| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox leitet auf andere Webseiten umWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.10.2012, 15:33
| #31 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Firefox leitet auf andere Webseiten um Du solltest doch einen Vollscan mit Malwarebytes machen Code:
ATTFilter UAC On - Limited User
Bitte so wie es in der Anleitung steht auch ausführen! Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.10.2012, 18:53
| #32 |
 | Firefox leitet auf andere Webseiten umCode:
ATTFilter Malwarebytes Anti-Malware (Test) 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.19.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Laura :: LAURA-PC [Administrator] Schutz: Deaktiviert 19.10.2012 16:35:05 mbam-log-2012-10-19 (16-35-05).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 323604 Laufzeit: 1 Stunde(n), 53 Minute(n), 37 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/19/2012 at 07:03 PM
Application Version : 5.6.1012
Core Rules Database Version : 9436
Trace Rules Database Version: 7248
Scan type : Complete Scan
Total Scan Time : 02:25:41
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 533
Memory threats detected : 0
Registry items scanned : 72909
Registry threats detected : 0
File items scanned : 118489
File threats detected : 8
Adware.Tracking Cookie
tracking.sim-technik.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
|
|
21.10.2012, 11:08
| #33 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox leitet auf andere Webseiten um Du hast SUPERAntiSpyware aber diesmal wirkich per Rechtsklick als Admin ausgeführt?
__________________
__________________ |
|
21.10.2012, 14:44
| #34 |
| | Firefox leitet auf andere Webseiten um Ich hoffe ich habs jetzt richtig gemacht. Code:
ATTFilter SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 10/21/2012 at 03:43 PM
Application Version : 5.6.1012
Core Rules Database Version : 9446
Trace Rules Database Version: 7258
Scan type : Complete Scan
Total Scan Time : 01:50:55
Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator
Memory items scanned : 625
Memory threats detected : 0
Registry items scanned : 73083
Registry threats detected : 0
File items scanned : 127549
File threats detected : 187
Adware.Tracking Cookie
C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Cookies\VA7X2XXT.txt [ /mediaplex.com ]
C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Cookies\LE8CXI0G.txt [ /www.sex-hunger.com ]
C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Cookies\JFV1ASFC.txt [ /atdmt.com ]
C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Cookies\G4EP1XIR.txt [ /apmebf.com ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\36W0SWH4.txt [ Cookie:laura@mediaplex.com/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\438UBY20.txt [ Cookie:laura@doubleclick.net/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\XAE3AMWK.txt [ Cookie:laura@questionmarket.com/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\OXAY0BOL.txt [ Cookie:laura@zanox.com/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\QD9G75GX.txt [ Cookie:laura@adtech.de/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\TM3BZOIZ.txt [ Cookie:laura@www.sex-hunger.com/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRO9NLJL.txt [ Cookie:laura@adx.chip.de/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\K825NWLO.txt [ Cookie:laura@youporn.com/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\9IGG4JRY.txt [ Cookie:laura@guj.122.2o7.net/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\57L5XZYB.txt [ Cookie:laura@tradedoubler.com/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZS13CWXM.txt [ Cookie:laura@tracker.vinsight.de/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\VGB1JC1R.txt [ Cookie:laura@adform.net/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\2M6A8TB2.txt [ Cookie:laura@atdmt.com/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\SQOFC5AO.txt [ Cookie:laura@track.adform.net/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\VNNA3UXP.txt [ Cookie:laura@imrworldwide.com/cgi-bin ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\0OPEAZDT.txt [ Cookie:laura@apmebf.com/ ]
C:\USERS\LAURA\AppData\Roaming\Microsoft\Windows\Cookies\Low\OO3BE21Y.txt [ Cookie:laura@invitemedia.com/ ]
C:\USERS\LAURA\Cookies\VA7X2XXT.txt [ Cookie:laura@mediaplex.com/ ]
C:\USERS\LAURA\Cookies\LE8CXI0G.txt [ Cookie:laura@www.sex-hunger.com/ ]
C:\USERS\LAURA\Cookies\JFV1ASFC.txt [ Cookie:laura@atdmt.com/ ]
C:\USERS\LAURA\Cookies\G4EP1XIR.txt [ Cookie:laura@apmebf.com/ ]
cdn1.static.youporn.phncdn.com [ C:\USERS\LAURA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\B8DNCNKW ]
imagesrv.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\B8DNCNKW ]
xml.trafficno.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
xml.trafficno.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
banners.adcontrol.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
7.rotator.trafficbee.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
7.rotator.trafficbee.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
7.rotator.trafficbee.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.a.revenuemax.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.enoratraffic.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.exoclick.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ero-advertising.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
rts.pgmediaserve.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.bwincom.122.2o7.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad3.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
tracking.sim-technik.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
xml.trafficno.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
xml.trafficno.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
www.republicofadvertising.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.clickfuse.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
xml.trafficno.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
xml.trafficno.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
7.rotator.wigetmedia.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.geoadserving.coffeetree.info [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.adserver01.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.zanox.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad1.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
www.zanox-affiliate.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.dyntracker.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ww251.smartadserver.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
eas.apm.emediate.eu [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.im.banner.t-online.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.quartermedia.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
tracking.affiliaxe.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
tracking.affiliaxe.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.clicktoview.org [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
clicktoview.org [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
clicktoview.org [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
clicktoview.org [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.myroitracking.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.clicksor.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
clicktoview.org [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
clicktoview.org [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.revenuemax.de [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
adfarm1.adition.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\LAURA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VK64FHU3.DEFAULT\COOKIES.SQLITE ]
|
|
21.10.2012, 16:33
| #35 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox leitet auf andere Webseiten um Sieht ok aus, da wurden nur Cookies gefunden, die können alle weg. Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/ Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2012, 16:43
| #36 |
| | Firefox leitet auf andere Webseiten um hm die Umleitungen sind nach wie vor vorhanden... |
|
21.10.2012, 16:44
| #37 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox leitet auf andere Webseiten um Dann mach erstmal ein neues Log mit dem adwCleaner adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.10.2012, 16:47
| #38 |
| | Firefox leitet auf andere Webseiten umCode:
ATTFilter # AdwCleaner v2.005 - Datei am 21/10/2012 um 17:47:12 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Laura - LAURA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Laura\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v16.0.1 (de)
Profilname : default
Datei : C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\vk64fhu3.default\prefs.js
[OK] Die Datei ist sauber.
*************************
AdwCleaner[R1].txt - [9062 octets] - [15/10/2012 14:56:57]
AdwCleaner[S1].txt - [9046 octets] - [15/10/2012 16:58:17]
AdwCleaner[R2].txt - [993 octets] - [16/10/2012 17:20:32]
AdwCleaner[R3].txt - [925 octets] - [21/10/2012 17:47:12]
########## EOF - C:\AdwCleaner[R3].txt - [984 octets] ##########
|
|
21.10.2012, 19:59
| #39 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox leitet auf andere Webseiten um In welchem Browser sind die Umleitungen denn noch? Nur im Firefox? Edit: Hab gerad ein Hinweis bekommen, das mit zwei Dateien durch die Lappen gegangen sind, mach einen OTL-Fix mal mit diesem Script: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten Geändert von cosinus (21.10.2012 um 20:35 Uhr) |
|
22.10.2012, 12:07
| #40 |
| | Firefox leitet auf andere Webseiten um ja die sind nur in firefox OTL Logfile: Code:
ATTFilter OTL logfile created on: 22.10.2012 12:59:49 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Laura\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,96 Gb Total Physical Memory | 2,54 Gb Available Physical Memory | 64,06% Memory free 7,92 Gb Paging File | 6,20 Gb Available in Paging File | 78,27% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,01 Gb Total Space | 390,85 Gb Free Space | 86,66% Space Free | Partition Type: NTFS Computer Name: LAURA-PC | User Name: Laura | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.10.15 21:53:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe PRC - [2012.10.11 03:04:29 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2012.10.09 10:34:58 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2012.09.20 11:53:26 | 005,686,272 | ---- | M] () -- C:\Program Files (x86)\Freetec\SystemStore\Freemium.SelfUpdate.exe PRC - [2012.08.28 07:41:08 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe PRC - [2012.08.28 07:41:06 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe PRC - [2012.08.10 18:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Laura\AppData\Local\Akamai\netsession_win.exe PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) -- C:\Program Files (x86)\Skype\Updater\Updater.exe PRC - [2011.11.02 02:00:44 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe PRC - [2010.11.21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe PRC - [2009.07.01 23:12:46 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe PRC - [2007.07.27 16:43:34 | 000,118,784 | ---- | M] (Creative Technology Ltd.) -- C:\Program Files (x86)\Dell\Dell Webcam Manager\DellWMgr.exe ========== Modules (No Company Name) ========== MOD - [2012.10.11 03:04:42 | 002,294,240 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2012.10.09 10:34:58 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll MOD - [2012.05.30 20:06:48 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012.05.30 20:06:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ========== Services (SafeList) ========== SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2012.10.12 10:21:49 | 009,012,224 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe -- (SystemStoreService) SRV - [2012.10.11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2012.09.20 11:53:26 | 005,686,272 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Freetec\SystemStore\Freemium.SelfUpdate.exe -- (FreemiumSelfUpdateService) SRV - [2012.08.28 07:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.07.11 20:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc) SRV - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.10.01 17:14:23 | 000,129,576 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV:64bit: - [2012.09.13 15:52:59 | 000,099,248 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.07.09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.07.25 17:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.02.11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc) DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV:64bit: - [2010.09.26 20:15:22 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2010.06.25 10:33:36 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2010.06.21 22:07:24 | 000,304,760 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.01.09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort) DRV:64bit: - [2007.05.01 03:00:00 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-158783214-850266951-202426709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKU\S-1-5-21-158783214-850266951-202426709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-158783214-850266951-202426709-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 98 91 97 89 E9 70 CD 01 [binary data] IE - HKU\S-1-5-21-158783214-850266951-202426709-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com IE - HKU\S-1-5-21-158783214-850266951-202426709-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKU\S-1-5-21-158783214-850266951-202426709-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-158783214-850266951-202426709-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-158783214-850266951-202426709-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll () FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll () FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.21 17:42:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.09.27 16:32:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laura\AppData\Roaming\mozilla\Extensions [2012.09.27 16:32:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laura\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2012.10.17 16:43:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laura\AppData\Roaming\mozilla\Firefox\Profiles\vk64fhu3.default\extensions [2012.10.21 17:42:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited) O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files (x86)\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.) O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions) O4 - HKU\S-1-5-21-158783214-850266951-202426709-1000..\Run: [Akamai NetSession Interface] C:\Users\Laura\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-158783214-850266951-202426709-1000..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - HKU\S-1-5-21-158783214-850266951-202426709-1000..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-158783214-850266951-202426709-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-158783214-850266951-202426709-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1 O7 - HKU\S-1-5-21-158783214-850266951-202426709-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16:64bit: - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB (Reg Error: Key error.) O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31E7D6FB-7549-4FA6-A28E-E43EBF28AA5F}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC6B42DF-E6DA-4FD4-81E6-547CA7FCA8F2}: DhcpNameServer = 192.168.154.139 O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.10.21 17:42:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service [2012.10.21 13:49:42 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\SUPERAntiSpyware.com [2012.10.21 13:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012.10.21 13:49:02 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2012.10.21 13:49:02 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012.10.19 14:30:28 | 021,170,696 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Laura\Desktop\SUPERAntiSpyware.exe [2012.10.19 14:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.19 14:21:59 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.10.19 14:21:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012.10.18 21:43:12 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Laura\Desktop\aswMBR.exe [2012.10.18 18:21:05 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Avira [2012.10.18 18:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.10.18 18:17:22 | 000,129,576 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.10.18 18:17:22 | 000,099,248 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2012.10.18 18:17:22 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.10.18 18:17:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.10.18 18:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2012.10.18 18:00:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2012.10.18 17:46:48 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012.10.18 17:23:58 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.10.18 17:23:58 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.10.18 17:23:58 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.10.18 17:21:39 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.10.18 17:21:27 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012.10.18 17:19:55 | 004,984,103 | R--- | C] (Swearware) -- C:\Users\Laura\Desktop\ComboFix.exe [2012.10.17 20:02:49 | 000,000,000 | ---D | C] -- C:\_OTL [2012.10.17 16:05:51 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.10.17 16:05:51 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.10.17 16:05:51 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.10.17 15:44:59 | 001,034,216 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012.10.17 15:44:59 | 000,916,456 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012.10.17 15:44:59 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.10.17 15:44:43 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.10.17 15:44:43 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.10.17 15:44:43 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012.10.17 15:44:29 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012.10.15 21:53:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe [2012.10.14 17:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2012.10.13 19:24:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.10.13 12:34:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware [2012.10.13 12:34:14 | 000,000,000 | ---D | C] -- C:\Users\Laura\Documents\Anti-Malware [2012.10.13 11:27:45 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\Malwarebytes [2012.10.13 11:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.10.10 13:34:07 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012.10.10 13:34:07 | 003,968,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012.10.10 13:34:07 | 003,914,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012.10.10 13:33:59 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll [2012.10.10 13:33:59 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll [2012.10.10 13:33:59 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe [2012.10.10 13:33:59 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll [2012.10.10 13:33:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll [2012.10.10 13:33:58 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll [2012.10.10 13:33:58 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe [2012.10.10 13:33:58 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll [2012.10.10 13:33:58 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll [2012.10.10 13:33:58 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll [2012.10.10 13:33:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe [2012.10.10 13:33:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2012.10.10 13:33:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2012.10.10 13:33:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2012.10.10 13:33:58 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2012.10.10 13:33:58 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll [2012.10.10 13:33:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 13:33:58 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2012.10.10 13:33:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2012.10.10 13:33:58 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe [2012.10.10 13:33:49 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012.10.10 13:33:22 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2012.10.10 13:33:22 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2012.10.05 12:15:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon [2012.10.05 11:56:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2012.09.27 16:32:48 | 000,000,000 | ---D | C] -- C:\Users\Laura\Documents\TomTom [2012.09.27 16:32:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TomTom [2012.09.27 16:32:37 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Roaming\TomTom [2012.09.27 16:32:37 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\TomTom [2012.09.27 16:32:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom [2012.09.27 16:32:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom HOME 2 [2012.09.27 16:31:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V [2012.09.26 15:25:33 | 000,000,000 | ---D | C] -- C:\Users\Laura\AppData\Local\Akamai [2012.09.26 13:08:04 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe [2012.09.22 15:28:40 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.09.22 15:28:40 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.09.22 15:28:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.09.22 15:28:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.09.22 15:28:38 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.09.22 15:28:38 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.09.22 15:28:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.09.22 15:28:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.09.22 15:28:36 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.09.22 15:28:36 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.09.22 15:28:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.09.22 15:28:36 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.09.22 15:28:34 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.09.22 15:28:34 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.09.22 15:28:34 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.09.22 13:44:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012.09.22 13:44:24 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2012.09.22 13:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012.09.22 13:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012.09.22 13:43:54 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012.09.22 13:43:54 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 ========== Files - Modified Within 30 Days ========== [2012.10.22 13:03:44 | 000,031,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.22 13:03:44 | 000,031,088 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.22 12:57:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.22 12:57:04 | 3191,623,680 | -HS- | M] () -- C:\hiberfil.sys [2012.10.21 17:42:51 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.10.21 13:49:05 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012.10.21 13:48:31 | 021,170,696 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Laura\Desktop\SUPERAntiSpyware.exe [2012.10.20 11:46:13 | 003,353,805 | ---- | M] () -- C:\Users\Laura\Desktop\Lukas Graham - Drunk In The Morning (Official stream).mp3 [2012.10.19 22:34:10 | 001,507,106 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.10.19 22:34:10 | 000,657,676 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.10.19 22:34:10 | 000,618,912 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.10.19 22:34:10 | 000,131,016 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.10.19 22:34:10 | 000,107,232 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.10.19 17:32:57 | 003,369,270 | ---- | M] () -- C:\Users\Laura\Desktop\Cro - 1 Million [Free Track].mp3 [2012.10.19 14:22:00 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.18 21:56:12 | 000,000,512 | ---- | M] () -- C:\Users\Laura\Desktop\MBR.dat [2012.10.18 21:43:28 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Laura\Desktop\aswMBR.exe [2012.10.18 21:41:45 | 000,029,197 | ---- | M] () -- C:\Users\Laura\Desktop\osam.html [2012.10.18 20:55:04 | 000,302,592 | ---- | M] () -- C:\Users\Laura\Desktop\fjoewtd4.exe [2012.10.18 17:20:23 | 004,984,103 | R--- | M] (Swearware) -- C:\Users\Laura\Desktop\ComboFix.exe [2012.10.17 15:44:35 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2012.10.17 15:44:34 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll [2012.10.17 15:44:34 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll [2012.10.17 15:44:34 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2012.10.17 15:44:34 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2012.10.17 15:44:34 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2012.10.16 17:20:20 | 000,538,941 | ---- | M] () -- C:\Users\Laura\Desktop\adwcleaner.exe [2012.10.15 21:53:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Laura\Desktop\OTL.exe [2012.10.12 17:28:14 | 000,098,304 | RHS- | M] () -- C:\Windows\SysWow64\dmviewk.dll [2012.10.09 10:34:58 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012.10.09 10:34:58 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2012.10.07 20:27:30 | 000,127,139 | ---- | M] () -- C:\Users\Laura\Desktop\227561_3879192743882_1583954944_n.jpg [2012.10.07 20:21:22 | 000,044,875 | ---- | M] () -- C:\Users\Laura\Desktop\400945_3878533927412_520149741_n.jpg [2012.10.05 12:05:45 | 000,692,228 | ---- | M] () -- C:\Users\Laura\Documents\ok [2012.10.01 17:14:23 | 000,129,576 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012.09.26 15:38:05 | 144,109,622 | ---- | M] () -- C:\Users\Laura\Documents\R241392.zip [2012.09.24 23:16:33 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2012.09.24 23:08:27 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2012.09.24 23:07:57 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2012.09.22 13:44:36 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk ========== Files Created - No Company Name ========== [2012.10.21 17:42:51 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.10.21 17:42:51 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.10.21 13:49:05 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012.10.20 11:46:13 | 003,353,805 | ---- | C] () -- C:\Users\Laura\Desktop\Lukas Graham - Drunk In The Morning (Official stream).mp3 [2012.10.19 17:32:57 | 003,369,270 | ---- | C] () -- C:\Users\Laura\Desktop\Cro - 1 Million [Free Track].mp3 [2012.10.19 14:22:00 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.18 21:56:12 | 000,000,512 | ---- | C] () -- C:\Users\Laura\Desktop\MBR.dat [2012.10.18 21:41:45 | 000,029,197 | ---- | C] () -- C:\Users\Laura\Desktop\osam.html [2012.10.18 20:55:03 | 000,302,592 | ---- | C] () -- C:\Users\Laura\Desktop\fjoewtd4.exe [2012.10.18 17:23:58 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.10.18 17:23:58 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.10.18 17:23:58 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.10.18 17:23:58 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.10.18 17:23:58 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.10.16 17:19:51 | 000,538,941 | ---- | C] () -- C:\Users\Laura\Desktop\adwcleaner.exe [2012.10.12 17:28:14 | 000,098,304 | RHS- | C] () -- C:\Windows\SysWow64\dmviewk.dll [2012.10.07 20:27:29 | 000,127,139 | ---- | C] () -- C:\Users\Laura\Desktop\227561_3879192743882_1583954944_n.jpg [2012.10.07 20:21:19 | 000,044,875 | ---- | C] () -- C:\Users\Laura\Desktop\400945_3878533927412_520149741_n.jpg [2012.10.05 12:05:00 | 000,692,228 | ---- | C] () -- C:\Users\Laura\Documents\ok [2012.09.26 15:27:57 | 144,109,622 | ---- | C] () -- C:\Users\Laura\Documents\R241392.zip [2012.09.22 13:44:36 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012.08.05 21:21:47 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin [2011.02.11 19:15:08 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin [2011.02.11 19:15:08 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin [2011.02.11 19:15:08 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Custom Scans ========== < :Files > < C:\Windows\SysWow64\dmviewk.dll > [2012.10.12 17:28:14 | 000,098,304 | RHS- | M] () -- C:\Windows\SysWow64\dmviewk.dll < C:\Windows\tasks\gmxwzfzu.job > < :Commands > < [emptytemp] > < End of report > |
|
22.10.2012, 12:27
| #41 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox leitet auf andere Webseiten um Das ist ein neues Log von OTL, aber nicht das Fixlog welches ich erwartet habe
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.10.2012, 13:33
| #42 |
| | Firefox leitet auf andere Webseiten um hab ich da was falsch gemacht oder? |
|
22.10.2012, 14:26
| #43 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox leitet auf andere Webseiten um Ja was solltest du denn machen  Einen OTL-Fix mit dem von mir angebenen Fixscript, warum machst du denn dann ein neues Log mit OTL?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
22.10.2012, 14:39
| #44 |
| | Firefox leitet auf andere Webseiten um oh entschuldigung,manchmal bin ich echt zu blöd zum lesen  Code:
ATTFilter
Files\Folders moved on Reboot...
C:\Users\Laura\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Soll ich die ganzen heruntergeladenen Programme jetzt deinstallieren oder beibehalten? |
|
22.10.2012, 15:36
| #45 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Firefox leitet auf andere Webseiten um Ich brauch den Quarantäneordner von OTL. Bitte folgendes machen: 1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen! 2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen 3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! 4.) Wenns erfolgreich war Bescheid sagen 5.) Erst dann wieder den Virenscanner einschalten
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Firefox leitet auf andere Webseiten um |
| administrator, anti-malware, appdata, autostart, dateien, emsisoft, explorer, festplatte, firefox, folge, funktioniert, gelöscht, google, install.exe, leitet, link, link geklickt, loadtbs-3.0, microsoft, neustart, roaming, rootkits, software, speicher, traces, uninstall.exe, verschwunden, virus, webseiten, zugriff |
Linear-Darstellung
