Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
50 Euro Virus. PC ist gesperrt. Bitte um Hilfe.

50 Euro Virus. PC ist gesperrt. Bitte um Hilfe.


Plagegeister aller Art und deren Bekämpfung: 50 Euro Virus. PC ist gesperrt. Bitte um Hilfe.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 24.02.2012, 18:20   #1
Keno79
 
50 Euro Virus. PC ist gesperrt. Bitte um Hilfe. - Standard

50 Euro Virus. PC ist gesperrt. Bitte um Hilfe.


Auch ich habe mir diesen Virus eingefangen, der den PC sperrt und 50 € haben will.

Ich habe daraufhin hier mal etwas gelesen und hoffe das ich alles an Informationen was zur Behebung des Problems benötigt wird jetzt zusammen habe. Ich hoffe Ihr könnt mir helfen.

Den Inhalt der OLT.txt schreibe ich mal direkt hier rein. Der Rest (hoffentlich ist das alles was benötigt wird) ist angehängt.OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 24.02.2012 18:13:19 - Run 2
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Keno\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,80 Gb Total Physical Memory | 2,93 Gb Available Physical Memory | 77,02% Memory free
7,60 Gb Paging File | 6,83 Gb Available in Paging File | 89,82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 424,66 Gb Total Space | 225,67 Gb Free Space | 53,14% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 30,73 Gb Free Space | 76,82% Space Free | Partition Type: NTFS
Drive E: | 12,85 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: MEDIONNOTEBOOKI | User Name: Keno | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.24 17:43:11 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Keno\Desktop\OTL.exe
PRC - [2012.02.18 21:59:56 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.02.18 21:59:56 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.08.31 22:22:30 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.12.08 08:21:46 | 000,229,520 | ---- | M] (soft Xpansion) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe -- (SXDS10)
SRV - [2011.12.06 22:00:14 | 000,214,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011.09.21 08:45:21 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.21 06:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.22 22:05:48 | 000,057,344 | ---- | M] (Oki Data Americas, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\PrintSuperVision\www\bin\PSVEngine.exe -- (PrintSuperVision Engine)
SRV - [2010.01.15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.09.28 16:43:06 | 000,161,280 | ---- | M] (Oki Data Corporation) [Auto | Stopped] -- C:\Programme\Okidata\Common\Extend3\portmgrsrv.exe -- (OpLclSrv)
SRV - [2009.06.23 14:59:32 | 000,259,368 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe -- (NeroMediaHomeService.4)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.09.21 08:45:22 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.09.21 08:45:22 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.08.02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.08.01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.05.18 08:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:64bit: - [2011.04.10 10:51:08 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.15 00:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.04.01 09:13:36 | 001,100,320 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192se.sys -- (rtl8192se)
DRV:64bit: - [2010.02.26 15:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.09.23 02:46:18 | 000,066,304 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2009.09.23 02:46:17 | 000,359,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2009.09.23 02:32:39 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2009.09.23 02:32:35 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcuxd.sys -- (vpcuxd)
DRV:64bit: - [2009.09.23 02:32:33 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2009.09.18 04:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.08.13 16:39:42 | 000,909,408 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod77-64.sys -- (mod7764)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008.11.08 10:55:22 | 000,115,328 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2006.11.30 15:17:56 | 000,033,048 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\x10ufx2.sys -- (XUIF)
DRV - [2011.09.12 14:28:52 | 000,108,256 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt - ) [Driver] [Kernel | System | Stopped] -- C:\Windows\SleeN1764.sys -- (SLEE_17_DRIVER)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "www.tagesschau.de"
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.9.8
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}: C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2011.09.19 15:43:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.18 21:59:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.08.03 12:04:22 | 000,000,000 | ---D | M]
 
[2010.11.04 11:41:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Keno\AppData\Roaming\mozilla\Extensions
[2012.01.07 01:02:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Keno\AppData\Roaming\mozilla\Firefox\Profiles\r8we546a.default\extensions
[2012.01.07 01:02:50 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Keno\AppData\Roaming\mozilla\Firefox\Profiles\r8we546a.default\extensions\foxmarks@kei.com
[2011.07.24 14:31:22 | 000,000,917 | ---- | M] () -- C:\Users\Keno\AppData\Roaming\Mozilla\Firefox\Profiles\r8we546a.default\searchplugins\conduit.xml
[2011.11.09 19:37:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.02.18 21:59:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.02 12:05:06 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.02 12:05:06 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.02 12:05:06 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.02 12:05:06 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.02 12:05:06 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.02 12:05:06 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome ==========
 
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe File not found
O4 - HKLM..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKLM..\Run: [Recordpad] C:\Program Files (x86)\NCH Swift Sound\Recordpad\recordpad.exe (NCH Software)
O4 - HKCU..\Run: [dualmonitor] C:\Program Files (x86)\Dual Monitor\DualMonitor.exe (Cristi)
O4 - HKCU..\Run: [MultiScreen] C:\Program Files (x86)\MultiScreen\MultiScreen.exe ()
O4 - HKCU..\Run: [SkypeM] C:\Users\Keno\AppData\Local\Skype\Skype.exe ()
O4 - Startup: C:\Users\Keno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Keno\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BCFCEA60-BC4F-41A3-9160-5ACCAD2D6BA4}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {1984DD45-52CF-49cd-AB77-18F378FEA264} - FencesShellExt - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll (Stardock)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5343dd25-0c77-11e0-8158-00262df5bafb}\Shell - "" = AutoRun
O33 - MountPoints2\{5343dd25-0c77-11e0-8158-00262df5bafb}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{5343dd28-0c77-11e0-8158-00262df5bafb}\Shell - "" = AutoRun
O33 - MountPoints2\{5343dd28-0c77-11e0-8158-00262df5bafb}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{5e81af68-0225-11e1-943b-00262df5bafb}\Shell - "" = AutoRun
O33 - MountPoints2\{5e81af68-0225-11e1-943b-00262df5bafb}\Shell\AutoRun\command - "" = F:\iStudio.exe
O33 - MountPoints2\{6824129c-ad20-11e0-b3be-1c4bd6664f03}\Shell - "" = AutoRun
O33 - MountPoints2\{6824129c-ad20-11e0-b3be-1c4bd6664f03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{682412a0-ad20-11e0-b3be-1c4bd6664f03}\Shell - "" = AutoRun
O33 - MountPoints2\{682412a0-ad20-11e0-b3be-1c4bd6664f03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c23ff375-0b6b-11e0-b45b-1c4bd6664f03}\Shell - "" = AutoRun
O33 - MountPoints2\{c23ff375-0b6b-11e0-b45b-1c4bd6664f03}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c23ff37c-0b6b-11e0-b45b-1c4bd6664f03}\Shell - "" = AutoRun
O33 - MountPoints2\{c23ff37c-0b6b-11e0-b45b-1c4bd6664f03}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{c23ff424-0b6b-11e0-b45b-00262df5bafb}\Shell - "" = AutoRun
O33 - MountPoints2\{c23ff424-0b6b-11e0-b45b-00262df5bafb}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{c8977cf0-1544-11e1-ae99-1c4bd6664f03}\Shell - "" = AutoRun
O33 - MountPoints2\{c8977cf0-1544-11e1-ae99-1c4bd6664f03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c8977d04-1544-11e1-ae99-1c4bd6664f03}\Shell - "" = AutoRun
O33 - MountPoints2\{c8977d04-1544-11e1-ae99-1c4bd6664f03}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c8977d2a-1544-11e1-ae99-00262df5bafb}\Shell - "" = AutoRun
O33 - MountPoints2\{c8977d2a-1544-11e1-ae99-00262df5bafb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cc0edae7-16db-11e1-80c6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{cc0edae7-16db-11e1-80c6-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fd88daaa-ade4-11e0-b472-00262df5bafb}\Shell - "" = AutoRun
O33 - MountPoints2\{fd88daaa-ade4-11e0-b472-00262df5bafb}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.24 17:55:35 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Keno\Desktop\dds.com
[2012.02.24 17:43:37 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Keno\Desktop\OTL.exe
[2012.02.24 15:32:59 | 000,000,000 | ---D | C] -- C:\Users\Keno\AppData\Roaming\Avira
[2012.02.22 14:22:14 | 000,000,000 | ---D | C] -- C:\Temp
[2012.02.22 14:22:14 | 000,000,000 | ---D | C] -- C:\Users\Keno\AppData\Roaming\Motorola
[2012.02.22 14:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola Inc
[2012.02.20 15:50:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.02.20 15:50:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.02.20 15:50:03 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.02.20 15:50:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.02.15 12:14:34 | 000,000,000 | ---D | C] -- C:\Users\Keno\Desktop\AUtokauf
[2012.02.15 08:13:44 | 000,515,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\timedate.cpl
[2012.02.15 08:13:44 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\timedate.cpl
[2012.02.15 08:13:33 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntshrui.dll
[2012.02.15 08:13:23 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvcrt.dll
[2012.02.15 08:13:04 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.02.15 08:13:04 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.02.15 08:13:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.02.15 08:13:04 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.02.15 08:13:04 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.02.15 08:13:03 | 000,134,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.02.15 08:13:03 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.02.09 07:48:07 | 000,000,000 | ---D | C] -- C:\Users\Keno\Desktop\Kopie von 1TB -HD
[2012.02.08 14:09:59 | 001,002,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinUSBCoInstaller2.dll
[2012.02.08 14:08:16 | 000,000,000 | ---D | C] -- C:\Users\Keno\Desktop\a1
[2012.02.07 08:31:48 | 000,000,000 | ---D | C] -- C:\Users\Keno\AppData\Roaming\RavensburgerTipToi
[2012.02.07 08:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\RavensburgerTipToi
[2012.02.07 08:31:19 | 000,000,000 | ---D | C] -- C:\Users\Keno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
[2012.02.07 08:31:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ravensburger tiptoi
[2012.02.03 10:37:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus
[2012.02.03 10:37:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2012.02.02 09:13:26 | 000,000,000 | ---D | C] -- C:\Users\Keno\Desktop\SCans für Zeugniss
[2012.02.01 13:58:48 | 000,000,000 | ---D | C] -- C:\Users\Keno\Desktop\2012_02_01
[2012.02.01 13:57:18 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2012.02.01 13:54:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 5.5
[2012.02.01 13:54:21 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\PCDLIB32.DLL
[2012.02.01 13:54:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2012.02.01 13:52:27 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2012.02.01 13:52:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan 5600F
[2012.02.01 13:51:56 | 000,744,960 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNQ4808L.DLL
[2012.02.01 13:51:56 | 000,229,888 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNQ4808O.DLL
[2012.02.01 13:51:56 | 000,092,672 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNQ4808I.DLL
[2012.02.01 13:51:55 | 001,354,240 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNQ4808C.DLL
[2012.02.01 13:51:55 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2012.01.31 22:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmoK Exif Sorter
[2012.01.31 14:03:24 | 000,000,000 | ---D | C] -- C:\Users\Keno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2012.01.31 13:02:54 | 000,000,000 | R--D | C] -- C:\Users\Keno\Virtual Machines
[2012.01.31 11:57:40 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-TW
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\zh-CN
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Virtual PC
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\tr-TR
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\th-TH
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\sv-SE
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ru-RU
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ro-RO
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-PT
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pt-BR
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\pl-PL
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nl-NL
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\nb-NO
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ko-KR
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ja-JP
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\it-IT
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\hu-HU
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\he-IL
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fr-FR
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\fi-FI
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\es-ES
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\en-US
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\el-GR
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\da-DK
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\cs-CZ
[2012.01.31 11:57:40 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\ar-SA
[2012.01.31 11:45:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2012.01.31 10:57:38 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpchbus.sys.mui
[2012.01.31 10:57:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcuxd.sys
[2012.01.31 10:57:37 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpchbuspipe.dll
[2012.01.31 10:57:37 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpchbus.sys.mui
[2012.01.31 10:57:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcuxd.sys.mui
[2012.01.31 10:57:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcuxd.sys.mui
[2012.01.31 10:57:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcusb.sys.mui
[2012.01.31 10:57:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcusb.sys.mui
[2012.01.31 10:57:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcnfltr.sys.mui
[2012.01.31 10:57:37 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcnfltr.sys.mui
[2012.01.31 10:57:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcuxd.sys.mui
[2012.01.31 10:57:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcusb.sys.mui
[2012.01.31 10:57:36 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcuxd.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcusb.sys.mui
[2012.01.31 10:57:35 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcusb.sys.mui
[2012.01.31 10:57:34 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcvmm.sys.mui
[2012.01.31 10:57:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcuxd.sys.mui
[2012.01.31 10:57:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcuxd.sys.mui
[2012.01.31 10:57:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nl-NL\vpcusb.sys.mui
[2012.01.31 10:57:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcusb.sys.mui
[2012.01.31 10:57:34 | 000,002,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\el-GR\vpcusb.sys.mui
[2012.01.31 10:57:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcvmm.sys.mui
[2012.01.31 10:57:33 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcvmm.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-TW\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\zh-CN\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\tr-TR\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ru-RU\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pl-PL\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\nb-NO\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ko-KR\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ja-JP\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hu-HU\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\he-IL\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\en-US\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\da-DK\vpcnfltr.sys.mui
[2012.01.31 10:57:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ar-SA\vpcnfltr.sys.mui
[2012.01.31 10:57:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\th-TH\vpcnfltr.sys.mui
[2012.01.31 10:57:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sv-SE\vpcnfltr.sys.mui
[2012.01.31 10:57:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ro-RO\vpcnfltr.sys.mui
[2012.01.31 10:57:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-BR\vpcnfltr.sys.mui
[2012.01.31 10:57:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\it-IT\vpcnfltr.sys.mui
[2012.01.31 10:57:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fr-FR\vpcnfltr.sys.mui
[2012.01.31 10:57:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fi-FI\vpcnfltr.sys.mui
[2012.01.31 10:57:31 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\es-ES\vpcnfltr.sys.mui
[2012.01.31 10:57:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pt-PT\vpcnfltr.sys.mui
[2012.01.31 10:57:29 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\cs-CZ\vpcnfltr.sys.mui
[2012.01.31 10:57:28 | 000,187,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpchbus.sys
[2012.01.31 10:57:28 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcusb.sys
[2012.01.31 10:57:27 | 000,359,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcvmm.sys
[2012.01.31 10:57:27 | 000,066,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\vpcnfltr.sys
[2012.01.31 10:57:26 | 000,793,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vmsal.exe
[2012.01.31 10:57:25 | 004,513,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vpc.exe
[2012.01.31 10:57:25 | 002,262,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCWizard.exe
[2012.01.31 10:57:25 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VPCSettings.exe
[2012.01.31 10:57:25 | 001,209,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMWindow.exe
[2012.01.31 10:57:25 | 000,936,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vmsal.exe
[2012.01.31 10:57:25 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\VMCPropertyHandler.dll
[2012.01.30 17:33:43 | 001,097,189 | ---- | C] (Prismatic Software ) -- C:\Users\Keno\Desktop\SetupDD_3.3.02.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.24 17:55:37 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Keno\Desktop\dds.com
[2012.02.24 17:55:11 | 000,000,000 | ---- | M] () -- C:\Users\Keno\defogger_reenable
[2012.02.24 17:51:04 | 000,050,477 | ---- | M] () -- C:\Users\Keno\Desktop\Defogger.exe
[2012.02.24 17:43:11 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Keno\Desktop\OTL.exe
[2012.02.24 17:36:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.24 17:36:11 | 3062,833,152 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.24 16:40:24 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.24 15:38:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.24 15:38:58 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.24 15:31:57 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.23 19:43:14 | 000,398,848 | ---- | M] () -- C:\Users\Keno\Documents\Familie Behrends Konten.stb
[2012.02.21 14:43:36 | 000,002,128 | ---- | M] () -- C:\Users\Keno\Desktop\20120131 - Kärcher - Leiter Schulugsakademie - Verknüpfung.lnk
[2012.02.20 21:06:36 | 001,622,100 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.20 21:06:36 | 000,702,524 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.20 21:06:36 | 000,655,860 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.20 21:06:36 | 000,150,048 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.20 21:06:36 | 000,122,732 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.20 15:50:31 | 000,001,826 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.02.16 18:00:04 | 004,357,766 | ---- | M] () -- C:\Users\Keno\Desktop\Sicherungskopie von Keno Behrends_schreiben gmx.wbk
[2012.02.15 14:17:48 | 000,413,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.15 12:34:57 | 000,660,939 | ---- | M] () -- C:\Users\Keno\Desktop\coupon_9810643624751_1329137932.pdf
[2012.02.15 11:52:37 | 000,009,304 | ---- | M] () -- C:\Users\Keno\AppData\Roaming\Microsoft Excel 97-2003.EML
[2012.02.08 14:21:19 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2012.02.07 08:33:28 | 000,001,115 | ---- | M] () -- C:\Users\Keno\Desktop\tiptoi.lnk
[2012.02.06 16:27:00 | 000,318,545 | ---- | M] () -- C:\Users\Keno\Documents\Rechnung_04.02.2012.zip
[2012.02.02 07:07:28 | 000,012,288 | -H-- | M] () -- C:\Users\Keno\Desktop\photothumb.db
[2012.02.01 13:53:15 | 000,002,082 | ---- | M] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012.02.01 13:53:06 | 000,002,138 | ---- | M] () -- C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
[2012.01.31 14:22:01 | 1552,534,016 | ---- | M] () -- C:\Users\Keno\Desktop\VirtualXPVHD.vhd
[2012.01.30 17:33:54 | 001,097,189 | ---- | M] (Prismatic Software ) -- C:\Users\Keno\Desktop\SetupDD_3.3.02.exe
[2012.01.30 09:47:10 | 000,007,168 | ---- | M] () -- C:\Users\Keno\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2012.02.24 17:55:11 | 000,000,000 | ---- | C] () -- C:\Users\Keno\defogger_reenable
[2012.02.24 17:51:03 | 000,050,477 | ---- | C] () -- C:\Users\Keno\Desktop\Defogger.exe
[2012.02.21 14:43:36 | 000,002,128 | ---- | C] () -- C:\Users\Keno\Desktop\20120131 - Kärcher - Leiter Schulugsakademie - Verknüpfung.lnk
[2012.02.20 15:50:31 | 000,001,826 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.02.16 18:00:02 | 004,357,766 | ---- | C] () -- C:\Users\Keno\Desktop\Sicherungskopie von Keno Behrends_schreiben gmx.wbk
[2012.02.15 12:34:57 | 000,660,939 | ---- | C] () -- C:\Users\Keno\Desktop\coupon_9810643624751_1329137932.pdf
[2012.02.08 14:21:19 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01009.Wdf
[2012.02.07 08:31:19 | 000,001,115 | ---- | C] () -- C:\Users\Keno\Desktop\tiptoi.lnk
[2012.02.06 16:27:43 | 000,318,545 | ---- | C] () -- C:\Users\Keno\Documents\Rechnung_04.02.2012.zip
[2012.02.01 13:53:15 | 000,002,082 | ---- | C] () -- C:\Users\Public\Desktop\Canon Solution Menu.lnk
[2012.02.01 13:53:06 | 000,002,138 | ---- | C] () -- C:\Users\Public\Desktop\MP Navigator EX 2.0.lnk
[2012.01.31 13:27:28 | 1552,534,016 | ---- | C] () -- C:\Users\Keno\Desktop\VirtualXPVHD.vhd
[2012.01.05 10:31:28 | 000,004,096 | -H-- | C] () -- C:\Users\Keno\AppData\Local\keyfile3.drm
[2011.12.04 16:20:27 | 000,000,010 | ---- | C] () -- C:\Windows\WININIT.INI
[2011.10.18 07:42:57 | 000,007,168 | ---- | C] () -- C:\Users\Keno\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.18 13:51:53 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011.06.26 14:42:34 | 000,009,304 | ---- | C] () -- C:\Users\Keno\AppData\Roaming\Microsoft Excel 97-2003.EML
[2011.06.20 23:08:48 | 000,182,937 | ---- | C] () -- C:\Windows\hpoins52.dat.temp
[2011.06.03 10:59:55 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011.06.03 10:47:27 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\ztvunrar36.dll
[2011.06.03 10:47:27 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\ztvunace26.dll
[2011.05.03 22:24:26 | 000,001,333 | ---- | C] () -- C:\Windows\hpomdl52.dat.temp
[2011.04.10 10:49:10 | 000,867,020 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011.04.10 10:49:10 | 000,128,204 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011.04.10 10:49:10 | 000,105,608 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011.04.10 10:18:24 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2010.11.04 14:30:45 | 001,599,994 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.04 11:40:11 | 000,790,528 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.11.04 11:40:11 | 000,165,376 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010.11.04 11:40:11 | 000,134,144 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010.11.04 11:40:11 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2010.11.04 11:40:10 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 143 bytes -> C:\Users\Keno\AppData\Roaming\Microsoft Excel 97-2003.EML:OECustomProperty
 
< End of report >
--- --- ---
 

Themen zu 50 Euro Virus. PC ist gesperrt. Bitte um Hilfe.
.com, alternate, antivir, autorun, avira, bho, bonjour, euro, explorer, firefox, google earth, home, intranet, logfile, microsoft, mozilla, object, plug-in, programme, realtek, registry, scan, security, security scan, senden, software, version=1.0, virus, windows, windows xp


« Google Redirect Virus entfernen | GEMA Trojaner aus Link in E-Mail erworben;Bildschirm zeigt "PC ist gesperrt" an "lt.Gema" »


Ähnliche Themen: 50 Euro Virus. PC ist gesperrt. Bitte um Hilfe.


  1. Virus: Rechner gesperrt 100 Euro via paysafe zahlen ...
    Plagegeister aller Art und deren Bekämpfung - 25.02.2013 (9)
  2. 100 Euro Paysafe Virus / Computer gesperrt
    Plagegeister aller Art und deren Bekämpfung - 22.01.2013 (13)
  3. GEMA-Virus aufgetreten, PC bis zur Zahlung von 100 Euro gesperrt
    Plagegeister aller Art und deren Bekämpfung - 11.05.2012 (15)
  4. 50 euro virus bitte um hilfe
    Log-Analyse und Auswertung - 16.03.2012 (15)
  5. Bitte um hilfe habe den 50 euro virus auf´m labtop
    Mülltonne - 14.03.2012 (1)
  6. AKM-Virus / 50 Euro - Bitte um Hilfe
    Plagegeister aller Art und deren Bekämpfung - 11.03.2012 (11)
  7. Der 50 Euro Virus - Windows vorsichtshalber gesperrt
    Plagegeister aller Art und deren Bekämpfung - 29.02.2012 (1)
  8. Virus! windows 7 gesperrt, 50 Euro zahlen
    Log-Analyse und Auswertung - 15.02.2012 (15)
  9. Windows gesperrt aufgrunf von 50 Euro Virus
    Log-Analyse und Auswertung - 12.02.2012 (6)
  10. 50 Euro Virus Windows gesperrt
    Log-Analyse und Auswertung - 11.02.2012 (62)
  11. 50 euro virus bitte schnelle hilfe !
    Plagegeister aller Art und deren Bekämpfung - 09.02.2012 (9)
  12. Windows security center 100 Euro strafe computer gesperrt u kash Hilfe bitte
    Plagegeister aller Art und deren Bekämpfung - 04.02.2012 (15)
  13. PC durch Virus gesperrt. Zahlung von 50 Euro etc.
    Plagegeister aller Art und deren Bekämpfung - 19.01.2012 (3)
  14. Leptop gesperrt durch Virus. Zahlung von 50 Euro für ein Virenprogramm.
    Log-Analyse und Auswertung - 10.01.2012 (1)
  15. Ebenfalls Windows gesperrt, 50 Euro Trojaner, Bitte um Hilfe
    Log-Analyse und Auswertung - 28.12.2011 (6)
  16. Windows gesperrt 50 euro zahlen brauche dringend hilfe
    Log-Analyse und Auswertung - 21.12.2011 (4)
  17. Laptop gesperrt durch Virus gesperrt. Zahlung von 50 Euro etc.
    Plagegeister aller Art und deren Bekämpfung - 17.12.2011 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema 50 Euro Virus. PC ist gesperrt. Bitte um Hilfe. - Auch ich habe mir diesen Virus eingefangen, der den PC sperrt und 50 € haben will. Ich habe daraufhin hier mal etwas gelesen und hoffe das ich alles an Informationen - 50 Euro Virus. PC ist gesperrt. Bitte um Hilfe....
Archiv
Du betrachtest: 50 Euro Virus. PC ist gesperrt. Bitte um Hilfe. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131