Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr.

Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr.


Plagegeister aller Art und deren Bekämpfung: Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 20.11.2012, 09:38   #1
aupex
 
Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr. - Standard

Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr.


Hallo,
Vorgestern hat mein Kaspersky mir einen Fund gemeldet.
Um genau zu sein hat während dem Surfen auf Facebook Kaspersky einen unbekannten Fund gemeldet und danach mit einem Scan angefangen. Bei diesem Scan wurden über 400 Infizierte Objekte entdeckt und abgearbeitet.
Seitdem ist das Surfen im Netzt fast nicht mehr möblich. Sobald ich ein neues Register im Firefox öffne hängt er sich auf. Gehe ich auf eine Webseite die etwas größer ist (z.b. Amazon) hängt er sich auf usw.
Öffne ich den InternetExplorer kommt nur ein Fenster "Downloads anzeigen und nachverfolgen"
Danach kommt 2x die Fehlermeldung: "RunDLL Fehler beim Laden von C:\Windows\System32\inetcpl.cpl Das angegebene Modul wurde nicht gefunden"
Logfiles von Defogger, Gmer und OTL hänge ich an. OTL hat allerdings nur eine Datei erstellt. Die Datei extra.txt fehlt. Die gmer.log ist aufgrund der Größe als 7zip angehängt.

Gruß

Aupex


defogger
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:51 on 19/11/2012 (Aupex)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
OTL
Code:
ATTFilter
OTL logfile created on: 19.11.2012 20:58:25 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Aupex\Desktop\trojanerboard
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 52,33% Memory free
10,72 Gb Paging File | 9,28 Gb Available in Paging File | 86,63% Paging File free
Paging file location(s): d:\pagefile.sys 8000 8000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 41,12 Gb Total Space | 1,20 Gb Free Space | 2,93% Space Free | Partition Type: NTFS
Drive D: | 185,90 Gb Total Space | 1,62 Gb Free Space | 0,87% Space Free | Partition Type: NTFS
Drive E: | 523,86 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive P: | 1,88 Gb Total Space | 1,75 Gb Free Space | 93,25% Space Free | Partition Type: FAT
 
Computer Name: STEFANLAPTOP | User Name: Aupex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Aupex\Desktop\trojanerboard\OTL.exe (OldTimer Tools)
PRC - D:\Program Files\suparaasyp\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
PRC - C:\Programme\Google\Drive\googledrivesync.exe (Google)
PRC - d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - D:\Program Files\suparaasyp\SASCORE.EXE (SUPERAntiSpyware.com)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - D:\Program Files\Kaspersky Security Suite CBE 12\avp.exe (Kaspersky Lab ZAO)
PRC - D:\Program Files\kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - d:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe (Deutsche Telekom AG)
PRC - C:\Programme\Bamboo Dock\BambooCore.exe ()
PRC - C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Tablet\Pen\Pen_TouchUser.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - d:\Program Files\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
PRC - C:\Programme\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
PRC - C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek)
PRC - C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
PRC - C:\Programme\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.)
PRC - C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Programme\Common Files\microsoft shared\ink\TabTip.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
PRC - C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
PRC - d:\Program Files\Sandboxie\SbieSvc.exe (tzuk)
PRC - C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\wx._gdi_.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32com.shell.shell.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32api.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\_elementtree.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\wx._html2.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\_socket.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32ts.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32crypt.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\wx._misc_.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\_ssl.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\pythoncom26.dll ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32security.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\pywintypes26.dll ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\_ctypes.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32profile.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\wx._core_.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\wx._windows_.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\_hashlib.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\wx._wizard.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32file.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32process.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32pdh.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32inet.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\wx._controls_.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\unicodedata.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\pyexpat.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\win32event.pyd ()
MOD - C:\Users\Aupex\AppData\Local\Temp\_MEI44922\select.pyd ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ecbb113bbad9034fa8385c15f73fb4cf\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a8dfd1388afc0a50f39f9e1dc7ecd45c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll ()
MOD - D:\Program Files\Kaspersky Security Suite CBE 12\qtgui4.dll ()
MOD - D:\Program Files\Kaspersky Security Suite CBE 12\qtscript4.dll ()
MOD - D:\Program Files\Kaspersky Security Suite CBE 12\qtsql4.dll ()
MOD - D:\Program Files\Kaspersky Security Suite CBE 12\qtcore4.dll ()
MOD - D:\Program Files\Kaspersky Security Suite CBE 12\qtnetwork4.dll ()
MOD - D:\Program Files\Kaspersky Security Suite CBE 12\qtdeclarative4.dll ()
MOD - C:\Users\Aupex\AppData\Local\Temp\08f56ff6-864d-4a92-944a-57b870198cb2\CliSecureRT.dll ()
MOD - D:\Program Files\kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - d:\Program Files\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Programme\Bamboo Dock\BambooCore.exe ()
MOD - C:\Programme\Tablet\Pen\libxml2.dll ()
MOD - D:\Program Files\Kaspersky Security Suite CBE 12\imageformats\qgif4.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- d:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- d:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (!SASCORE) -- D:\Program Files\suparaasyp\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AVP) -- D:\Program Files\Kaspersky Security Suite CBE 12\avp.exe (Kaspersky Lab ZAO)
SRV - (MCSWASVR) -- d:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe (Deutsche Telekom AG)
SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Secunia PSI Agent) -- d:\Program Files\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- d:\Program Files\Secunia\PSI\sua.exe (Secunia)
SRV - (NAUpdate) -- C:\Programme\Nero\Update\NASvc.exe (Nero AG)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (MSSQL$JTLWAWI) -- C:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- C:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Programme\Canon\IJPLM\ijplmsvc.exe ()
SRV - (afcdpsrv) -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (getPlusHelper) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (MSSQLServerADHelper100) -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (MSSQL$SQLEXPRESS) -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (SQLAgent$SQLEXPRESS) -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)
SRV - (TOSHIBA Bluetooth Service) -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (SbieSvc) -- d:\Program Files\Sandboxie\SbieSvc.exe (tzuk)
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (USBModem) -- system32\DRIVERS\lgusbmodem.sys File not found
DRV - (UsbDiag) -- system32\DRIVERS\lgusbdiag.sys File not found
DRV - (usbbus) -- system32\DRIVERS\lgusbbus.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (LGVMODEM) -- system32\DRIVERS\lgvmodem.sys File not found
DRV - (lgbusenum) -- system32\DRIVERS\lgbtbus.sys File not found
DRV - (LgBttPort) -- system32\DRIVERS\lgbtport.sys File not found
DRV - (Lavasoft Kernexplorer) -- C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\Aupex\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (pwdrvio) -- C:\Windows\System32\pwdrvio.sys ()
DRV - (pwdspio) -- C:\Windows\System32\pwdspio.sys ()
DRV - (Ser2pl) -- C:\Windows\System32\drivers\ser2pl.sys (Prolific Technology Inc.)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (SASKUTIL) -- D:\Program Files\suparaasyp\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- D:\Program Files\suparaasyp\SASDIFSV.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdbus) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (ssadmdm) -- C:\Windows\System32\drivers\ssadmdm.sys (MCCI Corporation)
DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation)
DRV - (ssadserd) -- C:\Windows\System32\drivers\ssadserd.sys (MCCI Corporation)
DRV - (androidusb) -- C:\Windows\System32\drivers\ssadadb.sys (Google Inc)
DRV - (ssadmdfl) -- C:\Windows\System32\drivers\ssadmdfl.sys (MCCI Corporation)
DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software)
DRV - (FTDIBUS) -- C:\Windows\System32\drivers\ftdibus.sys (FTDI Ltd.)
DRV - (FTSER2K) -- C:\Windows\System32\drivers\ftser2k.sys (FTDI Ltd.)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV - (kl2) -- C:\Windows\System32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (KL1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (SaiNtBus) -- C:\Windows\System32\drivers\SaiBus.sys (Saitek)
DRV - (SaiMini) -- C:\Windows\System32\drivers\SaiMini.sys (Saitek)
DRV - (Lbd) -- C:\Windows\System32\drivers\Lbd.sys (Lavasoft AB)
DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis)
DRV - (tdrpman251) -- C:\Windows\System32\drivers\tdrpm251.sys (Acronis)
DRV - (timounter) -- C:\Windows\System32\drivers\timntr.sys (Acronis)
DRV - (snapman) -- C:\Windows\System32\drivers\snapman.sys (Acronis)
DRV - (cbfs3) -- C:\Windows\System32\drivers\cbfs3.sys (EldoS Corporation)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (USB28xxBGA) -- C:\Windows\System32\drivers\emBDA.sys (eMPIA Technology, Inc.)
DRV - (USB28xxOEM) -- C:\Windows\System32\drivers\emOEM.sys (eMPIA Technology, Inc.)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (LUsbFilt) -- C:\Windows\System32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (TosRfSnd) -- C:\Windows\System32\drivers\TosRfSnd.sys (TOSHIBA Corporation)
DRV - (tosrfbnp) -- C:\Windows\System32\drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV - (RsFx0103) -- C:\Windows\System32\drivers\RsFx0103.sys (Microsoft Corporation)
DRV - (Tosrfusb) -- C:\Windows\System32\drivers\tosrfusb.sys (TOSHIBA CORPORATION)
DRV - (tosrfnds) -- C:\Windows\System32\drivers\tosrfnds.sys (TOSHIBA Corporation.)
DRV - (Tosrfhid) -- C:\Windows\System32\drivers\Tosrfhid.sys (TOSHIBA Corporation.)
DRV - (Tosrfcom) -- C:\Windows\System32\drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (SbieDrv) -- d:\Program Files\Sandboxie\SbieDrv.sys (tzuk)
DRV - (hotcore3) -- C:\Windows\System32\drivers\hotcore3.sys (Paragon Software Group)
DRV - (tosrfbd) -- C:\Windows\System32\drivers\tosrfbd.sys (TOSHIBA CORPORATION)
DRV - (s0016unic) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (tosporte) -- C:\Windows\System32\drivers\tosporte.sys (TOSHIBA Corporation)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (enecir) -- C:\Windows\System32\drivers\enecir.sys (ENE TECHNOLOGY INC.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (MGHwCtrl) -- C:\Windows\System32\drivers\MGHwCtrl.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (Si3531) -- C:\Windows\System32\drivers\Si3531.sys (Silicon Image, Inc)
DRV - (SiRemFil) -- C:\Windows\System32\drivers\SiRemFil.sys (Silicon Image, Inc.)
DRV - (SiFilter) -- C:\Windows\System32\drivers\SiWinAcc.sys (Silicon Image, Inc.)
DRV - (giveio) -- C:\Windows\System32\giveio.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 42 B7 60 24 4D 07 CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{7CA392FF-03B9-4588-9225-404B3C3B6E4B}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=971163&p={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = hxxp://www.daemon-search.com/search/web?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free@ea.com:1.0.66.2
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.9
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: KPSA-home-Priess@EasternGraphics.com:1.0.2
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: D:\Program Files\canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: d:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player:  File not found
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\html5video [2011.06.13 10:31:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files\DivX\DivX Plus Web Player\firefox\wpa [2011.06.13 10:31:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: D:\Program Files\Kaspersky Security Suite CBE 12\FFExt\virtualKeyboard@kaspersky.ru [2012.06.13 18:50:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: D:\Program Files\Kaspersky Security Suite CBE 12\FFExt\linkfilter@kaspersky.ru [2012.06.13 18:50:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: D:\Program Files\Kaspersky Security Suite CBE 12\FFExt\KavAntiBanner@Kaspersky.ru [2012.06.13 18:49:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012.10.29 07:44:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012.10.29 07:44:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2012.10.29 21:35:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.4\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins [2012.10.29 21:35:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{8C17574E-F5C5-41b8-8B36-333FC7E67980}: D:\Program Files\Kaspersky Security Suite CBE 12\THBExt_2_x [2012.06.13 17:37:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{FD9B3EC6-8265-41fb-8A2F-4C5A22A95A7B}: D:\Program Files\Kaspersky Security Suite CBE 12\THBExt_3_1_x [2012.06.13 17:37:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Aupex\AppData\Roaming\5015
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012.10.29 07:44:46 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012.10.29 07:44:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: D:\Program Files\Mozilla Thunderbird\components [2012.10.29 21:35:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: D:\Program Files\Mozilla Thunderbird\plugins [2012.10.29 21:35:31 | 000,000,000 | ---D | M]
 
[2010.09.20 18:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aupex\AppData\Roaming\mozilla\Extensions
[2010.09.20 18:23:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aupex\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.10.23 19:52:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aupex\AppData\Roaming\mozilla\Firefox\Profiles\z8fjhgyp.default\extensions
[2010.04.28 10:30:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Aupex\AppData\Roaming\mozilla\Firefox\Profiles\z8fjhgyp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.09.04 09:08:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Aupex\AppData\Roaming\mozilla\Firefox\Profiles\z8fjhgyp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.04 19:47:00 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Aupex\AppData\Roaming\mozilla\Firefox\Profiles\z8fjhgyp.default\extensions\battlefieldplay4free@ea.com
[2012.09.07 14:22:16 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\Users\Aupex\AppData\Roaming\mozilla\Firefox\Profiles\z8fjhgyp.default\extensions\fdm_ffext@freedownloadmanager.org
[2011.02.26 21:42:26 | 000,000,000 | ---D | M] (KPSA-Home (Priess)) -- C:\Users\Aupex\AppData\Roaming\mozilla\Firefox\Profiles\z8fjhgyp.default\extensions\KPSA-home-Priess@EasternGraphics.com
[2009.09.10 20:06:59 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Aupex\AppData\Roaming\mozilla\Firefox\Profiles\z8fjhgyp.default\extensions\moveplayer@movenetworks.com
[2010.03.24 15:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Aupex\AppData\Roaming\mozilla\firefox\profiles\z8fjhgyp.default\searchplugins\conduit.xml
 
O1 HOSTS File: ([2011.06.08 14:21:18 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files\Kaspersky Security Suite CBE 12\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Virtual Storage Mount Notification) - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - d:\Program Files\Free Download Manager\iefdm2.dll ()
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - D:\Program Files\Kaspersky Security Suite CBE 12\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Programme\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVP] D:\Program Files\Kaspersky Security Suite CBE 12\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BambooCore] C:\Programme\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [ProfilerU] C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TrayServer] D:\Program Files\MAGIX\Video_deluxe_17_Plus_Sonderedition\Trayserver.exe (MAGIX AG)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [KiesHelper] D:\Program Files\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] D:\Program Files\kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] D:\Program Files\suparaasyp\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: add to &BOM - D:\\PROGRA~1\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Alles mit FDM herunterladen - d:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Auswahl mit FDM herunterladen - d:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - d:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Download with Xilisoft Download YouTube Video - d:\Program Files\Xilisoft\Download YouTube Video\upod_link.HTM ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Aupex\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - D:\Program Files\Kaspersky Security Suite CBE 12\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Videos mit FDM herunterladen - d:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - D:\Program Files\Kaspersky Security Suite CBE 12\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - D:\Program Files\Kaspersky Security Suite CBE 12\klwtbbho.dll (Kaspersky Lab ZAO)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{14436A7B-9E23-494B-A111-E37191A2C976}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7E4D3FD4-2868-44D7-9825-067520FD8405}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll File not found
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll File not found
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\system32\mshtml.dll File not found
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Program Files\suparaasyp\SASWINLO.DLL) - D:\Program Files\suparaasyp\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\klogon: DllName - (C:\Windows\system32\klogon.dll) - C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation)
O24 - Desktop WallPaper: C:\Users\Aupex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Aupex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Program Files\suparaasyp\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2000.01.18 01:28:36 | 000,028,672 | R--- | M] (Dipl.-Ing. Stefan Krueger <skrueger@installsite.org>) - E:\AUTORUN.EXE -- [ CDFS ]
O32 - AutoRun File - [2002.01.12 03:28:28 | 000,001,042 | R--- | M] () - E:\AUTORUN.INI -- [ CDFS ]
O32 - AutoRun File - [2002.04.22 21:47:10 | 000,000,138 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.19 20:45:22 | 000,000,000 | ---D | C] -- C:\Users\Aupex\Desktop\trojanerboard
[2012.11.10 17:32:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon_Inc_IC
[2012.11.10 17:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Canon_Inc_IC
[2012.11.06 20:42:54 | 000,000,000 | ---D | C] -- C:\Users\Aupex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CombineZP
[2012.11.06 20:42:45 | 000,000,000 | ---D | C] -- C:\Program Files\Alan Hadley
[2012.11.02 18:26:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ErgoFAKT V4.0
[2012.11.02 18:26:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Borland Shared
[2012.11.02 18:26:35 | 000,000,000 | ---D | C] -- C:\Program Files\ERGO SOFT
[2012.11.02 18:19:09 | 000,000,000 | ---D | C] -- C:\Users\Aupex\AppData\Local\ErgoFAKT
[2012.11.02 18:17:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ErgoFAKT
[2012.10.25 19:49:15 | 000,000,000 | ---D | C] -- C:\Users\Aupex\AppData\Roaming\inkscape
[2012.10.25 10:45:46 | 000,000,000 | -HSD | C] -- C:\Users\Aupex\AppData\Local\.#
[2012.10.25 10:45:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RasterVect 17.3 Trial
[2012.10.23 19:08:29 | 000,000,000 | ---D | C] -- C:\Users\Aupex\Desktop\Charlotte
[2012.10.21 20:12:01 | 000,000,000 | ---D | C] -- C:\Users\Aupex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Raven Software
[2012.10.21 20:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raven Software
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.19 20:54:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.19 20:54:00 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.19 20:53:20 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.19 20:53:20 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.19 20:53:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.19 20:51:47 | 000,000,020 | ---- | M] () -- C:\Users\Aupex\defogger_reenable
[2012.11.19 20:32:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.19 20:23:38 | 000,389,128 | ---- | M] () -- C:\Users\Aupex\Desktop\bookmarks-2012-11-19.json
[2012.11.19 10:27:17 | 000,136,704 | ---- | M] () -- C:\Users\Aupex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.17 21:08:35 | 000,000,851 | ---- | M] () -- C:\Users\Aupex\Desktop\SOF II Einzelspieler.lnk
[2012.11.15 06:04:02 | 000,566,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.14 22:53:02 | 000,810,226 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.14 22:53:02 | 000,749,954 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.14 22:53:02 | 000,198,294 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.14 22:53:02 | 000,166,232 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.10 17:33:01 | 000,000,947 | ---- | M] () -- C:\Users\Public\Desktop\Digital Photo Professional.lnk
[2012.11.06 21:02:40 | 000,002,511 | ---- | M] () -- C:\Users\Aupex\Desktop\CombineZP.lnk
[2012.11.06 20:42:54 | 000,001,944 | ---- | M] () -- C:\Users\Aupex\Desktop\CZPBatch.lnk
[2012.11.02 18:26:47 | 000,001,980 | ---- | M] () -- C:\Users\Public\Desktop\ErgoFAKT V4.0.lnk
[2012.10.30 11:55:17 | 000,005,038 | ---- | M] () -- C:\Users\Aupex\.recently-used.xbel
[2012.10.30 11:52:46 | 000,008,799 | ---- | M] () -- C:\Users\Aupex\AppData\Local\recently-used.xbel
[2012.10.30 11:29:31 | 000,009,020 | ---- | M] () -- C:\Users\Aupex\Desktop\testlogo.svg
[2012.10.25 19:49:09 | 000,025,424 | ---- | M] () -- C:\Users\Aupex\Desktop\Vorschlag Logo.svg
[2012.10.25 19:47:27 | 000,000,634 | ---- | M] () -- C:\Users\Public\Desktop\Inkscape.lnk
[2012.10.25 10:45:39 | 000,000,695 | ---- | M] () -- C:\Users\Aupex\Desktop\RasterVect 17.3 Trial.lnk
[2012.10.25 07:46:38 | 000,666,704 | ---- | M] () -- C:\Users\Aupex\Desktop\Vorschlag Logo.png
[2012.10.25 07:45:51 | 000,085,977 | ---- | M] () -- C:\Users\Aupex\Desktop\logoss2.jpg
[2012.10.24 15:19:27 | 000,000,182 | ---- | M] () -- C:\Windows\System32\~.inf
[2012.10.22 09:40:07 | 000,000,708 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.21 20:12:10 | 000,000,762 | ---- | M] () -- C:\Windows\Sof2.INI
[2012.10.21 20:12:10 | 000,000,673 | ---- | M] () -- C:\Users\Aupex\Desktop\SOF II Mehrspieler.lnk
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.19 20:51:27 | 000,000,020 | ---- | C] () -- C:\Users\Aupex\defogger_reenable
[2012.11.19 20:23:37 | 000,389,128 | ---- | C] () -- C:\Users\Aupex\Desktop\bookmarks-2012-11-19.json
[2012.11.06 20:42:54 | 000,002,511 | ---- | C] () -- C:\Users\Aupex\Desktop\CombineZP.lnk
[2012.11.06 20:42:54 | 000,001,944 | ---- | C] () -- C:\Users\Aupex\Desktop\CZPBatch.lnk
[2012.11.02 18:26:47 | 000,001,980 | ---- | C] () -- C:\Users\Public\Desktop\ErgoFAKT V4.0.lnk
[2012.10.30 11:55:17 | 000,005,038 | ---- | C] () -- C:\Users\Aupex\.recently-used.xbel
[2012.10.30 11:52:46 | 000,008,799 | ---- | C] () -- C:\Users\Aupex\AppData\Local\recently-used.xbel
[2012.10.25 20:04:50 | 000,009,020 | ---- | C] () -- C:\Users\Aupex\Desktop\testlogo.svg
[2012.10.25 19:49:07 | 000,025,424 | ---- | C] () -- C:\Users\Aupex\Desktop\Vorschlag Logo.svg
[2012.10.25 19:47:59 | 000,000,666 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
[2012.10.25 19:47:27 | 000,000,634 | ---- | C] () -- C:\Users\Public\Desktop\Inkscape.lnk
[2012.10.25 10:45:39 | 000,000,695 | ---- | C] () -- C:\Users\Aupex\Desktop\RasterVect 17.3 Trial.lnk
[2012.10.25 07:46:34 | 000,666,704 | ---- | C] () -- C:\Users\Aupex\Desktop\Vorschlag Logo.png
[2012.10.25 07:45:47 | 000,085,977 | ---- | C] () -- C:\Users\Aupex\Desktop\logoss2.jpg
[2012.10.22 09:40:07 | 000,000,708 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.21 20:12:10 | 000,000,851 | ---- | C] () -- C:\Users\Aupex\Desktop\SOF II Einzelspieler.lnk
[2012.10.21 20:12:10 | 000,000,673 | ---- | C] () -- C:\Users\Aupex\Desktop\SOF II Mehrspieler.lnk
[2012.10.21 20:02:24 | 000,000,762 | ---- | C] () -- C:\Windows\Sof2.INI
[2012.10.13 20:16:50 | 000,000,087 | ---- | C] () -- C:\Windows\winDecrypt.INI
[2012.09.22 10:24:29 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2012.09.11 14:28:00 | 000,025,600 | ---- | C] () -- C:\Users\Aupex\Salon Seemann.dot
[2012.09.03 06:02:43 | 000,000,800 | ---- | C] () -- C:\Windows\Rtcw.INI
[2012.09.01 13:26:36 | 000,000,104 | ---- | C] () -- C:\Users\Aupex\AppData\Roaming\.ptbt1
[2012.07.31 10:37:59 | 000,000,317 | ---- | C] () -- C:\Windows\CODUO.ini
[2012.07.27 19:53:10 | 000,000,721 | ---- | C] () -- C:\Windows\COD.INI
[2012.06.27 20:34:31 | 018,506,240 | ---- | C] () -- C:\Users\Aupex\jtlwawi260612.bak
[2012.06.27 15:06:14 | 014,967,296 | ---- | C] () -- C:\Users\Aupex\sicherung270612.bak
[2012.06.13 18:39:35 | 000,017,408 | ---- | C] () -- C:\Users\Aupex\AppData\Local\WebpageIcons.db
[2012.06.13 17:39:13 | 000,116,189 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2012.06.13 17:39:13 | 000,098,168 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2012.05.19 12:26:47 | 000,016,472 | ---- | C] () -- C:\Windows\System32\pwdrvio.sys
[2012.05.18 20:39:46 | 000,922,184 | ---- | C] () -- C:\Windows\System32\pwNative.exe
[2012.05.18 20:39:08 | 000,011,104 | ---- | C] () -- C:\Windows\System32\pwdspio.sys
[2012.04.02 08:03:10 | 000,000,021 | ---- | C] () -- C:\Windows\preview.ini
[2012.03.21 15:14:49 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.12.23 20:58:28 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.12.23 18:06:49 | 000,000,021 | ---- | C] () -- C:\Users\Aupex\AppData\Local\mc.pixel.data
[2011.07.26 16:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.07.26 16:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.07.26 16:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.07.26 16:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.06.08 11:00:20 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011.06.08 11:00:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.06.08 11:00:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.06.08 11:00:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.06.08 11:00:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.06.06 09:41:31 | 000,523,061 | ---- | C] () -- C:\Users\Aupex\mricrocosft.cab
[2011.05.29 08:31:24 | 000,000,558 | ---- | C] () -- C:\Users\Aupex\AppData\Roaming\AutoGK.ini
[2011.05.16 16:39:33 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.05.16 16:39:33 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.05.14 20:36:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2011.03.11 11:43:54 | 000,029,763 | ---- | C] () -- C:\Windows\System32\drivers\klopp.dat
[2011.01.25 15:02:14 | 000,032,768 | ---- | C] () -- C:\Windows\System32\MGFPCtrl.dll
[2010.11.28 12:29:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ss35pp.dll
[2010.10.12 19:54:54 | 007,424,512 | ---- | C] () -- C:\Users\Aupex\tab.bak
[2010.08.26 21:34:46 | 000,360,723 | ---- | C] () -- C:\Users\Aupex\AppData\Roaming\mdbu.bin
[2010.06.29 17:17:29 | 000,345,434 | ---- | C] () -- C:\Users\Aupex\bild 00000.jpg
[2010.04.21 18:43:25 | 000,725,294 | ---- | C] () -- C:\Users\Aupex\.fonts.cache-1
[2010.04.21 18:42:04 | 000,000,000 | ---- | C] () -- C:\Users\Aupex\.gtk-bookmarks
[2010.03.11 21:48:19 | 000,000,093 | ---- | C] () -- C:\Users\Aupex\AppData\Local\fusioncache.dat
[2009.11.03 12:46:01 | 000,001,024 | ---- | C] () -- C:\Users\Aupex\.lmmsrc.xml
[2009.06.02 19:38:33 | 000,001,356 | ---- | C] () -- C:\Users\Aupex\AppData\Local\d3d9caps.dat
[2009.03.26 11:14:56 | 000,007,680 | ---- | C] () -- C:\Users\Aupex\20F112907.lbl
[2009.03.22 19:49:16 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.02.18 10:04:11 | 000,007,680 | ---- | C] () -- C:\Users\Aupex\99L099908.lbl
[2009.01.20 11:23:13 | 000,007,168 | ---- | C] () -- C:\Users\Aupex\bnn.lbl
[2009.01.13 07:11:04 | 000,000,000 | ---- | C] () -- C:\Users\Aupex\AppData\Roaming\wklnhst.dat
[2009.01.12 12:16:32 | 000,138,056 | ---- | C] () -- C:\Users\Aupex\AppData\Roaming\PnkBstrK.sys
[2009.01.09 20:43:44 | 000,136,704 | ---- | C] () -- C:\Users\Aupex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.01.06 15:31:21 | 000,005,525 | ---- | C] () -- C:\Users\Aupex\b
[2008.12.28 23:05:28 | 000,027,335 | ---- | C] () -- C:\Users\Aupex\AppData\Roaming\nvModes.001
[2008.12.28 23:02:44 | 000,027,335 | ---- | C] () -- C:\Users\Aupex\AppData\Roaming\nvModes.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.10.07 20:21:01 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Ableton
[2010.06.01 19:04:08 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Acronis
[2010.11.09 12:17:51 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Arduino
[2011.07.05 10:18:27 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\BitTorrent
[2009.01.06 21:23:08 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Blender Foundation
[2012.07.24 14:35:23 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Broad Intelligence
[2010.11.03 17:59:51 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\CadSoft
[2011.01.26 18:09:01 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\calibre
[2011.11.19 09:42:59 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Canneverbe Limited
[2012.11.10 17:32:40 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Canon
[2009.01.08 21:15:47 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\DAEMON Tools
[2012.01.22 10:14:45 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\DAEMON Tools Lite
[2009.01.08 21:15:47 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\DAEMON Tools Pro
[2011.10.30 11:55:57 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\DAZ 3D
[2010.12.12 20:42:48 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\DVD Profiler
[2012.04.08 18:06:50 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\DVDVideoSoft
[2011.02.16 15:22:51 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.08.01 16:57:57 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\DVRemoteDesktop
[2010.10.09 21:50:22 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\fdrtools.com
[2012.03.16 11:03:27 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\FileZilla
[2011.10.18 10:32:37 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Free Download Manager
[2010.08.27 18:06:03 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Fritzing
[2012.02.03 18:14:46 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\GrabPro
[2010.07.13 17:08:38 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\gtk-2.0
[2012.03.16 12:30:40 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\HandBrake
[2009.03.09 08:27:50 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\HDRsoft
[2012.10.17 19:21:23 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\hybrid
[2010.10.18 20:31:23 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\InfraRecorder
[2012.10.25 19:49:15 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\inkscape
[2009.10.21 19:38:52 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Leadertech
[2009.09.30 15:12:09 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Lexware
[2012.07.23 09:03:07 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\MAGIX
[2012.04.24 17:56:24 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\MixVibes
[2009.09.01 21:32:20 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Mp3tag
[2011.12.03 23:56:45 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Nik Software
[2011.05.04 16:17:39 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\No Company Name
[2010.10.06 22:22:49 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\NwDocx
[2010.08.31 21:16:33 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Oloneo
[2009.01.06 22:21:40 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\OpenOffice.org
[2009.12.14 22:18:10 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Picturenaut
[2009.03.03 11:40:36 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Planetside Software
[2012.01.16 15:42:33 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\proDAD
[2012.02.03 18:14:57 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\ProgSense
[2012.01.12 08:21:47 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Samsung
[2009.08.07 12:52:29 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\SlySoft
[2009.06.16 21:25:15 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\T-Online
[2011.01.12 15:19:49 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Template
[2009.01.19 16:09:16 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Thinstall
[2010.09.20 18:23:53 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Thunderbird
[2009.03.03 12:39:23 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\uk.co.planetside
[2009.01.19 16:11:39 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\uTorrent
[2011.01.11 17:06:41 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\VidCoder
[2009.06.08 11:56:58 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\VistaStumbler
[2012.09.06 12:33:39 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Wacom
[2012.09.06 12:36:00 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2011.02.15 21:18:45 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\Xilisoft
[2012.10.23 19:10:11 | 000,000,000 | ---D | M] -- C:\Users\Aupex\AppData\Roaming\XnView
 
========== Purity Check ==========
 
 

< End of report >

 

Themen zu Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr.
ad-aware, avp.exe, bho, bonjour, canon, converter, das angegebene modul wurde nicht gefunden, desktop, firefox, flash player, format, free download, gmer.log, google, home, hängt, inetcpl.cpl, kaspersky, mp3, nodrives, plug-in, realtek, registry, required, rundll, scan, secunia psi, security, senden, server, software, system, tablet, tastatur, vista, windows


« online-Police-trojaner | Rechner soll nach Trojanerbefall vollständig sauber werden »


Ähnliche Themen: Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr.


  1. Windows 7 Firefox,IE stürzt ab, Meldungen das Programme nicht funktionieren nach Verschlüsselungstrojaner
    Plagegeister aller Art und deren Bekämpfung - 31.08.2015 (30)
  2. Google/Firefox und weitere Programme funktionieren nach Durchlauf von Avira nicht
    Plagegeister aller Art und deren Bekämpfung - 30.03.2015 (17)
  3. Google Chrome und Firefox funktionieren nach Anwendung von Malwarebytes nicht mehr
    Log-Analyse und Auswertung - 03.09.2014 (12)
  4. Einige Treiber funktionieren nicht mehr nach Update von Windows 8.1
    Alles rund um Windows - 27.05.2014 (0)
  5. Die meisten Suchmaschinen funktionieren plötzlich nicht mehr in IE und Firefox, Win XP
    Log-Analyse und Auswertung - 10.12.2013 (13)
  6. nach Malware-Support funktionieren DVD-Laufwerk u.a. nicht mehr
    Alles rund um Windows - 31.03.2013 (10)
  7. Maus,Tastatur und Monitor funktionieren nach bestimmter Zeit nicht mehr
    Alles rund um Windows - 06.07.2012 (3)
  8. Alle Web-Browser funktionieren nicht mehr (Internet Explorer, Google Chrome etc.) auser Firefox
    Plagegeister aller Art und deren Bekämpfung - 08.11.2010 (1)
  9. avguard, spybot und firefox funktionieren nicht mehr
    Antiviren-, Firewall- und andere Schutzprogramme - 15.10.2010 (1)
  10. Firefox und IE funktionieren nicht mehr Win Vista
    Alles rund um Windows - 10.02.2010 (4)
  11. Firefox: Buttons + Addons funktionieren nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 06.09.2009 (3)
  12. USB Devices funktionieren nach Akkuabzug nicht mehr
    Alles rund um Windows - 12.12.2008 (0)
  13. Virusbefall. IE, Firefox und Thunderbird funktionieren nicht mehr ordnungsgemäß.
    Log-Analyse und Auswertung - 24.10.2008 (16)
  14. Nach heftigem Virusbefall, funktionieren Programme nicht mehr richtig. i-net/Pc lahmt
    Log-Analyse und Auswertung - 19.07.2008 (1)
  15. Nach ca. 5 funktionieren IE und Outlook Express nicht mehr
    Alles rund um Windows - 01.08.2007 (4)
  16. Maus und Tastatur funktionieren nach einiger Zeit nicht mehr
    Alles rund um Windows - 11.02.2007 (2)
  17. Mozilla Thunderbird und Firefox funktionieren nicht mehr - Softwarefehler oder Virus?
    Plagegeister aller Art und deren Bekämpfung - 01.03.2005 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr. - Hallo, Vorgestern hat mein Kaspersky mir einen Fund gemeldet. Um genau zu sein hat während dem Surfen auf Facebook Kaspersky einen unbekannten Fund gemeldet und danach mit einem Scan angefangen. - Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr....
Archiv
Du betrachtest: Firefox und IE funktionieren nach Kaspersky-Funden nicht mehr. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131