Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Verschluesselungs Trojaner auch bei mir

Verschluesselungs Trojaner auch bei mir


Plagegeister aller Art und deren Bekämpfung: Verschluesselungs Trojaner auch bei mir

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 18.06.2012, 10:03   #1
conny24
 
Verschluesselungs Trojaner auch bei mir - Standard

Verschluesselungs Trojaner auch bei mir


Hallo,
ich sitze hier auch vor einem mit dem Verschluesselungs Trojaner befallenen Rechner.
Die OTL.Txt befindet sich hier im Anhang. Kann mir bitte jemand helfen und den Custom Scann zusammenstellen und weiter helfen. Gelsen habe ich schon fast alles und mir ist auch klar wie alles funktioniert nur der Fix Code ist mir unklar nach was ihr da schaut bitte um Hilfe.

Code:
ATTFilter
OTL logfile created on: 6/18/2012 1:51:16 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244.14 Gb Total Space | 34.45 Gb Free Space | 14.11% Space Free | Partition Type: NTFS
Drive D: | 698.63 Gb Total Space | 478.17 Gb Free Space | 68.44% Space Free | Partition Type: NTFS
Drive E: | 74.53 Gb Total Space | 34.29 Gb Free Space | 46.01% Space Free | Partition Type: NTFS
Drive F: | 244.14 Gb Total Space | 181.72 Gb Free Space | 74.43% Space Free | Partition Type: NTFS
Drive G: | 210.34 Gb Total Space | 45.87 Gb Free Space | 21.81% Space Free | Partition Type: NTFS
Drive H: | 3.72 Gb Total Space | 2.03 Gb Free Space | 54.54% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/06/06 09:23:18 | 006,438,264 | ---- | M] (Wacom Technology, Corp.) [Auto] -- C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe -- (TabletServiceWacom)
SRV:64bit: - [2011/01/26 07:38:11 | 000,350,720 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\inetsrv\ftpsvc.dll -- (ftpsvc)
SRV:64bit: - [2011/01/14 02:57:45 | 001,436,424 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2010/09/27 10:42:04 | 004,180,576 | ---- | M] (SafeNet Inc.) [Auto] -- C:\Windows\System32\hasplms.exe -- (hasplms)
SRV:64bit: - [2009/10/15 00:51:14 | 000,087,336 | ---- | M] (Dassault Systèmes SolidWorks Corp.) [On_Demand] -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe -- (CoordinatorServiceHost)
SRV:64bit: - [2009/07/23 12:25:28 | 000,626,208 | ---- | M] () [Auto] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM)
SRV:64bit: - [2009/07/23 12:25:28 | 000,206,880 | ---- | M] () [Auto] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/13 21:39:47 | 000,010,240 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\System32\TCPSVCS.EXE -- (simptcp)
SRV:64bit: - [2009/06/05 12:42:04 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)
SRV - [2012/06/11 15:17:03 | 000,257,224 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/05/25 14:12:35 | 002,152,720 | ---- | M] (Lavasoft Limited) [Auto] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2012/05/21 23:55:56 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/12 05:57:05 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/26 10:42:28 | 000,632,320 | ---- | M] (FileZilla Project) [On_Demand] -- C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
SRV - [2012/02/10 00:13:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/09 15:05:32 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/06/01 06:41:52 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/05/17 05:26:16 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2011/02/07 10:41:57 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand] -- C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 08:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/06/14 09:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 08:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 07:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/12/28 11:25:40 | 000,036,864 | ---- | M] () [Auto] -- C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe -- (WLANBelkinService)
SRV - [2009/11/01 15:03:02 | 000,075,064 | ---- | M] () [Auto] -- C:\Windows\SysWow64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2009/07/13 21:14:42 | 000,009,216 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Windows\SysWOW64\TCPSVCS.EXE -- (simptcp)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 10:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2003/04/29 20:14:00 | 000,264,192 | ---- | M] (SCM Microsystems) [Auto] -- C:\Windows\SCARDS32.EXE -- (TWKSCARDSRV)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/02/15 05:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/11/03 07:06:56 | 000,069,376 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV:64bit: - [2011/09/29 03:54:24 | 000,339,744 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2011/08/12 03:20:57 | 000,015,416 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2011/06/09 10:54:33 | 000,121,432 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot] -- C:\Windows\System32\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2011/06/09 09:18:18 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2011/06/01 04:02:15 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/03/17 07:10:48 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2010/12/02 06:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbox64.sys -- (nmwcdcx64)
DRV:64bit: - [2010/12/02 06:14:22 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2010/12/02 06:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2010/12/02 06:14:18 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 06:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/09/27 10:42:10 | 000,131,072 | ---- | M] (SafeNet Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2010/09/27 10:42:06 | 000,075,648 | ---- | M] (SafeNet Inc.) [File_System | Auto] -- C:\Windows\System32\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2010/02/26 08:33:40 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltx64j.sys -- (UsbserFilt)
DRV:64bit: - [2010/02/26 08:33:24 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010/01/12 00:19:32 | 000,095,744 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NmPar.sys -- (NmPar)
DRV:64bit: - [2010/01/07 06:31:20 | 000,075,264 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\NmSerial.sys -- (nmserial)
DRV:64bit: - [2010/01/06 18:19:00 | 000,068,224 | ---- | M] (SCM Microsystems Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\S3XXx64.sys -- (S3XXx64)
DRV:64bit: - [2009/12/17 02:10:38 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\akshasp.sys -- (akshasp)
DRV:64bit: - [2009/12/17 02:10:34 | 000,025,344 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\aksusb.sys -- (aksusb)
DRV:64bit: - [2009/12/17 02:10:32 | 000,056,960 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\akshhl.sys -- (akshhl)
DRV:64bit: - [2009/11/12 15:20:52 | 000,054,888 | ---- | M] (Videology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\vidousb.sys -- (vidousb)
DRV:64bit: - [2009/11/06 02:40:26 | 000,838,136 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\bcmwlhigh664.sys -- (BCMH43XX)
DRV:64bit: - [2009/10/22 10:10:30 | 000,069,320 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2009/10/22 10:09:12 | 000,084,808 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2009/10/20 14:19:54 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV:64bit: - [2009/09/14 07:49:02 | 000,062,976 | ---- | M] (u-blox) [Kernel | On_Demand] -- C:\Windows\System32\drivers\ubloxVcp.sys -- (ubloxVcp)
DRV:64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 19:31:06 | 000,142,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mf.sys -- (mf)
DRV:64bit: - [2009/07/08 21:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot] -- C:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- C:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/11/21 05:54:08 | 000,025,600 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AMDx64CUT.sys -- (SUMMACUTamd)
DRV:64bit: - [2008/08/28 06:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\Windows\System32\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/05/12 02:09:06 | 000,064,512 | ---- | M] (Microchip Technology, Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\mchpusb64.sys -- (MCHPUSB)
DRV:64bit: - [2008/01/02 08:11:50 | 000,024,848 | ---- | M] (IBM) [Kernel | On_Demand] -- C:\Windows\System32\drivers\LUMDriver.sys -- (LUMDriver)
DRV:64bit: - [2007/07/23 02:57:04 | 000,052,992 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Alpham164.sys -- (Alpham1)
DRV:64bit: - [2007/03/30 08:42:34 | 012,333,568 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\System32\drivers\snp2sxp.sys -- (SNP2STD)
DRV:64bit: - [2007/03/20 04:51:04 | 000,021,760 | ---- | M] (Ideazon Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Alpham264.sys -- (Alpham2)
DRV:64bit: - [2007/02/16 05:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2005/12/13 19:53:42 | 000,007,808 | ---- | M] (GretagMacbeth LLC) [Kernel | On_Demand] -- C:\Windows\System32\drivers\i1display_x64.sys -- (EyeOneDisplay)
DRV - [2012/01/05 03:24:51 | 000,017,152 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys -- (Lavasoft Kernexplorer)
DRV - [2007/03/30 08:41:54 | 012,033,024 | ---- | M] () [Kernel | On_Demand] -- C:\Windows\SysWOW64\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2003/04/29 20:14:00 | 000,011,676 | ---- | M] (Towitoko AG) [Kernel | Auto] -- C:\Windows\SysWow64\drivers\TWKPCSC.SYS -- (TwkPCSC)
DRV - [2003/04/29 20:14:00 | 000,004,828 | ---- | M] (Towitoko AG) [Kernel | Boot] -- C:\Windows\SysWow64\drivers\TWKMS.SYS -- (TwkMs)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\conny_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\conny_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\conny_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\conny_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 47 61 8D D1 5A CA 01  [binary data]
IE - HKU\conny_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\conny_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_3_300_257.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/09/10 01:48:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/06/15 12:27:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2011/08/04 02:27:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/07 02:03:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/06/08 03:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\conny\AppData\Roaming\Mozilla\Extensions
[2012/05/19 04:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\conny\AppData\Roaming\Mozilla\Firefox\Profiles\uv8bdff3.default\extensions
[2012/03/18 08:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- 
() (No name found) -- C:\USERS\CONNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV8BDFF3.DEFAULT\EXTENSIONS\{578E7CAA-210F-4967-A0D3-88FE5B59A39F}.XPI
() (No name found) -- C:\USERS\CONNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV8BDFF3.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\CONNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV8BDFF3.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
() (No name found) -- C:\USERS\CONNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV8BDFF3.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2012/05/12 05:57:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/06 09:12:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/06 09:12:46 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/10/06 09:12:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/10/06 09:12:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/10/27 01:40:20 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
[2011/10/06 09:12:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/10/06 09:12:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (toolplugin) - {DFEFCDEE-CF1A-4FC8-89AF-189327213627} -  File not found
O3:64bit: - HKU\conny_ON_C\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKU\conny_ON_C\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKU\conny_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [iTunesHelper]  File not found
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation)
O4 - HKLM..\Run: [PUStarter] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDS.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [RunPUTasktray]  File not found
O4 - HKU\conny_ON_C..\Run: [049DF36D] C:\Users\conny\AppData\Local\Temp\Irbs\jrndquzvt.exe (Nessuna Registrazione)
O4 - HKU\conny_ON_C..\Run: [AdobeBridge]  File not found
O4 - HKU\conny_ON_C..\Run: [Auto-Import for EuroCUT Professional 7]  File not found
O4 - HKU\conny_ON_C..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\conny_ON_C..\Run: [PicPick Start] C:\Program Files (x86)\PicPick\picpick.exe ()
O4 - HKU\conny_ON_C..\Run: [PowerSuite] C:\Program Files (x86)\Uniblue\PowerSuite\Launcher.exe (Uniblue Systems Limited)
O4 - HKU\conny_ON_C..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\conny_ON_C..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\conny_ON_C..\Run: [Windows Audio Driver]  File not found
O4 - HKU\LocalService_ON_C..\Run: [Sidebar]  File not found
O4 - HKU\NetworkService_ON_C..\Run: [Sidebar]  File not found
O4 - HKU\UpdatusUser_ON_C..\Run: [Sidebar]  File not found
O4 - HKU\LocalService_ON_C..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [mctadmin]  File not found
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8:64bit: - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {17D0C64A-5283-4125-8256-105694C274ED} hxxp://www.knittel-foto-film.de/interaktiv/objekt/spx33.cab (MozillaPluginHostCtrl Class)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} hxxp://louk.solidworks.com/htdocs/pdownload/edrawings/e2011sp02/cab//eModelsStandard.cab (EModelNonVersionSpecificViewControl Class)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab (DLM Control)
O16 - DPF: {65EEE2E1-B8D5-4724-8489-048B551045BF} https://karte.seb-bank.de/gei/plugins/SEBChipcardPlugin1211.cab (PPI Chipcard-Browser-Plugin)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {97DF08C1-4C0E-4913-823B-E8FC1C8444FA} hxxp://192.168.178.105/400series.cab (4Mosa Control)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\HPPUDCS {522CC7E5-F378-4F97-8BD7-125D17F5B332} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\hppufile {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\hppusam {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\hppuzip {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\x-mem3 {4F6D06DD-44AB-4F89-BF13-9027B505B15A} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - *DISABLED*wlnotify.dll -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/04/30 02:34:10 | 000,000,000 | ---D | M] - D:\Autocad -- [ NTFS ]
O32 - AutoRun File - [2007/12/23 17:38:31 | 000,000,000 | ---D | M] - D:\Autorun -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - G:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{9780e4bc-0585-11df-9673-002618249172}\Shell - "" = AutoRun
O33 - MountPoints2\{9780e4bc-0585-11df-9673-002618249172}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{b8fa3d75-c0b3-11de-a75d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b8fa3d75-c0b3-11de-a75d-806e6f6e6963}\Shell\AutoRun\command - "" = H:\shelexec.exe .\starter.html
O33 - MountPoints2\{b8fa3d75-c0b3-11de-a75d-806e6f6e6963}\Shell\verb\command - "" = H:\shelexec.exe .\starter.html
O33 - MountPoints2\{b8fa3d76-c0b3-11de-a75d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b8fa3d76-c0b3-11de-a75d-806e6f6e6963}\Shell\AutoRun\command - "" = I:\win\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/06/11 15:18:42 | 000,000,000 | ---D | C] -- C:\Users\conny\AppData\Local\Macromedia
[2012/06/09 08:57:23 | 000,000,000 | ---D | C] -- C:\Users\conny\AppData\Local\3Dconnexion_Inc
[2012/06/09 08:51:05 | 000,000,000 | ---D | C] -- C:\Users\conny\AppData\Roaming\3Dconnexion
[2012/06/09 08:49:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\3Dconnexion
[2012/06/09 08:48:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3Dconnexion
[2012/06/09 08:48:00 | 000,000,000 | ---D | C] -- C:\Program Files\3Dconnexion
[2012/06/07 02:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/06/07 02:03:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/06/06 21:42:50 | 000,109,056 | ---- | C] (3Dconnexion, Inc) -- C:\Windows\System32\siappdll.dll
[2012/06/06 21:36:48 | 000,085,504 | ---- | C] (3Dconnexion, Inc) -- C:\Windows\SysWow64\siappdll.dll
[2012/06/04 14:51:57 | 000,000,000 | ---D | C] -- C:\Users\conny\Desktop\Kletterfieber_2012
[2012/06/04 14:51:21 | 000,000,000 | ---D | C] -- C:\Users\conny\Desktop\Kletterfieber
[2012/06/03 12:53:20 | 000,000,000 | ---D | C] -- C:\Users\conny\Documents\Studienbescheinigung
[2011/12/18 17:41:00 | 000,016,896 | ---- | C] (Microsoft) -- C:\Users\conny\AppData\Roaming\arDshini.exe.exe
[2011/12/16 02:31:09 | 000,016,896 | ---- | C] (Microsoft) -- C:\Users\conny\AppData\Roaming\Dshini.exe.exe
[2010/04/26 04:50:29 | 000,151,552 | ---- | C] ( ) -- C:\Windows\rsnp2std.dll
[2010/04/26 04:50:29 | 000,077,824 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp2std.dll
[9 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/06/11 17:22:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/11 17:22:47 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/11 17:22:47 | 000,013,536 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/11 17:22:17 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/11 17:14:02 | 000,000,355 | ---- | M] () -- C:\Windows\SCARDSRV.INI
[2012/06/11 17:13:41 | 2146,344,959 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/11 17:10:27 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/06/11 17:10:27 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012/06/11 17:00:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/06/11 16:46:49 | 000,692,220 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/06/11 16:46:49 | 000,646,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/11 16:46:49 | 000,140,050 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/06/11 16:46:49 | 000,114,620 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/11 16:37:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/06/11 15:17:03 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/06/11 15:17:03 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/06/09 08:49:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3Dconnexion
[2012/06/09 08:48:23 | 000,002,413 | ---- | M] () -- C:\Users\Public\Desktop\3D Mouse Home.lnk
[2012/06/09 08:48:23 | 000,002,304 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start 3DxWare.lnk
[2012/06/09 08:48:23 | 000,000,000 | R--D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[2012/06/07 02:03:43 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/06/07 02:03:43 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/06/06 21:44:22 | 000,045,056 | ---- | M] () -- C:\Windows\System32\Launch3DxGUI.cpl
[2012/06/06 21:42:50 | 000,109,056 | ---- | M] (3Dconnexion, Inc) -- C:\Windows\System32\siappdll.dll
[2012/06/06 21:41:56 | 000,055,808 | ---- | M] () -- C:\Windows\System32\spwini.dll
[2012/06/06 21:36:48 | 000,085,504 | ---- | M] (3Dconnexion, Inc) -- C:\Windows\SysWow64\siappdll.dll
[2012/06/06 21:35:50 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\spwini.dll
[2012/06/04 23:51:11 | 006,339,592 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/03 11:47:27 | 001,424,557 | ---- | M] () -- C:\Users\conny\Documents\Gesundheitsamt_KE.pdf
[2012/05/21 00:03:27 | 000,001,456 | ---- | M] () -- C:\Users\conny\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[9 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/06/09 08:48:23 | 000,002,413 | ---- | C] () -- C:\Users\Public\Desktop\3D Mouse Home.lnk
[2012/06/09 08:48:23 | 000,002,304 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start 3DxWare.lnk
[2012/06/07 02:03:43 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2012/06/06 21:44:22 | 000,045,056 | ---- | C] () -- C:\Windows\System32\Launch3DxGUI.cpl
[2012/06/06 21:41:56 | 000,055,808 | ---- | C] () -- C:\Windows\System32\spwini.dll
[2012/06/06 21:35:50 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\spwini.dll
[2012/06/03 11:47:27 | 001,424,557 | ---- | C] () -- C:\Users\conny\Documents\Gesundheitsamt_KE.pdf
[2012/04/03 02:36:30 | 004,389,441 | ---- | C] () -- C:\Windows\SysWow64\USBAccessLink.dll
[2012/04/03 02:36:30 | 000,229,376 | ---- | C] () -- C:\Windows\SysWow64\SerialAccessLink.dll
[2012/03/19 04:10:09 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Instrument Library
[2012/03/19 04:10:09 | 000,000,268 | RH-- | C] () -- C:\Users\conny\AppData\Roaming\Images
[2012/03/19 04:10:09 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Licenses
[2012/03/19 04:09:32 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Internet Plug-Ins
[2012/03/19 04:09:32 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Installer Plugin
[2012/03/19 04:09:32 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Limiter
[2012/03/19 04:09:32 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Legacy
[2012/03/19 04:07:43 | 000,000,000 | ---- | C] () -- C:\ProgramData\Image Manipulation
[2012/02/09 15:05:44 | 000,416,064 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/01/17 10:31:06 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2012/01/17 10:31:06 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2011/11/16 05:27:11 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Icons
[2011/11/16 05:27:11 | 000,000,268 | RH-- | C] () -- C:\Users\conny\AppData\Roaming\Hybrid Basic
[2011/11/16 05:27:11 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2011/11/16 05:27:11 | 000,000,012 | RH-- | C] () -- C:\ProgramData\InkjetPrinter
[2011/10/06 10:54:58 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\MPMapTrace.dll
[2011/10/06 09:53:06 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\mpPathan.dll
[2011/09/29 02:55:21 | 000,000,268 | RH-- | C] () -- C:\Users\conny\AppData\Roaming\Importer
[2011/09/29 02:55:21 | 000,000,268 | RH-- | C] () -- C:\Users\conny\AppData\Roaming\Image Units
[2011/09/29 02:50:36 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011/09/29 02:50:36 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011/09/29 02:50:36 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011/08/05 08:59:36 | 000,324,511 | ---- | C] () -- C:\ProgramData\1312521941.bdinstall.bin
[2011/06/09 02:47:59 | 000,000,663 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2011/05/20 02:52:15 | 000,252,928 | ---- | C] () -- C:\Windows\SysWow64\DShowRdpFilter.dll
[2011/04/05 08:37:15 | 000,000,037 | ---- | C] () -- C:\Windows\iltwain.ini
[2011/02/07 10:42:04 | 000,000,000 | ---- | C] () -- C:\Windows\eDrawingOfficeAutomator.INI
[2010/10/28 07:42:34 | 000,000,355 | ---- | C] () -- C:\Windows\SCARDSRV.INI
[2010/10/28 07:42:25 | 000,001,268 | ---- | C] () -- C:\Windows\HBCIKRNL.INI
[2010/10/28 07:42:02 | 000,002,776 | ---- | C] () -- C:\Windows\twkverck.dat
[2010/10/11 08:28:14 | 000,159,836 | ---- | C] () -- C:\Windows\_isusr32.dll
[2010/10/11 08:28:14 | 000,032,768 | ---- | C] () -- C:\Windows\SysWow64\_isusr2k.dll
[2010/08/08 03:35:12 | 000,000,132 | ---- | C] () -- C:\Users\conny\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2010/08/03 06:40:12 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Jingles
[2010/08/03 06:28:42 | 000,000,000 | ---- | C] () -- C:\ProgramData\Help
[2010/06/17 07:50:24 | 000,001,456 | ---- | C] () -- C:\Users\conny\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2010/06/12 06:16:42 | 000,000,078 | ---- | C] () -- C:\Windows\CAMDXP.INI
[2010/05/25 03:57:40 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Receipts
[2010/05/25 03:57:40 | 000,000,268 | RH-- | C] () -- C:\Users\conny\AppData\Roaming\Profiles
[2010/05/25 03:57:40 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLck.DAT
[2010/05/25 03:57:40 | 000,000,012 | RH-- | C] () -- C:\ProgramData\manual
[2010/05/25 03:57:38 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Repeat Routines
[2010/05/25 03:57:38 | 000,000,268 | RH-- | C] () -- C:\Users\conny\AppData\Roaming\Project Templates
[2010/05/25 03:57:38 | 000,000,012 | RH-- | C] () -- C:\ProgramData\vhosts
[2010/05/25 03:55:07 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2010/05/25 03:44:56 | 000,000,268 | RH-- | C] () -- C:\Users\conny\AppData\Roaming\Icons
[2010/05/25 03:40:56 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdy.DAT
[2010/05/23 06:30:03 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Reverb
[2010/05/23 06:30:03 | 000,000,268 | RH-- | C] () -- C:\Users\conny\AppData\Roaming\Radio Sounds
[2010/05/23 06:27:13 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbz.DAT
[2010/05/21 05:03:53 | 000,000,600 | ---- | C] () -- C:\Users\conny\AppData\Local\PUTTY.RND
[2010/05/05 05:21:00 | 000,000,025 | ---- | C] () -- C:\Users\conny\AppData\Roaming\bdfvconp.ini
[2010/04/26 04:50:29 | 012,033,024 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2sxp.sys
[2010/04/26 04:50:29 | 000,025,472 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncamd.sys
[2010/04/26 04:50:29 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2010/04/23 09:31:13 | 000,000,850 | ---- | C] () -- C:\Users\conny\AppData\RoamingProductTweaks.xml
[2010/04/23 09:31:12 | 000,000,385 | ---- | C] () -- C:\Users\conny\AppData\Roaminguser_gensett.xml
[2010/04/22 01:40:37 | 000,000,376 | ---- | C] () -- C:\Users\conny\AppData\Roamingprivacy.xml
[2010/04/16 11:42:51 | 000,000,400 | ---- | C] () -- C:\Windows\g_jdmjol417.ini
[2010/04/16 11:42:51 | 000,000,400 | ---- | C] () -- C:\Windows\SysWow64\drivers\bdpnqch979.dat
[2010/04/13 05:40:39 | 000,234,127 | ---- | C] () -- C:\Windows\hpoins35.dat.temp
[2010/04/13 05:40:39 | 000,000,778 | ---- | C] () -- C:\Windows\hpomdl35.dat.temp
[2010/03/31 06:50:45 | 000,005,632 | ---- | C] () -- C:\Users\conny\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/23 02:01:42 | 000,000,118 | ---- | C] () -- C:\Windows\SysWow64\BUERKVER.INI
[2010/03/23 01:52:03 | 000,737,280 | ---- | C] () -- C:\Windows\SysWow64\eztoolslib2.dll
[2010/03/08 03:30:43 | 000,000,297 | ---- | C] () -- C:\Windows\PowerReg.dat
[2010/02/26 13:23:00 | 001,579,758 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/02/19 04:57:02 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2010/02/19 04:57:02 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\hlduinst.exe
[2010/02/19 04:57:02 | 000,006,836 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.INI
[2009/12/23 02:18:29 | 000,023,716 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009/12/19 06:53:59 | 000,007,618 | ---- | C] () -- C:\Users\conny\AppData\Local\Resmon.ResmonCfg
[2009/12/13 15:08:01 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009/11/03 15:29:36 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/01 14:48:58 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2009/10/30 14:07:24 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2009/10/30 14:07:22 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2009/10/30 14:07:21 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009/10/24 12:14:51 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2009/10/20 14:19:30 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- C:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/08/21 14:46:34 | 000,059,160 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2006/12/13 10:03:14 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\zlibwapi.dll
[2003/05/20 10:05:12 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\spx33.dll
[2002/09/17 18:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe
[1999/11/16 08:04:36 | 000,485,376 | ---- | C] () -- C:\Windows\SysWow64\DrRw40.dll
 
========== LOP Check ==========
 
[2012/04/03 02:37:17 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\.mplab_ide
[2012/06/09 08:51:05 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\3Dconnexion
[2011/03/02 03:51:29 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Altium
[2011/03/02 02:06:19 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\AltiumDesignerSummer09
[2010/11/08 08:24:10 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Amazon
[2011/12/11 10:59:01 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Autodesk
[2011/05/26 05:31:22 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Babylon
[2010/05/07 14:00:20 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\C-Free
[2010/03/17 14:28:07 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\CadSoft
[2010/06/21 01:33:33 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/06/20 05:53:22 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\CircuitWorks
[2011/09/30 12:30:39 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\com.adobe.DC3Module.AdobeADC
[2011/06/01 04:06:57 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\DAEMON Tools Lite
[2012/05/19 00:30:36 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\DassaultSystemes
[2011/02/07 10:50:57 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\EDrawings
[2011/10/12 13:24:55 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Estlcam_3
[2010/02/25 03:16:58 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\EUROSYSTEMS
[2012/04/03 09:29:03 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\FileZilla
[2009/11/06 13:11:43 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\GetRightToGo
[2009/11/18 02:45:21 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\GHISLER
[2010/06/04 04:17:17 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\gtk-2.0
[2011/12/22 10:19:22 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Ideazon
[2010/08/24 08:19:54 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\IPACS
[2012/04/14 09:21:12 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\LRTimelapse
[2012/06/04 14:54:58 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Microchip
[2011/12/22 03:40:48 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\My Games
[2011/12/29 09:30:31 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Nikon
[2010/10/14 02:00:15 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Nokia
[2010/02/01 02:48:53 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Nokia Ovi Suite
[2011/12/02 08:49:01 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\onOne Software
[2011/04/27 10:37:21 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\PACE Anti-Piracy
[2010/02/01 02:48:54 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\PC Suite
[2010/05/12 10:48:01 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\PICC
[2011/05/30 08:35:05 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\picpick
[2010/11/10 09:16:28 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\picpick_temp
[2011/08/05 01:26:54 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\QuickScan
[2011/01/11 02:43:37 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012/01/29 05:53:34 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\toolplugin
[2010/01/18 14:13:06 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\TS3Client
[2011/06/09 09:17:23 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Uniblue
[2010/05/18 05:03:41 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\webex
[2009/11/26 06:43:36 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\Wireshark
[2010/05/21 11:48:24 | 000,000,000 | ---D | M] -- C:\Users\conny\AppData\Roaming\X-Control
[2011/03/02 03:51:12 | 000,000,000 | ---D | M] -- C:\ProgramData\Altium
[2011/03/01 10:36:19 | 000,000,000 | ---D | M] -- C:\ProgramData\Altium2004
[2010/02/12 05:18:57 | 000,000,000 | ---D | M] -- C:\ProgramData\AltiumDesignerSummer09
[2010/02/12 05:15:48 | 000,000,000 | ---D | M] -- C:\ProgramData\AltiumDesignerSummer09_Security
[2010/07/12 00:31:40 | 000,000,000 | ---D | M] -- C:\ProgramData\AltiumFileCache
[2009/10/24 11:50:34 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/04/16 02:12:31 | 000,000,000 | ---D | M] -- C:\ProgramData\Autodesk
[2012/04/23 11:52:35 | 000,000,000 | ---D | M] -- C:\ProgramData\Babylon
[2011/12/29 09:32:04 | 000,000,000 | ---D | M] -- C:\ProgramData\boost_interprocess
[2010/03/23 01:51:59 | 000,000,000 | ---D | M] -- C:\ProgramData\buerklin
[2010/05/07 14:00:21 | 000,000,000 | ---D | M] -- C:\ProgramData\C-Free
[2010/05/23 06:30:03 | 000,000,000 | ---D | M] -- C:\ProgramData\ColorSync
[2011/06/01 06:27:03 | 000,000,000 | ---D | M] -- C:\ProgramData\DAEMON Tools Lite
[2011/06/01 07:16:09 | 000,000,000 | ---D | M] -- C:\ProgramData\DassaultSystemes
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2009/10/24 11:50:34 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2011/04/05 08:36:39 | 000,000,000 | ---D | M] -- C:\ProgramData\DYMO
[2011/11/16 05:27:11 | 000,000,000 | ---D | M] -- C:\ProgramData\EnterNHelp
[2009/10/24 11:50:34 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/03/05 03:21:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Helicon
[2010/04/16 11:42:36 | 000,000,000 | ---D | M] -- C:\ProgramData\McNeel
[2011/11/16 05:27:37 | 000,000,000 | ---D | M] -- C:\ProgramData\Nikon
[2010/02/01 02:56:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Nokia
[2010/06/28 01:36:48 | 000,000,000 | ---D | M] -- C:\ProgramData\NokiaInstallerCache
[2011/12/02 06:03:07 | 000,000,000 | ---D | M] -- C:\ProgramData\onOne Software
[2010/06/28 01:40:05 | 000,000,000 | ---D | M] -- C:\ProgramData\OviInstallerCache
[2011/04/27 10:37:21 | 000,000,000 | ---D | M] -- C:\ProgramData\PACE Anti-Piracy
[2012/04/04 07:38:56 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Suite
[2010/06/15 14:03:32 | 000,000,000 | ---D | M] -- C:\ProgramData\regid.1986-12.com.adobe
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2009/10/24 11:50:34 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2011/12/22 12:20:28 | 000,000,000 | ---D | M] -- C:\ProgramData\tmp
[2011/11/16 05:27:11 | 000,000,000 | ---D | M] -- C:\ProgramData\Ultima_T15
[2011/06/09 09:13:56 | 000,000,000 | ---D | M] -- C:\ProgramData\Uniblue
[2009/10/24 11:50:34 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2011/12/22 04:09:57 | 000,000,000 | ---D | M] -- C:\ProgramData\WebEx
[2010/05/03 06:16:56 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip
[2010/05/03 06:18:54 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZipSE
[2011/01/04 04:47:17 | 000,000,000 | ---D | M] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011/06/09 09:07:31 | 000,000,000 | -H-D | M] -- C:\ProgramData\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2012/05/30 00:14:20 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< :OTL >
 
< IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 >
 
 
< IE - HKU\conny_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ >
Invalid Switch: 
 
< IE - HKU\conny_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp >
Invalid Switch: ?ocid=iehp

 
< IE - HKU\conny_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de >
 
< IE - HKU\conny_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E0 47 61 8D D1 5A CA 01  [binary data] >
 
< IE - HKU\conny_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 >
 
< IE - HKU\conny_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local >
 
< IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 >
 
< FF - prefs.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" >
 
< FF - prefs.js..network.proxy.no_proxies_on: "*.local" >
 
< FF - prefs.js..network.proxy.type: 0 >
 
 
< FF - user.js..browser.search.selectedEngine: "Search the web" >
 
< FF - user.js..browser.search.order.1: "Search the web" >
 
< FF - user.js..browser.search.defaultenginename: "Search the web" >
 
< FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=" >
 
 
< FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_3_300_257.dll () >
Invalid Switch: FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF64_11_3_300_257.dll ()

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll () >
Invalid Switch: FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=:   >
Invalid Switch: iTunes,version=:

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () >
Invalid Switch: iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) >
Invalid Switch: GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) >
Invalid Switch: JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) >
Invalid Switch: NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) >
Invalid Switch: OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) >
Invalid Switch: 3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) >
Invalid Switch: 3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) >
Invalid Switch: Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) >
Invalid Switch: Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) >
Invalid Switch: wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) >
Invalid Switch: wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)

 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) >
 
< FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) >
 
 
< FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/09/10 01:48:16 | 000,000,000 | ---D | M] >
Invalid Switch: 10 01:48:16 | 000,000,000 | ---D | M]

 
< FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/06/15 12:27:58 | 000,000,000 | ---D | M] >
Invalid Switch: 15 12:27:58 | 000,000,000 | ---D | M]

 
< FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2010\bdaphffext\ [2011/08/04 02:27:18 | 000,000,000 | ---D | M] >
Invalid Switch: 04 02:27:18 | 000,000,000 | ---D | M]

 
< FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/07 02:03:48 | 000,000,000 | ---D | M] >
Invalid Switch: 07 02:03:48 | 000,000,000 | ---D | M]

 
< FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins >
 
 
< [2011/06/08 03:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\conny\AppData\Roaming\Mozilla\Extensions >
Invalid Switch: 08 03:59:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\conny\AppData\Roaming\Mozilla\Extensions

 
< [2012/05/19 04:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\conny\AppData\Roaming\Mozilla\Firefox\Profiles\uv8bdff3.default\extensions >
Invalid Switch: 19 04:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\conny\AppData\Roaming\Mozilla\Firefox\Profiles\uv8bdff3.default\extensions

 
< [2012/03/18 08:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions >
Invalid Switch: 18 08:06:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

 
<  () (No name found) -- C:\USERS\CONNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV8BDFF3.DEFAULT\EXTENSIONS\{578E7CAA-210F-4967-A0D3-88FE5B59A39F}.XPI >
 
< () (No name found) -- C:\USERS\CONNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV8BDFF3.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI >
 
< () (No name found) -- C:\USERS\CONNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV8BDFF3.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI >
 
< () (No name found) -- C:\USERS\CONNY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UV8BDFF3.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI >
 
< [2012/05/12 05:57:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll >
Invalid Switch: 12 05:57:05 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

 
< [2011/10/06 09:12:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml >
Invalid Switch: 06 09:12:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

 
< [2011/10/06 09:12:46 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml >
Invalid Switch: 06 09:12:46 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

 
< [2011/10/06 09:12:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml >
Invalid Switch: 06 09:12:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

 
< [2011/10/06 09:12:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml >
Invalid Switch: 06 09:12:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

 
< [2011/10/27 01:40:20 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src >
Invalid Switch: 27 01:40:20 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src

 
< [2011/10/06 09:12:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml >
Invalid Switch: 06 09:12:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

 
< [2011/10/06 09:12:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml >
Invalid Switch: 06 09:12:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 400 bytes -> C:\Users\conny\AppData\Local\desktop.ini:3a96398c0f384e4adf5faa1736aeaf96
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 1332 bytes -> C:\Users\conny\AppData\Local\Cpkf0160E:6xkm6KbtDND8X9dYpy0DWO
@Alternate Data Stream - 1211 bytes -> C:\Users\conny\AppData\Local\jpjOeycivDPV:VLDzTCeQaqknpQcE1c
@Alternate Data Stream - 1164 bytes -> C:\Users\conny\AppData\Local\Anwendungsdaten:fpg7MY6hDakFhQE7Dw9SYo
@Alternate Data Stream - 1164 bytes -> C:\Users\conny\AppData\Local:fpg7MY6hDakFhQE7Dw9SYo

< End of report >
Liebe Gruesse

conny

Sorry habe den Code Tag vergessen
Geändert von conny24 (18.06.2012 um 10:11 Uhr)

 

Themen zu Verschluesselungs Trojaner auch bei mir
alternate, befindet, code, desktop.ini, fix, funktionier, funktioniert, google earth, langs, nvidia update, otl.txt, plug-in, safer networking, scan, scann, search the web, sitze, stelle, tablet, troja, trojaner, unklar, version=1.0


« Vorgehensweise nach Verschlüsselungstrojaner-Befall | Win32.Jeefo.a Möglichst ohne PC platt machen... »


Ähnliche Themen: Verschluesselungs Trojaner auch bei mir


  1. Viren eingefangen (JAVA/dldr.lamar.TP), auch Trojaner (Polizei.Trojaner) gefunden
    Log-Analyse und Auswertung - 07.05.2013 (15)
  2. Möchte meinen PC Trojaner frei bekommen (auch Trojaner Downloader)
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (12)
  3. Windows Verschluesselungs Trojaner
    Log-Analyse und Auswertung - 30.07.2012 (1)
  4. Windows verschluesselungs Trojaner
    Log-Analyse und Auswertung - 05.07.2012 (31)
  5. Verschluesselungs Trojaner <OTL LOG Inside>
    Plagegeister aller Art und deren Bekämpfung - 19.06.2012 (2)
  6. windows verschluesselungs trojaner
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  7. (2x) windows verschluesselungs trojaner
    Mülltonne - 08.06.2012 (1)
  8. Auch ich habe einen Verschluesselungs Trojaner
    Log-Analyse und Auswertung - 06.06.2012 (2)
  9. verschluesselungs meldung nach email mit mahnungsinhalt
    Plagegeister aller Art und deren Bekämpfung - 29.05.2012 (7)
  10. verschluesselungs trojaner olt scan vorhanden
    Log-Analyse und Auswertung - 26.05.2012 (2)
  11. verschluesselungs-trojaner-ohne-locked
    Log-Analyse und Auswertung - 25.05.2012 (4)
  12. Mein Computer hat sich mit einem Windows-Verschluesselungs-Trojaner infiziert!
    Log-Analyse und Auswertung - 08.05.2012 (3)
  13. Verschluesselungs Trojaner / Scan eingefuegt
    Log-Analyse und Auswertung - 07.05.2012 (4)
  14. Verschluesselungs-Trojaner Problem
    Log-Analyse und Auswertung - 04.05.2012 (5)
  15. TR/Shutdowner.fft bei mir auch Hilfe kopiert sich auch auf jede SDkarte mit ?
    Plagegeister aller Art und deren Bekämpfung - 20.12.2010 (6)
  16. auch ratlos hier ist auch mein logfile bitte helfen
    Mülltonne - 30.03.2006 (1)
  17. tach auch könnt ihr auch hier ein auge drauf werfen
    Log-Analyse und Auswertung - 25.02.2005 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Verschluesselungs Trojaner auch bei mir - Hallo, ich sitze hier auch vor einem mit dem Verschluesselungs Trojaner befallenen Rechner. Die OTL.Txt befindet sich hier im Anhang. Kann mir bitte jemand helfen und den Custom Scann zusammenstellen - Verschluesselungs Trojaner auch bei mir...
Archiv
Du betrachtest: Verschluesselungs Trojaner auch bei mir auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131