Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Immer wieder auf 95p.com umgeleitet...

Immer wieder auf 95p.com umgeleitet...


Log-Analyse und Auswertung: Immer wieder auf 95p.com umgeleitet...

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.01.2012, 23:27   #1
Sardine
 
Immer wieder auf 95p.com umgeleitet... - Standard

Immer wieder auf 95p.com umgeleitet...


Hallo, hoffe, Ihr koennt einer fast verzweifelten Hausfrau helfen...hab mich nun seit Tagen durch saemtl. Foren u. Infos durchgekaempft...einiges runtergeladen um diesen Trojaner oder was immer das sein mag von meinem Laptop zu entfernen, aber ist schwer, DA MAN ja immer auf 95p.com weitergeleitet wird...
Also nach langer "Fummelei" hab ich nun diesen Logfile (oder wie das heisst) erstellen koennen.

Hoffe, ich gebe hier keine geheimen Daten weiter- oder bin im falschen forum...dann bitte ich um Nachsicht. Leider fummelte da sonst mein Sohnemann rum- der wohnt leider nicht mehr zu Hause...
bin fuer jeden tipp dankbar. Ggf. danke schonmal im voraus.

OTL logfile created on: 1/2/2012 10:53:11 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = D:\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Italia | Language: ITA | Date Format: dd/MM/yyyy

2.87 Gb Total Physical Memory | 1.43 Gb Available Physical Memory | 49.69% Memory free
5.74 Gb Paging File | 4.38 Gb Available in Paging File | 76.35% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 115.24 Gb Total Space | 75.10 Gb Free Space | 65.17% Space Free | Partition Type: NTFS
Drive D: | 172.85 Gb Total Space | 166.49 Gb Free Space | 96.32% Space Free | Partition Type: NTFS

Computer Name: PASCAL-MSI | User Name: Pascal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - D:\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe (Uniblue Systems Limited)
PRC - C:\Program Files\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohWebPlayer.exe (Veoh Networks)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\avgidsmonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - D:\Program Files\Virtual CD v10\System\vc10tray.exe (H+H Software GmbH)
PRC - D:\Program Files\Virtual CD v10\System\VC10Play.exe (H+H Software GmbH)
PRC - C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
PRC - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
PRC - C:\Program Files\MSI\EasyFace Logon\KillAutoAP.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Uniblue\RegistryBooster\locale\it\it.dll ()
MOD - C:\Program Files\Uniblue\RegistryBooster\InstallerExtensions.dll ()
MOD - C:\Program Files\Uniblue\RegistryBooster\cwebpage.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtScript4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\phonon4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtWebKit4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll ()
MOD - \\?\globalroot\systemroot\system32\mswsock.DLL ()
MOD - C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\boost_log-vc71-mt-1_32.dll ()
MOD - C:\Program Files\AVG\AVG9\Identity Protection\agent\bin\boost_thread-vc71-mt-1_32.dll ()
MOD - C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
MOD - C:\Program Files\MSI\EasyFace Logon\KillAutoAP.exe ()
MOD - D:\Program Files\Virtual CD v10\System\vorbis.dll ()
MOD - D:\Program Files\Virtual CD v10\System\ogg.dll ()
MOD - C:\Program Files\WinRAR 3.61 Multi\rarext.dll ()


========== Win32 Services (SafeList) ==========

SRV - (wlidsvc) -- File not found
SRV - (VC10SecS) -- File not found
SRV - (SeaPort) -- File not found
SRV - (QuestBrowse Service) -- File not found
SRV - (Micro Star SCM) -- File not found
SRV - (MDM) -- File not found
SRV - (iPod Service) -- File not found
SRV - (ICQ Service) -- File not found
SRV - (gupdatem) Servizio Google Update (gupdatem) -- File not found
SRV - (gupdate) Servizio di Google Update (gupdate) -- File not found
SRV - (Giraffic) -- File not found
SRV - (Bonjour Service) -- File not found
SRV - (AVGIDSAgent) -- File not found
SRV - (avg9wd) -- File not found
SRV - (Apple Mobile Device) -- File not found
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (avgfws9) -- C:\Program Files\AVG\AVG9\avgfws9.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (AvgMfx86) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgTdiX) -- C:\Windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (AVGIDSFilterw7x) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSErHrw7x) -- C:\Windows\System32\Drivers\AVGIDSwx.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShimw7x) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSDriverw7x) -- C:\Program Files\AVG\AVG9\Identity Protection\Agent\Driver\Platform_WIN7\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgRkx86) -- C:\Windows\System32\Drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (pneteth) -- C:\Windows\System32\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV - (vdrv1000) -- C:\Windows\System32\drivers\vdrv1000.sys (H+H Software GmbH)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (toshidpt) -- C:\Windows\system32\drivers\Toshidpt.sys (TOSHIBA Corporation.)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (tosporte) -- C:\Windows\system32\DRIVERS\tosporte.sys (TOSHIBA Corporation)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (HH10Help.sys) -- C:\Windows\System32\drivers\HH10Help.sys (H+H Software GmbH)
DRV - (ArcSoftKsUFilter) -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\prxtbVeo2.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\prxtbVeo2.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2011/09/12 21:02:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011/04/16 10:25:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011/04/16 10:25:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/25 16:20:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/07/31 12:25:37 | 000,000,000 | ---D | M]

[2010/12/11 19:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\Extensions
[2010/12/11 19:06:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pascal\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2011/11/13 18:56:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010/09/12 17:00:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/12/09 19:51:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/18 17:49:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/07 21:06:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/06 10:29:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/03/11 20:46:50 | 000,000,000 | ---D | M] (QuestBrowse) -- C:\Program Files\mozilla firefox\extensions\{D9ADB0A8-7BFB-498D-9880-EE78A81CCFA0}
[2011/06/25 16:20:34 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/05/04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/06/25 16:20:31 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/06/25 16:20:31 | 000,000,744 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-it.xml
[2011/06/25 16:20:31 | 000,000,825 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\hoepli.xml
[2011/06/25 16:20:31 | 000,001,182 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-it.xml
[2011/06/25 16:20:31 | 000,000,953 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-it.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.2.183.13\npGoogleOneClick8.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX HiQ = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\

O1 HOSTS File: ([2011/04/09 16:28:18 | 000,000,877 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\prxtbVeo2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Veoh Web Player Toolbar) - {cd90bf73-20f6-44ef-993d-bb920303bd2e} - C:\Program Files\Veoh_Web_Player\prxtbVeo2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Veoh Web Player Toolbar) - {CD90BF73-20F6-44EF-993D-BB920303BD2E} - C:\Program Files\Veoh_Web_Player\prxtbVeo2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [EasyFace Agent] C:\Program Files\MSI\EasyFace Logon\KillAutoAP.exe ()
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [VC10Player] D:\Program Files\Virtual CD v10\System\VC10Play.exe (H+H Software GmbH)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F95CFD68-CC80-477C-8589-B99539F4622A}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) -C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (C:\Users\Pascal\AppData\Local\df686445\X) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/02 22:47:13 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Desktop\OTL.exe
[2012/01/02 22:13:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/01/02 22:13:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012/01/02 22:11:40 | 003,562,624 | ---- | C] (Piriform Ltd) -- D:\Desktop\ccsetup314.exe
[2012/01/02 21:03:42 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012/01/02 21:03:40 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012/01/02 21:03:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2012/01/02 21:01:21 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\TuneUp Software
[2012/01/02 21:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2012/01/02 20:58:34 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012/01/02 20:58:14 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012/01/02 20:07:51 | 035,944,352 | ---- | C] (TuneUp Software) -- D:\Desktop\TuneUpUtilities2012_de-DE.exe
[2011/12/28 19:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2011/12/28 19:44:10 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue
[2011/12/19 20:39:30 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Roaming\Uniblue
[2011/12/19 20:39:15 | 000,000,000 | -H-D | C] -- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2011/12/19 20:15:51 | 000,000,000 | ---D | C] -- C:\Users\Pascal\AppData\Local\PackageAware
[2011/12/19 20:01:49 | 007,253,056 | ---- | C] (Uniblue Systems Ltd ) -- D:\Desktop\registrybooster(1).exe
[2011/12/19 19:59:03 | 007,253,056 | ---- | C] (Uniblue Systems Ltd ) -- D:\Desktop\registrybooster.exe
[2011/12/10 17:21:48 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2010/08/25 18:59:08 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/02 22:53:15 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Desktop\OTL.exe
[2012/01/02 22:42:09 | 000,000,000 | ---- | M] () -- C:\Users\Pascal\defogger_reenable
[2012/01/02 22:38:36 | 000,032,202 | ---- | M] () -- D:\Desktop\85104-otl-otlogfile-oldtimer.html
[2012/01/02 22:16:21 | 003,562,624 | ---- | M] (Piriform Ltd) -- D:\Desktop\ccsetup314.exe
[2012/01/02 22:13:56 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/02 21:38:27 | 000,338,114 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/02 21:38:27 | 000,060,926 | ---- | M] () -- C:\Windows\System32\perfh010.dat
[2012/01/02 21:38:27 | 000,053,030 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/02 21:38:27 | 000,026,102 | ---- | M] () -- C:\Windows\System32\perfc010.dat
[2012/01/02 21:35:16 | 000,017,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/02 21:35:16 | 000,017,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/02 21:24:23 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2012/01/02 21:24:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/02 21:24:03 | 2311,446,528 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/02 21:03:11 | 000,002,169 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/01/02 21:03:11 | 000,002,149 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/01/02 20:09:49 | 035,944,352 | ---- | M] (TuneUp Software) -- D:\Desktop\TuneUpUtilities2012_de-DE.exe
[2011/12/28 19:45:07 | 000,001,628 | ---- | M] () -- D:\Desktop\Uniblue RegistryBooster.lnk
[2011/12/19 20:07:23 | 007,253,056 | ---- | M] (Uniblue Systems Ltd ) -- D:\Desktop\registrybooster(1).exe
[2011/12/19 20:04:54 | 007,253,056 | ---- | M] (Uniblue Systems Ltd ) -- D:\Desktop\registrybooster.exe
[2011/12/17 15:12:13 | 064,207,032 | ---- | M] () -- D:\Desktop\setup_av_free.exe
[2011/12/14 12:23:40 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011/12/14 12:23:22 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011/12/11 17:48:54 | 090,190,295 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/12/09 20:59:14 | 000,619,742 | ---- | M] () -- C:\Windows\System32\drivers\Avg\iavifw.avm
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/02 22:42:09 | 000,000,000 | ---- | C] () -- C:\Users\Pascal\defogger_reenable
[2012/01/02 22:38:01 | 000,032,202 | ---- | C] () -- D:\Desktop\85104-otl-otlogfile-oldtimer.html
[2012/01/02 22:13:56 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/01/02 21:03:11 | 000,002,169 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012/01/02 21:03:11 | 000,002,149 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2012/01/02 21:03:10 | 000,002,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2011/12/28 19:45:07 | 000,001,628 | ---- | C] () -- D:\Desktop\Uniblue RegistryBooster.lnk
[2011/12/19 20:39:40 | 000,000,334 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2011/12/17 15:07:39 | 064,207,032 | ---- | C] () -- D:\Desktop\setup_av_free.exe
[2011/09/06 15:42:55 | 000,004,096 | -H-- | C] () -- C:\Users\Pascal\AppData\Local\keyfile3.drm
[2011/08/11 08:39:29 | 000,000,000 | ---- | C] () -- C:\Users\Pascal\AppData\Local\{AC0B4E78-2D11-46A6-9A1A-5C924A1AECF4}
[2011/08/06 12:44:35 | 000,000,364 | ---- | C] () -- C:\Windows\ODBC.INI
[2011/08/06 12:44:33 | 000,000,772 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/07/22 19:01:19 | 000,000,000 | ---- | C] () -- C:\Users\Pascal\AppData\Local\{64003BDE-C243-4D03-9B9A-C58F003110E0}
[2011/05/19 16:36:16 | 000,019,456 | ---- | C] () -- C:\Users\Pascal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/10 12:31:31 | 000,143,656 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2011/04/09 17:06:04 | 000,000,600 | ---- | C] () -- C:\Users\Pascal\AppData\Roaming\winscp.rnd
[2010/12/27 18:48:20 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/12/02 22:50:13 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/12/02 22:50:12 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010/12/02 22:50:10 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/12/02 22:50:10 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/12/02 22:50:09 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2010/08/31 16:26:59 | 000,233,472 | ---- | C] () -- C:\Windows\System32\MafiaSetup.exe
[2010/08/31 04:11:09 | 000,000,218 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010/08/31 04:10:03 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2010/08/31 04:10:03 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2010/08/31 04:10:03 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2010/08/25 19:30:02 | 000,439,308 | ---- | C] () -- C:\Windows\System32\igcompkrng500.bin
[2010/08/25 19:30:00 | 000,982,240 | ---- | C] () -- C:\Windows\System32\igkrng500.bin
[2010/08/25 19:30:00 | 000,092,356 | ---- | C] () -- C:\Windows\System32\igfcg500m.bin
[2010/08/25 18:57:00 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2010/08/25 18:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2010/08/25 18:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2009/09/03 01:23:48 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/09/03 00:46:29 | 000,828,928 | ---- | C] () -- C:\Windows\System32\EasyFaceCredentialProvider.dll
[2009/09/03 00:46:28 | 001,144,320 | ---- | C] () -- C:\Windows\System32\FD.dll
[2009/09/03 00:46:28 | 000,483,328 | ---- | C] () -- C:\Windows\System32\FR.dll
[2009/09/03 00:46:28 | 000,291,840 | ---- | C] () -- C:\Windows\System32\PreProc.dll
[2009/09/03 00:46:28 | 000,080,384 | ---- | C] () -- C:\Windows\System32\LBP.dll
[2009/09/03 00:16:08 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2009/09/02 22:13:24 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2009/09/02 22:13:19 | 000,134,592 | ---- | C] () -- C:\Windows\System32\igfcg500.bin
[2009/09/02 21:49:10 | 000,335,478 | ---- | C] () -- C:\Windows\System32\perfi010.dat
[2009/09/02 21:49:10 | 000,060,926 | ---- | C] () -- C:\Windows\System32\perfh010.dat
[2009/09/02 21:49:10 | 000,037,534 | ---- | C] () -- C:\Windows\System32\perfd010.dat
[2009/09/02 21:49:10 | 000,026,102 | ---- | C] () -- C:\Windows\System32\perfc010.dat
[2009/08/20 03:17:03 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2009/07/14 05:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 05:33:53 | 000,420,040 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/14 03:05:48 | 000,338,114 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/14 03:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/14 03:05:48 | 000,053,030 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/14 03:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/14 03:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/14 03:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/14 00:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2003/04/09 10:39:40 | 000,233,472 | R--- | C] () -- C:\Users\Pascal\AppData\Roaming\MafiaSetup.exe

========== LOP Check ==========

[2011/01/29 22:02:15 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2011/03/10 11:59:39 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\fltk.org
[2011/07/22 19:05:15 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\ICQ
[2011/07/23 12:17:37 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\LimeWire
[2010/12/04 18:05:11 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\PhotoScape
[2010/08/31 04:12:58 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\Save-EE
[2011/04/09 15:51:14 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\Seirys
[2010/12/20 23:08:20 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\SoundSpectrum
[2012/01/02 21:01:21 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\TuneUp Software
[2011/12/19 20:39:30 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\Uniblue
[2010/09/07 11:08:43 | 000,000,000 | --SD | M] -- C:\Users\Pascal\AppData\Roaming\Virtual CD v10
[2011/04/09 15:51:36 | 000,000,000 | ---D | M] -- C:\Users\Pascal\AppData\Roaming\Ygivzi
[2012/01/02 21:24:23 | 000,000,334 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2011/09/15 14:55:29 | 000,032,556 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

 

Themen zu Immer wieder auf 95p.com umgeleitet...
.dll, avg, bho, bonjour, ccsetup, conduit, defender, entfernen, excel, explorer, firefox, format, google, google earth, helper, home, host.exe, html, icq, logfile, microsoft, mozilla, plug-in, realtek, scan, senden, software, taskhost.exe, trojaner, version=1.0, webcheck, windows, winlogon


« Achtung! aus sicherheitsgründen wurde ihr windowsystem blockiert | hallo 100€ abzocke »


Ähnliche Themen: Immer wieder auf 95p.com umgeleitet...


  1. Windows 7: Avira meldet immer wieder ADWARE/Adware.Gen4 bzw. .Gen7, zudem taucht Optimizer Pro immer wieder auf
    Log-Analyse und Auswertung - 14.12.2014 (9)
  2. Pc wieder sehr langsam, Firefox stürzt immer wieder ab.
    Log-Analyse und Auswertung - 21.08.2013 (9)
  3. PC fährt immer wieder von alleine runter und wieder hoch
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (13)
  4. Browser hat immer script akamaihd.net, Google Suche wird umgeleitet
    Plagegeister aller Art und deren Bekämpfung - 26.02.2013 (34)
  5. Goingonearth Virus !! Werde immer auf Werbeseiten umgeleitet, Sicherheitscenter und Win Defender fäl
    Log-Analyse und Auswertung - 18.08.2011 (12)
  6. Google links werden hin und wieder umgeleitet auf 100ksearches.com
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (1)
  7. Es erstellt sich immer ein Ordner und er kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 14.04.2011 (1)
  8. Internet immer wieder langsam, dann wieder normal usw.
    Log-Analyse und Auswertung - 20.10.2010 (1)
  9. IE öffnet immer wieder werbefenster sowie geht immer wieder der ton aus
    Plagegeister aller Art und deren Bekämpfung - 15.07.2010 (2)
  10. Werde immer auf andere Seiten umgeleitet
    Log-Analyse und Auswertung - 11.02.2009 (9)
  11. Media Player öffnet sich selbstständig immer und immer wieder
    Log-Analyse und Auswertung - 30.10.2008 (0)
  12. Werde immer Umgeleitet
    Log-Analyse und Auswertung - 22.08.2007 (2)
  13. Hilfe, ich werde im Internet immer auf andere Seiten umgeleitet!
    Plagegeister aller Art und deren Bekämpfung - 19.05.2007 (1)
  14. Explorer/Google wird immer umgeleitet,brauche Rat
    Plagegeister aller Art und deren Bekämpfung - 06.12.2006 (3)
  15. Were immer umgeleitet! Bitte um Hilfe!
    Mülltonne - 05.12.2006 (0)
  16. Hilfe werd immer wieder auf from-google-yahoo-msn.com umgeleitet!
    Log-Analyse und Auswertung - 15.08.2006 (1)
  17. Immer wieder umgeleitet - Logfile
    Log-Analyse und Auswertung - 15.10.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Immer wieder auf 95p.com umgeleitet... - Hallo, hoffe, Ihr koennt einer fast verzweifelten Hausfrau helfen...hab mich nun seit Tagen durch saemtl. Foren u. Infos durchgekaempft...einiges runtergeladen um diesen Trojaner oder was immer das sein mag von - Immer wieder auf 95p.com umgeleitet......
Archiv
Du betrachtest: Immer wieder auf 95p.com umgeleitet... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55