 10:07:40 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonIJScan
[2009/12/03 18:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2012/01/10 22:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EA Core
[2012/01/10 22:49:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2010/10/21 16:54:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fallout3
[2012/09/12 19:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hi-Rez Studios
[2010/09/01 19:03:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Lidl_Fotos
[2010/03/20 14:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2010/11/29 12:09:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RapidSolution
[2011/08/08 20:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/01/10 22:23:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
[2011/08/09 18:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Syncrosoft
[2011/01/27 16:05:51 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\System Restore
[2012/10/14 20:46:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\tmp
[2012/11/01 18:48:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2010/03/18 17:21:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VirtualizedApplications
[2010/10/29 15:13:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012/02/10 23:26:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Amazon
[2012/06/08 17:21:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Audacity
[2010/02/09 19:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\AVM
[2010/09/26 10:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Canneverbe Limited
[2010/07/28 10:07:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Canon
[2010/10/29 15:13:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\COWON
[2009/12/03 18:56:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\DAEMON Tools Lite
[2012/01/09 20:10:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\DDMSettings
[2012/02/12 15:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Dropbox
[2010/09/17 17:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\FireShot
[2010/03/19 19:09:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\gnupg
[2012/09/30 17:53:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\gtk-2.0
[2010/07/28 10:15:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\HLSW
[2010/09/10 19:32:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Leadertech
[2010/11/01 16:35:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Miranda
[2010/03/15 16:20:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\NVD
[2010/08/11 10:18:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\OpenOffice.org
[2012/08/15 12:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Oracle
[2010/08/11 13:33:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\ProtectDisc
[2011/07/28 20:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Simfy
[2010/07/28 10:11:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\SoftGrid Client
[2011/10/24 12:12:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\SpinTop
[2011/10/24 12:12:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\SpinTop Games
[2011/08/09 19:40:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Steinberg
[2012/01/08 17:21:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\TeamViewer
[2012/01/09 00:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\temp
[2012/03/11 23:39:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\TeraCopy
[2010/03/18 20:24:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Thunderbird
[2010/03/15 16:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\TP
[2010/11/02 21:08:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Tropico 3
[2012/09/16 20:58:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\TS3Client
[2012/11/01 18:51:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Tunngle
[2011/02/11 16:55:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\Unity
[2012/04/26 19:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Besitzer\Application Data\vitero
 
========== Purity Check ==========
 
 

< End of report >
         
Angehängte Dateien
Dateityp: txt mbam-log-2012-11-08 (20-35-13).txt (2,6 KB, 164x aufgerufen)
Dateityp: log gmer.log (41,0 KB, 147x aufgerufen)

Alt 09.11.2012, 22:17   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste) - Standard

Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste)



Hallo und

Code:
ATTFilter
O1 - Hosts: 127.0.0.1       activate.adobe.com         #phone-home von adobe unterbinden
         
Glaubst du wirklich du kannst mit so einem eher primitiven Eintrag das PhoneHome verhindern?

Was verwendest du Adobe-Software wenn du diesem Unternehmen nicht vertraust? Dass du das Phonehome unterbindest bzw. darüber versuchst du unterbinden spricht ja für sich, aber trotzdem setzt du weiterhin auf diese Software. Ist so als wenn du in deiner Wohnung eine Person reinlässt, du sie für einen Dieb hälst, sie aber nicht rausschmeißt - um den Diebstahl zu verhindern klebst du Zettel auf deinen Schranktüren mit der Beschriftung "Hier sind keine Wertsachen drin"

Wie hast du deine CS5 Installation denn aktiviert wenn du einen Kommunikation zu activate.adobe.com nicht zulassen willst?
__________________

__________________

Alt 10.11.2012, 09:14   #3
Spades
 
Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste) - Standard

Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste)



Hi Cosinus,
danke, dass Du Dir die Sachen angesehen hast. Vor zwei Jahren hatte ich nach nem Adobe Update plötzlich Probleme mit PS. Damals kam ein Kumpel (Informatiker) vorbei und hat mir geholfen - weiß aber auch nicht genau, wie er das gemacht hat. Ist das gefährlich, was Du da gefunden hast? Sollte ich das fixen?
Liebe Grüße
__________________

Alt 11.11.2012, 18:59   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste) - Standard

Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste)



Zitat:
Vor zwei Jahren hatte ich nach nem Adobe Update plötzlich Probleme mit PS.
Weil es wohl keine originale Version war sondern eine gecrackte. Solche Einträge deiner in der Hosts Datei werden immer von gecrackten Varianten dieser Adobe-Software benötigt
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste)
.com, antivirus, asus, avast, besitzer, bho, bonjour, browser, cdburnerxp, down, error, explorer, fehler, fehlermeldung, firefox, flash player, format, frage, google, helper, homepage, iminent, launch, netgear, nvidia, nvidia update, object, realtek, redirect, registry, software, umleitung



Ähnliche Themen: Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste)


  1. Win Xp Umleitung auf Werbeseiten in Firefox
    Log-Analyse und Auswertung - 25.05.2015 (7)
  2. Umleitung nach Klick auf Link in Google Suche
    Log-Analyse und Auswertung - 29.01.2015 (28)
  3. dubiose Umleitung bei file-upolad.net link
    Plagegeister aller Art und deren Bekämpfung - 05.05.2014 (25)
  4. Win 7: Mozilla öffnet keine Seiten: Iminent-Adware/Virus/Toolbar
    Log-Analyse und Auswertung - 18.04.2014 (11)
  5. Firefox Startseite von iminent entfuehrt
    Plagegeister aller Art und deren Bekämpfung - 12.01.2014 (11)
  6. Iminent-Befall im FireFox
    Plagegeister aller Art und deren Bekämpfung - 13.11.2013 (11)
  7. Ebay/Pricerunner Umleitung im Firefox
    Log-Analyse und Auswertung - 15.04.2013 (9)
  8. Nach Facebook-Link Umleitung von Google-Ergebnissen + Mozilla Toolbar mit Sexanzeigen...
    Log-Analyse und Auswertung - 09.01.2012 (7)
  9. svchost frisst arbeitsspeicher, ungewollte umleitung bei klick auf link usw.
    Plagegeister aller Art und deren Bekämpfung - 17.10.2011 (3)
  10. umleitung im firefox! -->Virus?
    Plagegeister aller Art und deren Bekämpfung - 23.01.2011 (12)
  11. Umleitung von Firefox auf Mybookface
    Plagegeister aller Art und deren Bekämpfung - 11.04.2010 (5)
  12. Umleitung bei Google Ergebnissen und keine Verbindung zu Update Servern
    Plagegeister aller Art und deren Bekämpfung - 31.03.2010 (23)
  13. Internetfähigkeit ist eingeschränkt - keine Umleitung
    Log-Analyse und Auswertung - 06.10.2009 (10)
  14. suchleiste zeigt eigene suchbegriffe
    Diskussionsforum - 26.06.2009 (0)
  15. Win spinnt/stürzt ab, Google Umleitung, Keine Updates mehr, uvm...
    Plagegeister aller Art und deren Bekämpfung - 01.03.2009 (2)
  16. Antivirus 2008 / Link-Umleitung
    Plagegeister aller Art und deren Bekämpfung - 17.09.2008 (1)
  17. Explorer Suchleiste und einige Websites
    Plagegeister aller Art und deren Bekämpfung - 01.11.2004 (3)

Zum Thema Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste) - Hallo allerseits, erstmal: Toll, dass es so ein Forum gibt! Vor zwei Tagen habe ich Abends festgestellt, dass sich in Firefox bei Klicks auf einen beliebigen Link in einem neuen - Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste)...
Archiv
Du betrachtest: Link-Klicks in Firefox: Umleitung auf iminent.com (keine Suchleiste) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.