Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows blockade durch Deutschlandflaggenvirus!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.03.2012, 20:41   #1
klobrille
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



Hallo,
es geht um folgendes. Mein Pc funktioniert nicht mehr und zwar geht bei jedem Windows Start die Funktionsfähigkeit des Pcs verloren. Ein schwarzer Bildschirm erscheint und mir wird mitgeteilt, dass mein Windows blockiert aufgrund von besuchen auf Pornografischen Seiten etc...
Nun hab ich mich schon ein bischen eingelesen, hab mir OTL von Oldtimer runtergeladen und es durch laufen lassen.
Aber ich bekomme nur die OTL.txt datei rausgespuckt aber es wird immer noch von einer zweiten Textdatei gesprochen wo find ich die?

Hier ist die OTL.txt Datei:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 30.03.2012 21:18:11 - Run 2
OTL by OldTimer - Version 3.2.39.2     Folder = C:\Users\D&A\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 5,27 Gb Available Physical Memory | 87,93% Memory free
12,11 Gb Paging File | 11,58 Gb Available in Paging File | 95,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 916,86 Gb Total Space | 861,94 Gb Free Space | 94,01% Space Free | Partition Type: NTFS
 
Computer Name: D-PC | User Name: D&A | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\D&A\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Lavasoft\Ad-Aware\AWSC.exe ()
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (GenericHidService) -- C:\Windows\SysNative\HidService.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft Limited)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (GenericHidService) -- C:\Windows\SysWow64\HidService.exe (Packard Bell Services)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
SRV - (AdobeActiveFileMonitor6.0) -- C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe ()
SRV - (PLFlash DeviceIoControl Service) -- C:\Windows\SysWOW64\IoctlSvc.exe (Prolific Technology Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\DRIVERS\avipbb.sys ()
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\DRIVERS\avgntflt.sys ()
DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys ()
DRV:64bit: - (Lbd) -- C:\Windows\SysNative\DRIVERS\Lbd.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys ()
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys ()
DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\DRIVERS\ss_bmdm.sys ()
DRV:64bit: - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\SysNative\DRIVERS\ss_bbus.sys ()
DRV:64bit: - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\SysNative\DRIVERS\ss_bmdfl.sys ()
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys ()
DRV:64bit: - (nvamacpi) -- C:\Windows\SysNative\DRIVERS\NVAMACPI.sys ()
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys ()
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys ()
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys ()
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=1&o=vp64&d=0710&m=imedia_x6605_ge
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=1&o=vp64&d=0710&m=imedia_x6605_ge
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=1&o=vp64&d=0710&m=imedia_x6605_ge
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=1&o=vp64&d=0710&m=imedia_x6605_ge
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=1&o=vp64&d=0710&m=imedia_x6605_ge
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {26647ca4-a2a7-4eac-8a72-761aa9141de7} - No CLSID value found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\Plasmoo: "URL" = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Plasmoo"
FF - prefs.js..browser.search.defaultthis.engineName: "www.Freeware-download.com Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "www.Freeware-download.com Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2325506&SearchSource=13"
FF - prefs.js..keyword.URL: "hxxp://plasmoo.com/index.htm?SearchMashine=true&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.21 22:09:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.28\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.21 22:09:06 | 000,000,000 | ---D | M]
 
[2010.07.19 12:18:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\D&A\AppData\Roaming\mozilla\Extensions
[2012.03.23 00:01:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions
[2010.07.21 15:00:53 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.12.02 22:21:53 | 000,000,000 | ---D | M] (www.Freeware-download.com Community Toolbar) -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions\{26647ca4-a2a7-4eac-8a72-761aa9141de7}
[2010.10.21 22:03:42 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.05.03 22:37:18 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.12.02 22:21:52 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions\engine@conduit.com
[2011.05.03 22:37:32 | 000,000,000 | ---D | M] (Plasmoo Search Engine) -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions\engine@plasmoo.com
[2012.03.08 23:42:56 | 000,000,000 | ---D | M] ("Facebook: Rosa Themen-Plugin") -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions\pink@rosa-plugin.info
[2012.03.08 23:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions\pink@rosa-plugin.info\resources\jrd0-g48yojdcu5i9a8n0j2se5vmy76e-at-jetpack-pink-theme-extension-data
[2012.03.08 23:42:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\D&A\AppData\Roaming\mozilla\Firefox\Profiles\u1fye323.default\extensions\pink@rosa-plugin.info\resources\jrd0-g48yojdcu5i9a8n0j2se5vmy76e-at-jetpack-pink-theme-extension-lib
[2010.10.24 22:56:34 | 000,000,953 | ---- | M] () -- C:\Users\D&A\AppData\Roaming\Mozilla\Firefox\Profiles\u1fye323.default\searchplugins\conduit.xml
[2012.03.29 21:29:31 | 000,001,056 | ---- | M] () -- C:\Users\D&A\AppData\Roaming\Mozilla\Firefox\Profiles\u1fye323.default\searchplugins\icqplugin.xml
[2011.04.28 19:42:58 | 000,001,975 | ---- | M] () -- C:\Users\D&A\AppData\Roaming\Mozilla\Firefox\Profiles\u1fye323.default\searchplugins\plasmoo.xml
[2012.03.21 23:49:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.03.16 15:37:24 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.07.21 15:42:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.05 19:26:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.11 00:56:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.11 00:56:00 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.11 00:56:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.11 00:56:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.11 00:56:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: YouTube = C:\Users\D&A\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\D&A\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Google Mail = C:\Users\D&A\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O4:64bit: - HKLM..\Run: [FijiKeyboard] c:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe (Packard Bell BV)
O4:64bit: - HKLM..\Run: [FujiKeyboard] c:\Acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe File not found
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [SmpcSys] C:\Programme\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [SkypePM] C:\Users\D&A\AppData\Local\Skype\SkypePM.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SmpcSys] C:\Programme\PACKARD BELL\SetUpMyPC\SmpSys.exe (Packard Bell BV)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10zb_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\D&A\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\D&A\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\nvLsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\nvLsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\nvLsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\nvLsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\nvLsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\nvLsp64.dll ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Windows\SysNative\nvLsp64.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\SysWOW64\nvLsp.dll (NVIDIA)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AAAB52CD-FBEE-4103-81F0-F7452C80D2EC}: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\ezShellStart.exe) - C:\Windows\SysWOW64\ezShellStart.exe (EasyBits Software AS)
O24 - Desktop WallPaper: C:\Users\D&A\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\D&A\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.3
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)
 
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.03.22 19:40:49 | 000,000,000 | ---D | C] -- C:\Users\D&A\Desktop\an der ruhr
[2012.03.16 15:37:18 | 000,000,000 | ---D | C] -- C:\Users\D&A\AppData\Roaming\Skype
[2012.03.16 15:37:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.03.16 15:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.03.16 15:37:06 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.03.16 15:37:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.03.15 19:43:39 | 000,000,000 | ---D | C] -- C:\Users\D&A\Desktop\Originals
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.03.30 21:16:12 | 001,445,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.30 21:16:12 | 000,627,756 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.30 21:16:12 | 000,595,386 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.30 21:16:12 | 000,125,870 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.30 21:16:12 | 000,103,460 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.03.30 21:11:58 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.03.30 21:11:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.30 21:08:00 | 000,116,297 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.03.30 21:07:59 | 000,116,297 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.03.30 21:06:58 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.30 21:06:43 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.30 21:06:43 | 000,004,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.23 20:06:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.23 13:06:55 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.03.22 23:52:22 | 000,000,892 | ---- | M] () -- C:\Users\D&A\Documents\unterschiede.rtf
[2012.03.22 22:52:40 | 000,002,331 | ---- | M] () -- C:\Users\D&A\Documents\mobbertypen.rtf
[2012.03.22 21:00:26 | 000,000,602 | ---- | M] () -- C:\Users\D&A\AppData\Roaming\wklnhst.dat
[2012.03.22 19:51:29 | 000,026,184 | ---- | M] () -- C:\Users\D&A\Desktop\22032012924.jpg
[2012.03.22 15:32:50 | 000,022,746 | ---- | M] () -- C:\Users\D&A\Desktop\22032012925.jpg
[2012.03.22 15:32:12 | 000,028,885 | ---- | M] () -- C:\Users\D&A\Desktop\22032012923.jpg
[2012.03.22 15:32:00 | 000,028,791 | ---- | M] () -- C:\Users\D&A\Desktop\22032012922.jpg
[2012.03.22 15:31:48 | 000,020,981 | ---- | M] () -- C:\Users\D&A\Desktop\22032012921.jpg
[2012.03.22 15:26:58 | 000,025,714 | ---- | M] () -- C:\Users\D&A\Desktop\22032012919.jpg
[2012.03.22 15:26:48 | 000,028,004 | ---- | M] () -- C:\Users\D&A\Desktop\22032012918.jpg
[2012.03.22 15:21:24 | 000,021,032 | ---- | M] () -- C:\Users\D&A\Desktop\22032012917.jpg
[2012.03.22 15:19:32 | 000,029,227 | ---- | M] () -- C:\Users\D&A\Desktop\22032012915.jpg
[2012.03.22 15:19:22 | 000,030,867 | ---- | M] () -- C:\Users\D&A\Desktop\22032012914.jpg
[2012.03.22 15:19:08 | 000,019,502 | ---- | M] () -- C:\Users\D&A\Desktop\22032012913.jpg
[2012.03.22 15:18:54 | 000,019,382 | ---- | M] () -- C:\Users\D&A\Desktop\22032012912.jpg
[2012.03.22 15:18:28 | 000,025,586 | ---- | M] () -- C:\Users\D&A\Desktop\22032012911.jpg
[2012.03.22 15:16:16 | 000,019,533 | ---- | M] () -- C:\Users\D&A\Desktop\22032012910.jpg
[2012.03.22 15:15:32 | 000,024,758 | ---- | M] () -- C:\Users\D&A\Desktop\22032012908.jpg
[2012.03.22 15:14:06 | 001,323,497 | ---- | M] () -- C:\Users\D&A\Desktop\22032012907.jpg
[2012.03.22 15:13:44 | 001,120,985 | ---- | M] () -- C:\Users\D&A\Desktop\22032012906.jpg
[2012.03.22 15:13:28 | 000,724,524 | ---- | M] () -- C:\Users\D&A\Desktop\22032012905.jpg
[2012.03.22 15:09:54 | 000,023,333 | ---- | M] () -- C:\Users\D&A\Desktop\22032012904.jpg
[2012.03.22 15:09:36 | 000,024,951 | ---- | M] () -- C:\Users\D&A\Desktop\22032012903.jpg
[2012.03.22 15:06:48 | 000,019,570 | ---- | M] () -- C:\Users\D&A\Desktop\22032012902.jpg
[2012.03.21 16:21:34 | 000,024,575 | ---- | M] () -- C:\Users\D&A\Desktop\21032012893.jpg
[2012.03.21 16:05:26 | 000,019,364 | ---- | M] () -- C:\Users\D&A\Desktop\21032012891.jpg
[2012.03.21 16:05:12 | 000,018,626 | ---- | M] () -- C:\Users\D&A\Desktop\21032012890.jpg
[2012.03.21 16:05:06 | 000,019,522 | ---- | M] () -- C:\Users\D&A\Desktop\21032012889.jpg
[2012.03.21 16:04:58 | 000,017,529 | ---- | M] () -- C:\Users\D&A\Desktop\21032012888.jpg
[2012.03.21 16:04:42 | 000,017,248 | ---- | M] () -- C:\Users\D&A\Desktop\21032012887.jpg
[2012.03.21 16:04:28 | 000,015,890 | ---- | M] () -- C:\Users\D&A\Desktop\21032012886.jpg
[2012.03.21 16:04:02 | 000,015,346 | ---- | M] () -- C:\Users\D&A\Desktop\21032012885.jpg
[2012.03.21 16:03:54 | 000,019,062 | ---- | M] () -- C:\Users\D&A\Desktop\21032012884.jpg
[2012.03.21 09:35:35 | 000,000,064 | ---- | M] () -- C:\Windows\SysWow64\rp_stats.dat
[2012.03.21 09:35:35 | 000,000,044 | ---- | M] () -- C:\Windows\SysWow64\rp_rules.dat
[2012.03.20 22:59:14 | 000,183,296 | -H-- | M] () -- C:\Users\D&A\Desktop\photothumb.db
[2012.03.20 19:36:46 | 000,001,000 | ---- | M] () -- C:\Users\D&A\Documents\base kündigung.rtf
[2012.03.20 11:14:22 | 000,028,003 | ---- | M] () -- C:\Users\D&A\Desktop\20032012880.jpg
[2012.03.20 11:14:08 | 000,023,165 | ---- | M] () -- C:\Users\D&A\Desktop\20032012879.jpg
[2012.03.20 11:13:16 | 000,028,699 | ---- | M] () -- C:\Users\D&A\Desktop\20032012877.jpg
[2012.03.20 11:12:24 | 000,030,400 | ---- | M] () -- C:\Users\D&A\Desktop\20032012876.jpg
[2012.03.20 11:12:04 | 000,027,725 | ---- | M] () -- C:\Users\D&A\Desktop\20032012875.jpg
[2012.03.20 11:11:42 | 000,028,283 | ---- | M] () -- C:\Users\D&A\Desktop\20032012874.jpg
[2012.03.20 11:11:22 | 000,028,084 | ---- | M] () -- C:\Users\D&A\Desktop\20032012873.jpg
[2012.03.20 11:10:54 | 000,025,920 | ---- | M] () -- C:\Users\D&A\Desktop\20032012871.jpg
[2012.03.20 11:10:26 | 000,025,567 | ---- | M] () -- C:\Users\D&A\Desktop\20032012870.jpg
[2012.03.20 11:10:12 | 000,025,585 | ---- | M] () -- C:\Users\D&A\Desktop\20032012869.jpg
[2012.03.16 15:37:07 | 000,001,892 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.03.15 19:43:40 | 001,325,754 | ---- | M] () -- C:\Users\D&A\Desktop\15032012849.jpg
[2012.03.15 17:50:28 | 001,439,530 | ---- | M] () -- C:\Users\D&A\Desktop\15032012855.jpg
[2012.03.15 17:49:04 | 001,408,884 | ---- | M] () -- C:\Users\D&A\Desktop\15032012853.jpg
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.03.30 21:11:58 | 000,000,408 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012.03.22 23:52:22 | 000,000,892 | ---- | C] () -- C:\Users\D&A\Documents\unterschiede.rtf
[2012.03.22 22:52:40 | 000,002,331 | ---- | C] () -- C:\Users\D&A\Documents\mobbertypen.rtf
[2012.03.22 19:51:29 | 000,026,184 | ---- | C] () -- C:\Users\D&A\Desktop\22032012924.jpg
[2012.03.22 19:42:28 | 000,022,746 | ---- | C] () -- C:\Users\D&A\Desktop\22032012925.jpg
[2012.03.22 19:42:27 | 000,028,885 | ---- | C] () -- C:\Users\D&A\Desktop\22032012923.jpg
[2012.03.22 19:42:27 | 000,028,791 | ---- | C] () -- C:\Users\D&A\Desktop\22032012922.jpg
[2012.03.22 19:42:27 | 000,025,714 | ---- | C] () -- C:\Users\D&A\Desktop\22032012919.jpg
[2012.03.22 19:42:27 | 000,020,981 | ---- | C] () -- C:\Users\D&A\Desktop\22032012921.jpg
[2012.03.22 19:42:26 | 000,030,867 | ---- | C] () -- C:\Users\D&A\Desktop\22032012914.jpg
[2012.03.22 19:42:26 | 000,029,227 | ---- | C] () -- C:\Users\D&A\Desktop\22032012915.jpg
[2012.03.22 19:42:26 | 000,028,004 | ---- | C] () -- C:\Users\D&A\Desktop\22032012918.jpg
[2012.03.22 19:42:26 | 000,021,032 | ---- | C] () -- C:\Users\D&A\Desktop\22032012917.jpg
[2012.03.22 19:42:26 | 000,019,502 | ---- | C] () -- C:\Users\D&A\Desktop\22032012913.jpg
[2012.03.22 19:42:25 | 000,025,586 | ---- | C] () -- C:\Users\D&A\Desktop\22032012911.jpg
[2012.03.22 19:42:25 | 000,024,758 | ---- | C] () -- C:\Users\D&A\Desktop\22032012908.jpg
[2012.03.22 19:42:25 | 000,019,533 | ---- | C] () -- C:\Users\D&A\Desktop\22032012910.jpg
[2012.03.22 19:42:25 | 000,019,382 | ---- | C] () -- C:\Users\D&A\Desktop\22032012912.jpg
[2012.03.22 19:42:24 | 001,323,497 | ---- | C] () -- C:\Users\D&A\Desktop\22032012907.jpg
[2012.03.22 19:42:24 | 001,120,985 | ---- | C] () -- C:\Users\D&A\Desktop\22032012906.jpg
[2012.03.22 19:42:24 | 000,724,524 | ---- | C] () -- C:\Users\D&A\Desktop\22032012905.jpg
[2012.03.22 19:42:23 | 000,024,951 | ---- | C] () -- C:\Users\D&A\Desktop\22032012903.jpg
[2012.03.22 19:42:23 | 000,023,333 | ---- | C] () -- C:\Users\D&A\Desktop\22032012904.jpg
[2012.03.22 19:42:23 | 000,019,570 | ---- | C] () -- C:\Users\D&A\Desktop\22032012902.jpg
[2012.03.21 17:41:56 | 000,017,529 | ---- | C] () -- C:\Users\D&A\Desktop\21032012888.jpg
[2012.03.21 17:41:55 | 000,019,522 | ---- | C] () -- C:\Users\D&A\Desktop\21032012889.jpg
[2012.03.21 17:41:55 | 000,019,364 | ---- | C] () -- C:\Users\D&A\Desktop\21032012891.jpg
[2012.03.21 17:41:55 | 000,018,626 | ---- | C] () -- C:\Users\D&A\Desktop\21032012890.jpg
[2012.03.21 17:41:54 | 000,024,575 | ---- | C] () -- C:\Users\D&A\Desktop\21032012893.jpg
[2012.03.21 17:41:54 | 000,019,062 | ---- | C] () -- C:\Users\D&A\Desktop\21032012884.jpg
[2012.03.21 17:41:54 | 000,017,248 | ---- | C] () -- C:\Users\D&A\Desktop\21032012887.jpg
[2012.03.21 17:41:54 | 000,015,890 | ---- | C] () -- C:\Users\D&A\Desktop\21032012886.jpg
[2012.03.21 17:41:54 | 000,015,346 | ---- | C] () -- C:\Users\D&A\Desktop\21032012885.jpg
[2012.03.20 19:40:08 | 000,028,084 | ---- | C] () -- C:\Users\D&A\Desktop\20032012873.jpg
[2012.03.20 19:40:08 | 000,025,920 | ---- | C] () -- C:\Users\D&A\Desktop\20032012871.jpg
[2012.03.20 19:40:08 | 000,025,585 | ---- | C] () -- C:\Users\D&A\Desktop\20032012869.jpg
[2012.03.20 19:40:08 | 000,025,567 | ---- | C] () -- C:\Users\D&A\Desktop\20032012870.jpg
[2012.03.20 19:40:07 | 000,030,400 | ---- | C] () -- C:\Users\D&A\Desktop\20032012876.jpg
[2012.03.20 19:40:07 | 000,028,699 | ---- | C] () -- C:\Users\D&A\Desktop\20032012877.jpg
[2012.03.20 19:40:07 | 000,028,283 | ---- | C] () -- C:\Users\D&A\Desktop\20032012874.jpg
[2012.03.20 19:40:07 | 000,028,003 | ---- | C] () -- C:\Users\D&A\Desktop\20032012880.jpg
[2012.03.20 19:40:07 | 000,027,725 | ---- | C] () -- C:\Users\D&A\Desktop\20032012875.jpg
[2012.03.20 19:40:07 | 000,023,165 | ---- | C] () -- C:\Users\D&A\Desktop\20032012879.jpg
[2012.03.16 15:37:07 | 000,001,892 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.03.15 19:25:12 | 001,325,754 | ---- | C] () -- C:\Users\D&A\Desktop\15032012849.jpg
[2012.03.15 19:17:38 | 001,439,530 | ---- | C] () -- C:\Users\D&A\Desktop\15032012855.jpg
[2012.03.15 19:17:37 | 001,408,884 | ---- | C] () -- C:\Users\D&A\Desktop\15032012853.jpg
[2012.01.23 22:46:04 | 000,000,602 | ---- | C] () -- C:\Users\D&A\AppData\Roaming\wklnhst.dat
[2011.08.02 14:26:09 | 000,000,064 | ---- | C] () -- C:\Windows\SysWow64\rp_stats.dat
[2011.08.02 14:26:09 | 000,000,044 | ---- | C] () -- C:\Windows\SysWow64\rp_rules.dat
[2010.12.02 22:55:43 | 000,005,632 | ---- | C] () -- C:\Users\D&A\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.02 22:55:43 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.12.02 22:44:31 | 000,005,002 | ---- | C] () -- C:\ProgramData\amjmwaey.gaf
[2010.12.02 22:28:46 | 000,000,067 | ---- | C] () -- C:\Windows\My Video Converter.INI
[2010.10.16 14:06:38 | 000,000,552 | ---- | C] () -- C:\Users\D&A\AppData\Local\d3d8caps.dat
[2010.10.16 13:43:54 | 000,164,303 | ---- | C] () -- C:\Windows\hpoins19.dat
[2010.10.16 13:43:36 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010.09.03 11:36:12 | 000,000,680 | ---- | C] () -- C:\Users\D&A\AppData\Local\d3d9caps.dat
[2010.07.19 23:28:25 | 000,116,297 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.07.19 23:28:22 | 000,116,297 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.07.19 15:43:23 | 000,103,736 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.07.19 15:43:19 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.07.19 12:59:55 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.07.19 12:59:47 | 000,008,452 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010.07.19 12:18:23 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.07.19 12:14:26 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
 
========== LOP Check ==========
 
[2011.08.04 17:10:14 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\DVDVideoSoft
[2011.05.03 22:37:18 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.12.02 22:28:48 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\GetRightToGo
[2011.11.21 14:29:20 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\ICQ
[2010.12.06 19:00:27 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\Image Zone Express
[2010.12.02 16:48:35 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\PC Suite
[2012.01.12 14:51:57 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\PhotoScape
[2010.12.06 19:00:27 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\Printer Info Cache
[2010.12.02 16:43:29 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\Samsung
[2010.10.21 16:42:45 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\SharePod
[2012.01.23 22:46:07 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\Template
[2010.07.30 23:07:31 | 000,000,000 | ---D | M] -- C:\Users\D&A\AppData\Roaming\TS3Client
[2012.03.30 21:11:58 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012.03.30 08:03:34 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2010.07.19 13:01:01 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.07.19 12:15:46 | 000,000,000 | -H-D | M] -- C:\ACER
[2009.01.22 17:09:10 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.03.16 15:37:27 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2006.11.02 17:42:17 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.07.19 12:55:45 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.12.05 17:52:17 | 000,000,000 | -HSD | M] -- C:\found.000
[2011.10.06 20:53:01 | 000,000,000 | -HSD | M] -- C:\found.001
[2010.12.02 22:54:29 | 000,000,000 | ---D | M] -- C:\Movavi files
[2009.01.22 09:37:37 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2010.07.19 23:22:46 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2008.01.21 05:04:13 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.11.21 14:46:55 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.03.16 15:37:06 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.03.16 15:37:04 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.07.19 12:55:45 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.03.23 07:28:43 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010.12.02 22:21:55 | 000,000,000 | R--D | M] -- C:\Users
[2011.11.21 14:37:17 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] () MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.01.21 04:46:50 | 000,022,584 | ---- | M] () MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\SysNative\drivers\atapi.sys
[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] () MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\SysWOW64\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008.10.29 08:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009.04.11 09:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008.10.28 04:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008.10.29 08:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\explorer.exe
[2008.10.29 08:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008.10.30 07:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008.01.21 04:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008.01.21 04:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:46:59 | 000,290,872 | ---- | M] () MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.01.21 04:51:03 | 000,716,800 | ---- | M] () MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\SysNative\netlogon.dll
[2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SysWOW64\netlogon.dll
[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2008.01.21 04:46:54 | 000,054,328 | ---- | M] () MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys
[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SysWOW64\scecli.dll
[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 04:49:49 | 000,235,520 | ---- | M] () MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\SysNative\scecli.dll
[2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:48:29 | 000,820,224 | ---- | M] () MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\SysNative\user32.dll
[2008.01.21 04:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\SysWOW64\user32.dll
[2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=F3F5549E69AE8509342E67E4F972CA1C -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 04:49:46 | 000,028,160 | ---- | M] () MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 04:49:47 | 000,406,016 | ---- | M] () MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\SysNative\winlogon.exe
[2008.01.21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\61da130e21aad3387c2fa3ca1d469de3\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SysWOW64\winlogon.exe
[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:49:42 | 000,020,992 | ---- | M] () MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2010.12.08 00:41:20 | 005,079,168 | ---- | M] () -- C:\Users\D&A\!FULL! _HQ_ Kay One - Bitte vergiss mich nicht (feat. Philippe Heithier) CD QUALITÄT!.mp3
[2010.07.19 12:14:15 | 000,001,024 | ---- | M] () -- C:\Users\D&A\.rnd
[2010.11.21 16:22:59 | 005,245,056 | ---- | M] () -- C:\Users\D&A\4 THE CAUSE - Stand By Me.mp3
[2010.10.26 13:54:24 | 004,919,424 | ---- | M] () -- C:\Users\D&A\A.R. Rahman Und The Pussycat Dolls - Jai Ho (You Are My Destiny)- Ysp.mp3
[2010.11.17 00:08:39 | 006,160,512 | ---- | M] () -- C:\Users\D&A\Aaliyah ft. Toni Braxton-'He Wasent Man Enough For Me'(NO COPYRIGHT INTENDED).mp3
[2010.11.17 00:41:42 | 002,717,824 | ---- | M] () -- C:\Users\D&A\Addicted To You - Vaibhav (NEW RnB 2010).mp3
[2010.12.17 01:59:15 | 003,215,488 | ---- | M] () -- C:\Users\D&A\Akon - Angel.mp3
[2011.01.28 00:06:14 | 005,451,904 | ---- | M] () -- C:\Users\D&A\AKoN - BoDY BoUNCe ( 2011 NeW SoNG ).mp3
[2011.01.29 20:51:49 | 005,603,456 | ---- | M] () -- C:\Users\D&A\Akon ft. Tay Dizm - Dream Girl [OFFICIAL VIDEO].mp3
[2011.02.18 23:30:38 | 000,002,089 | -HS- | M] () -- C:\Users\D&A\AlbumArtSmall.jpg
[2010.12.07 00:08:10 | 003,729,536 | ---- | M] () -- C:\Users\D&A\Alicia Keys - Doesn't Mean Anything.mp3
[2010.12.07 00:13:52 | 004,958,336 | ---- | M] () -- C:\Users\D&A\Alicia Keys Empire State Of Mind Part II.mp3
[2010.11.17 00:44:56 | 004,173,952 | ---- | M] () -- C:\Users\D&A\All My Love - Stevie Hoang.mp3
[2010.10.26 14:05:04 | 004,673,664 | ---- | M] () -- C:\Users\D&A\Ambitious - Gibt Es Dich (Frauenantwort).mp3
[2010.12.16 00:07:18 | 005,677,184 | ---- | M] () -- C:\Users\D&A\Amr Diab - Osad Einy (New RnB 2010 ; Arab Music).mp3
[2010.12.15 23:56:31 | 005,468,288 | ---- | M] () -- C:\Users\D&A\Arabic RnB.mp3
[2010.11.17 00:11:43 | 003,487,872 | ---- | M] () -- C:\Users\D&A\Aventura_ Obsesion.mp3
[2010.11.17 01:01:37 | 003,948,672 | ---- | M] () -- C:\Users\D&A\Babysteps - Varsity.mp3
[2010.12.15 21:21:08 | 003,293,312 | ---- | M] () -- C:\Users\D&A\Band Aid - Do They Know its Christmas 1984.mp3
[2010.12.08 23:39:50 | 003,932,288 | ---- | M] () -- C:\Users\D&A\Beyonce - Crazy in Love (feat. Jay-Z).mp3
[2010.11.04 23:49:11 | 005,406,848 | ---- | M] () -- C:\Users\D&A\Beyonce-Why don't you love me.mp3
[2011.01.26 11:12:23 | 004,581,504 | ---- | M] () -- C:\Users\D&A\Brandy & Monica vs Dru Hill (So So Def) - The Boy Is Mine (DJ Syxx Remix).mp3
[2010.11.17 00:58:36 | 003,033,216 | ---- | M] () -- C:\Users\D&A\Breez. E - Tired Of Being The One [with Lyrics].mp3
[2010.12.17 01:56:25 | 004,923,520 | ---- | M] () -- C:\Users\D&A\Brian McKnight- used to be my girl.mp3
[2011.01.27 19:38:09 | 004,329,600 | ---- | M] () -- C:\Users\D&A\Bruno Mars - Grenade [Official Music Video].mp3
[2010.11.13 23:35:49 | 003,655,808 | ---- | M] () -- C:\Users\D&A\Bruno Mars-Just The Way You Are With Lyrics.mp3
[2010.11.21 16:18:17 | 004,812,928 | ---- | M] () -- C:\Users\D&A\Casely - Sweat (Feat. Lil Jon & Machel Montano) NEW 2010.mp3
[2010.12.07 22:17:31 | 003,625,088 | ---- | M] () -- C:\Users\D&A\Cassidy - Hotel (feat. R. Kelly) [LYRICS].mp3
[2010.12.07 23:59:41 | 004,939,904 | ---- | M] () -- C:\Users\D&A\Cassie - Must Be Love Official Remix Feat Busta Rhymes. Day26 & Redcafe.mp3
[2010.11.02 15:59:44 | 004,102,272 | ---- | M] () -- C:\Users\D&A\Cheryl Cole - Fight For This Love (Official Video).mp3
[2011.03.16 21:31:14 | 002,691,200 | ---- | M] () -- C:\Users\D&A\Chris Brown - Yeah 3x.mp3
[2011.01.27 23:49:40 | 005,134,464 | ---- | M] () -- C:\Users\D&A\chris brown- up in the sky- NEW SONG FOR 2011 ONLY PROMO (with Lyrics).mp3
[2010.12.07 23:03:34 | 004,352,128 | ---- | M] () -- C:\Users\D&A\Christina Aguilera & Ricky Martin - Nobody Wants To Be Lonely (Live @ Top Of The Pops).mp3
[2010.12.06 22:48:18 | 003,750,016 | ---- | M] () -- C:\Users\D&A\Christina Aguilera - Candyman [HQ].mp3
[2010.12.09 00:02:44 | 003,946,624 | ---- | M] () -- C:\Users\D&A\Christina Aguilera - Genie In A Bottle (Remix).mp3
[2010.12.06 22:13:04 | 004,900,992 | ---- | M] () -- C:\Users\D&A\Christina Aguilera Fighter HD English Lyrics + Subtitulado.mp3
[2010.12.02 21:37:06 | 004,831,360 | ---- | M] () -- C:\Users\D&A\Christina Aguilera ft Missy Elliot - Car Wash [1080pHD].mp3
[2010.12.06 22:43:48 | 004,114,560 | ---- | M] () -- C:\Users\D&A\Christina Aguilera You Lost Me HD English Lyrics + Subtitulado.mp3
[2010.12.09 18:12:22 | 005,247,104 | ---- | M] () -- C:\Users\D&A\Christina Aguilera. Dirrty live HQ.mp3
[2010.11.04 23:57:34 | 005,081,216 | ---- | M] () -- C:\Users\D&A\christina milian - get away.mp3
[2010.11.17 00:52:35 | 003,833,984 | ---- | M] () -- C:\Users\D&A\Christopher Finnesse - Sympathy.mp3
[2011.02.14 00:25:24 | 003,475,584 | ---- | M] () -- C:\Users\D&A\Cindy Sanyu ft. P Square - You & Me.mp3
[2011.02.15 00:02:32 | 002,859,136 | ---- | M] () -- C:\Users\D&A\ClaKing - Alles für mich feat. MC Amino & Grebush.mp3
[2011.02.15 00:09:10 | 002,902,144 | ---- | M] () -- C:\Users\D&A\ClaKing - In dich verliebt.mp3
[2011.02.15 00:04:13 | 002,656,384 | ---- | M] () -- C:\Users\D&A\ClaKing - Zweite Chance.mp3
[2010.11.17 00:56:00 | 003,606,656 | ---- | M] () -- C:\Users\D&A\Claude Kelly - Forever (with Lyrics).mp3
[2010.11.14 23:17:40 | 003,833,984 | ---- | M] () -- C:\Users\D&A\Cuban Link - My Lady.mp3
[2010.11.11 19:17:59 | 003,811,456 | ---- | M] () -- C:\Users\D&A\Culcha Candela - Monsta (Best Quality).mp3
[2010.12.09 23:51:57 | 003,659,904 | ---- | M] () -- C:\Users\D&A\Daddy Yankee. Jowell y Randy Bailando Fue ORIGINAL 2009 (Www.FlowSinControl.Com).mp3
[2010.10.21 22:26:40 | 003,889,280 | ---- | M] () -- C:\Users\D&A\Dj Memo vs.Sexy Cherry-Orient Raggea(Remix)[www.MUSIC-SOUNDZ.com].mp3
[2010.10.21 23:02:41 | 003,489,920 | ---- | M] () -- C:\Users\D&A\Drake - Find Your Love (Lyrics).mp3
[2011.02.13 00:39:51 | 002,711,680 | ---- | M] () -- C:\Users\D&A\Du kannst Mich nicht einfach so zurück lassen....mp3
[2010.11.11 19:38:47 | 004,139,136 | ---- | M] () -- C:\Users\D&A\Edward Maya - Stereo Love.mp3
[2010.10.21 23:17:02 | 005,005,440 | ---- | M] () -- C:\Users\D&A\Enrique Iglesias - I Like It ( ft. Pitbull ) + [LYRICS ON SCREEN] - HQ_HD.mp3
[2010.12.01 23:56:05 | 003,059,840 | ---- | M] () -- C:\Users\D&A\Es ist aus - Gib mir mein Herz zurück.mp3
[2010.11.14 23:32:23 | 004,092,032 | ---- | M] () -- C:\Users\D&A\Eseno - Why Oh Why.mp3
[2010.11.05 00:01:12 | 004,042,880 | ---- | M] () -- C:\Users\D&A\Fabolous feat  Tamia   So Into You (HD).mp3
[2010.11.02 20:09:16 | 004,821,120 | ---- | M] () -- C:\Users\D&A\Far East Movement - Like a G6.mp3
[2010.12.06 01:04:27 | 003,750,016 | ---- | M] () -- C:\Users\D&A\FARD - DU WiLLST FORT  ' ALTER EGO '.mp3
[2010.11.04 23:52:54 | 005,197,952 | ---- | M] () -- C:\Users\D&A\Fat Joe ft. Ashanti - Whats Luv (Official music video).mp3
[2011.03.13 15:34:31 | 004,114,560 | ---- | M] () -- C:\Users\D&A\Flo Rida - Turn Around 5.4.3.2.1.mp3
[2011.02.18 23:30:38 | 000,008,904 | -HS- | M] () -- C:\Users\D&A\Folder.jpg
[2011.02.15 00:26:49 | 004,309,120 | ---- | M] () -- C:\Users\D&A\Forever-J-lie feat LaRon.mp3
[2010.12.14 18:41:31 | 004,903,040 | ---- | M] () -- C:\Users\D&A\Ginuwine's 'Last Chance' - HipHollywood.com.mp3
[2011.02.13 00:37:12 | 005,795,968 | ---- | M] () -- C:\Users\D&A\Glashaus - Wenn das Liebe ist (Lyric).mp3
[2010.10.22 20:40:45 | 004,135,040 | ---- | M] () -- C:\Users\D&A\Gloria Estefan - Conga (John Revox 2010 Radio Mix).mp3
[2010.12.01 23:10:31 | 004,173,952 | ---- | M] () -- C:\Users\D&A\Goodfellaz Delil & Jiyan feat  Erdal & Berivan - Yaramin.mp3
[2010.10.24 19:12:35 | 004,190,336 | ---- | M] () -- C:\Users\D&A\Honorebel ft Pitbull & Jump Smokers - Now You See It [Off Video HD].mp3
[2011.03.10 07:27:27 | 003,647,616 | ---- | M] () -- C:\Users\D&A\HURTS - Stay (Kokowääh Soundtrack).mp3
[2010.11.17 00:33:55 | 003,604,608 | ---- | M] () -- C:\Users\D&A\I Got Time - Bobby Tinsley __ Old But Gold.mp3
[2010.11.14 18:49:20 | 005,093,504 | ---- | M] () -- C:\Users\D&A\I Swear - All 4 One.mp3
[2010.10.21 22:34:24 | 004,190,336 | ---- | M] () -- C:\Users\D&A\Inner Circle - Sweat (A La La La Long) [Reggae1008].mp3
[2011.02.15 00:31:35 | 003,424,384 | ---- | M] () -- C:\Users\D&A\Israel ft. Slim - Unperfect Love (2007).mp3
[2010.10.21 22:38:53 | 002,928,768 | ---- | M] () -- C:\Users\D&A\Ivory Coast - Magic System & 113 - Un Gaou Oran.mp3
[2010.10.22 20:32:34 | 004,372,608 | ---- | M] () -- C:\Users\D&A\J Holiday - Fall.mp3
[2010.10.22 20:27:26 | 004,438,144 | ---- | M] () -- C:\Users\D&A\J. Blue - Love Is A Miracle (with DL).mp3
[2011.02.28 18:04:00 | 002,529,408 | ---- | M] () -- C:\Users\D&A\Jay Sean - Maybe.mp3
[2010.11.14 23:35:49 | 004,425,856 | ---- | M] () -- C:\Users\D&A\Jay-El - So Long (B-Force Remix).mp3
[2010.11.21 16:32:14 | 002,637,952 | ---- | M] () -- C:\Users\D&A\Jay2p - Play (2oo8) (UNRELEASED).mp3
[2010.11.14 23:30:01 | 003,027,072 | ---- | M] () -- C:\Users\D&A\Jean Paul ESQ ft. Shack 7 - I Miss You.mp3
[2010.12.30 01:45:12 | 005,214,336 | ---- | M] () -- C:\Users\D&A\Jennifer Lopez - Waiting for Tonight 'Video Official' [720p] HD.mp3
[2011.03.22 22:14:54 | 004,159,616 | ---- | M] () -- C:\Users\D&A\Jennifer Lopez Feat.Pitbull - On The Floor (Offiicial New Single 2011 Prod. By RedOne With Lyrics).mp3
[2011.01.08 17:58:15 | 004,571,264 | ---- | M] () -- C:\Users\D&A\Jeremih Feat. 50 Cent - Down On Me ( HQ + WITH LYRICS).mp3
[2010.12.09 23:54:52 | 004,245,632 | ---- | M] () -- C:\Users\D&A\jowel & randy nota loca ft. leverty - chica de novela (Official Remix 2010 ) video original.mp3
[2010.12.09 23:57:49 | 002,834,560 | ---- | M] () -- C:\Users\D&A\Jowell & Randy Ft Wisin - Jingle (Coyote The Show) - New 2010.mp3
[2010.12.09 23:25:47 | 003,442,816 | ---- | M] () -- C:\Users\D&A\jowell y randy no te veo.mp3
[2010.10.22 20:52:24 | 003,043,456 | ---- | M] () -- C:\Users\D&A\Justin Bieber feat. Usher - Somebody To Love (official video) HD.mp3
[2010.11.14 18:55:23 | 004,851,840 | ---- | M] () -- C:\Users\D&A\K Ci And Jojo - All My Life.mp3
[2010.12.01 23:26:21 | 003,012,736 | ---- | M] () -- C:\Users\D&A\K-Fly & Mag - Falsche Liebe.mp3
[2010.12.01 23:53:13 | 003,012,736 | ---- | M] () -- C:\Users\D&A\K-Fly & Mag - Falsche Liebe_1.mp3
[2010.11.08 18:50:25 | 005,343,360 | ---- | M] () -- C:\Users\D&A\K-Young - Do it.mp3
[2010.12.01 23:05:13 | 007,090,304 | ---- | M] () -- C:\Users\D&A\Karl Wolf Yalla Habibi ft. Rime and Kaz Money - Lone Wolf Entertainment. Music Media Factory.mp3
[2010.12.21 17:51:07 | 002,259,072 | ---- | M] () -- C:\Users\D&A\kat de Luna -calling you.wmv.mp3
[2010.12.07 21:55:52 | 004,907,136 | ---- | M] () -- C:\Users\D&A\Katy Perry - Firework Lyrics HD.mp3
[2010.12.08 00:36:45 | 003,668,096 | ---- | M] () -- C:\Users\D&A\Kay One - Scheiss auf dein Tut mir Leid.mp3
[2010.12.08 00:38:42 | 003,289,216 | ---- | M] () -- C:\Users\D&A\kay one Nichts ist für immer.mp3
[2011.02.07 01:24:23 | 003,741,824 | ---- | M] () -- C:\Users\D&A\Kaysha - On est ensemble.mp3
[2010.11.21 16:43:12 | 006,881,408 | ---- | M] () -- C:\Users\D&A\Keri Hilson ft. Ne-Yo & Kanye West - Knock You Down (squeaky clean).mp3
[2010.12.09 23:48:36 | 003,430,528 | ---- | M] () -- C:\Users\D&A\La Sista Ft. Jowell & Randy - Striper (Original Sin Promo).mp3
[2011.03.16 21:34:28 | 003,317,888 | ---- | M] () -- C:\Users\D&A\Lady_Gaga_-_***_This_Way__Official Single___with_Downloadlink_http-__tinyurl.com_6h2myws.mp3
[2011.01.29 21:42:10 | 004,829,312 | ---- | M] () -- C:\Users\D&A\Laserkraft 3D - Nein Mann (official Video).mp3
[2011.01.28 00:09:43 | 004,649,088 | ---- | M] () -- C:\Users\D&A\Last Time.mp3
[2010.11.14 23:21:14 | 004,016,256 | ---- | M] () -- C:\Users\D&A\LeMarvin - Change my Ways.mp3
[2010.10.24 18:43:25 | 004,149,376 | ---- | M] () -- C:\Users\D&A\Leona Lewis - Run (german Lyrics).mp3
[2010.10.24 19:07:19 | 004,548,736 | ---- | M] () -- C:\Users\D&A\Let Me Love You ( reggaeton Remix ).mp3
[2010.11.14 23:37:59 | 003,782,784 | ---- | M] () -- C:\Users\D&A\Liason - Since The Day (Offical Remix).mp3
[2010.11.17 00:39:46 | 003,659,904 | ---- | M] () -- C:\Users\D&A\Love At First Sight - Jori King.mp3
[2010.10.24 18:56:37 | 004,649,088 | ---- | M] () -- C:\Users\D&A\Machel Montano & Mr vegas  'Dance With You'.mp3
[2011.01.04 19:23:05 | 002,896,000 | ---- | M] () -- C:\Users\D&A\Madcon - Freaky Like Me (Official Lyrics On Screen)[HQ HD].flv.mp3
[2010.10.24 19:00:05 | 005,126,272 | ---- | M] () -- C:\Users\D&A\Magic System  'BOUGER BOUGER'.mp3
[2011.02.07 01:27:07 | 002,711,680 | ---- | M] () -- C:\Users\D&A\Magic System - Premier Gaou.mp3
[2010.10.24 19:02:53 | 003,776,640 | ---- | M] () -- C:\Users\D&A\Magic System ft Cheb Khaled Meme Pas Fatigue.mp3
[2010.12.01 23:13:47 | 004,718,720 | ---- | M] () -- C:\Users\D&A\Marasco - Es tut mir leid ( German RnB 2007).mp3
[2010.12.15 21:25:14 | 005,908,608 | ---- | M] () -- C:\Users\D&A\Mariah Carey  'All I want for Christmas is you'.mp3
[2011.02.15 00:18:47 | 003,860,608 | ---- | M] () -- C:\Users\D&A\Mario Brown feat. Edward Long - I Can Do ( presented by KayhanFB ).mp3
[2010.12.30 01:27:07 | 003,131,520 | ---- | M] () -- C:\Users\D&A\Mary J. Blige - Family Affair (BET Version) a  bolognetta.mp3
[2011.02.15 00:07:03 | 003,790,976 | ---- | M] () -- C:\Users\D&A\Mc amino - Wenn du lachst lyrics.mp3
[2010.11.08 19:13:18 | 002,914,432 | ---- | M] () -- C:\Users\D&A\Medina - Lonely HD.mp3
[2010.11.08 19:15:45 | 003,686,528 | ---- | M] () -- C:\Users\D&A\Medina - You & I (uebersetzung) x3..mp3
[2010.12.15 21:08:34 | 003,758,208 | ---- | M] () -- C:\Users\D&A\Melanie Thornton Wonderful Dream (winter wonderland  mix ).mp3
[2010.10.22 20:18:46 | 003,924,096 | ---- | M] () -- C:\Users\D&A\Meshun - Amazin' [R&B 2010].mp3
[2010.11.04 23:41:58 | 006,226,048 | ---- | M] () -- C:\Users\D&A\Michael Jackson - Man In The Mirror - (With Lyrics).mp3
[2011.02.28 17:59:10 | 002,785,408 | ---- | M] () -- C:\Users\D&A\Michael Jackson Feat. Akon - Hold My Hand.mp3
[2010.10.21 22:43:57 | 003,238,016 | ---- | M] () -- C:\Users\D&A\Nas & Damian Marley - As we enter.mp3
[2010.11.21 16:48:31 | 003,104,896 | ---- | M] () -- C:\Users\D&A\Ne-Yo - Beautiful Monster (Official Music Video).mp3
[2010.11.04 23:29:49 | 004,661,376 | ---- | M] () -- C:\Users\D&A\Ne-yo - In the Way _New Single_ RnB 2008.mp3
[2010.11.08 18:59:03 | 004,069,504 | ---- | M] () -- C:\Users\D&A\Next - Breathe (2010) HQ _ RnB4u.mp3
[2010.11.14 23:22:45 | 003,152,000 | ---- | M] () -- C:\Users\D&A\Next - Just Tonite.mp3
[2011.02.14 00:19:30 | 004,575,360 | ---- | M] () -- C:\Users\D&A\No time - Bracket ft P Square.mp3
[2012.03.30 21:24:59 | 002,883,584 | -HS- | M] () -- C:\Users\D&A\NTUSER.DAT
[2012.03.30 21:24:59 | 000,262,144 | -H-- | M] () -- C:\Users\D&A\ntuser.dat.LOG1
[2010.07.19 12:58:51 | 000,000,000 | -H-- | M] () -- C:\Users\D&A\ntuser.dat.LOG2
[2011.11.01 06:44:46 | 000,065,536 | -HS- | M] () -- C:\Users\D&A\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2011.06.29 11:03:55 | 000,524,288 | -HS- | M] () -- C:\Users\D&A\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2011.11.01 06:44:46 | 000,524,288 | -HS- | M] () -- C:\Users\D&A\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2012.03.30 14:03:34 | 000,065,536 | -HS- | M] () -- C:\Users\D&A\NTUSER.DAT{e782f217-0487-11e1-8072-00226838d30d}.TM.blf
[2012.03.30 14:03:34 | 000,524,288 | -HS- | M] () -- C:\Users\D&A\NTUSER.DAT{e782f217-0487-11e1-8072-00226838d30d}.TMContainer00000000000000000001.regtrans-ms
[2011.11.01 15:27:07 | 000,524,288 | -HS- | M] () -- C:\Users\D&A\NTUSER.DAT{e782f217-0487-11e1-8072-00226838d30d}.TMContainer00000000000000000002.regtrans-ms
[2010.07.19 12:58:51 | 000,000,020 | -HS- | M] () -- C:\Users\D&A\ntuser.ini
[2010.11.08 18:55:47 | 004,710,528 | ---- | M] () -- C:\Users\D&A\P - Square - Do me (HQ).mp3
[2011.02.14 00:32:11 | 004,337,792 | ---- | M] () -- C:\Users\D&A\P Square - Last nite (Good quality audio).mp3
[2011.01.29 21:03:56 | 004,905,088 | ---- | M] () -- C:\Users\D&A\P SQUARE FT J. MARTINS E NO EASY (OFFICIAL VIDEO).mp3
[2011.02.14 00:22:43 | 005,585,024 | ---- | M] () -- C:\Users\D&A\P Square ft. J Martins   - E No Easy.mp3
[2011.01.29 20:56:07 | 005,511,296 | ---- | M] () -- C:\Users\D&A\P SQUARE I LOVE YOU (OFFICIAL VIDEO).mp3
[2010.10.22 19:24:01 | 004,081,792 | ---- | M] () -- C:\Users\D&A\P Square Roll It (Official Video).mp3
[2011.03.07 23:49:39 | 003,936,384 | ---- | M] () -- C:\Users\D&A\P Square(New Song)-Am I still that special Man w_ lyrics.mp3
[2011.02.14 00:28:42 | 005,779,584 | ---- | M] () -- C:\Users\D&A\P-Square - Your name (Remix).mp3
[2011.03.07 23:46:47 | 006,584,448 | ---- | M] () -- C:\Users\D&A\P-square- say your love.mp3
[2011.01.26 11:15:04 | 003,080,320 | ---- | M] () -- C:\Users\D&A\Peaches and Cream - 112.mp3
[2010.12.05 21:36:06 | 003,727,488 | ---- | M] () -- C:\Users\D&A\Phil Collins - Strangers Like Me.mp3
[2010.11.11 19:15:05 | 004,339,840 | ---- | M] () -- C:\Users\D&A\Pitbull - Go girl.mp3
[2011.01.29 21:09:32 | 003,850,368 | ---- | M] () -- C:\Users\D&A\Pitbull feat. Akon - Shut it down.mp3
[2010.11.29 21:58:53 | 003,469,440 | ---- | M] () -- C:\Users\D&A\Pitbull Feat. T-Pain - Hey Baby (Drop It To The Floor).mp3
[2010.10.24 18:52:50 | 005,073,024 | ---- | M] () -- C:\Users\D&A\Pitbull ft. Machel Montano - Alright.mp3
[2011.03.22 22:16:23 | 005,038,208 | ---- | M] () -- C:\Users\D&A\Pitbull ft. Ne-Yo. Afrojack & Nayer - Give Me Everything (Tonight) + ( lyrics ) (NEW) [www.RnB4U.in].mp3
[2010.11.02 16:12:36 | 006,011,008 | ---- | M] () -- C:\Users\D&A\Please Excuse My Hands - Plies (Feat The Dream & Jammie Foxx).mp3
[2011.02.14 00:52:02 | 004,774,016 | ---- | M] () -- C:\Users\D&A\Pocketful of Sunshine-Natasha Bedingfield.mp3
[2010.10.26 13:59:20 | 003,743,872 | ---- | M] () -- C:\Users\D&A\Pussycat Dolls - Bottle Pop [2009].mp3
[2010.11.14 23:24:49 | 004,128,896 | ---- | M] () -- C:\Users\D&A\Q. Armey - Forever Girl (Jazze Pha Remix).mp3
[2010.12.07 22:21:05 | 005,568,640 | ---- | M] () -- C:\Users\D&A\R. Kelly & Jay Z 'Fiesta '.mp3
[2010.12.07 22:11:46 | 005,232,768 | ---- | M] () -- C:\Users\D&A\R.Kelly Feat. Keri Hilson- Number One Sex (ORiGiNAL SONG W_LYRiCS !].mp3
[2010.11.28 21:47:51 | 003,881,088 | ---- | M] () -- C:\Users\D&A\Ramzi ft. Ash King 'Love Is Blind' (Official Music Video).mp3
[2010.10.23 12:05:17 | 002,117,760 | ---- | M] () -- C:\Users\D&A\Rebeccas Antwort (Pussycat Prolls Diss).mp3
[2010.10.21 23:15:08 | 003,973,248 | ---- | M] () -- C:\Users\D&A\Rihanna - Only Girl » Official New Song.mp3
[2011.01.04 19:26:15 | 004,669,568 | ---- | M] () -- C:\Users\D&A\Rihanna - WhatsMy Name Feat. Drake Lyrics.mp3
[2011.02.01 23:54:15 | 003,868,800 | ---- | M] () -- C:\Users\D&A\Rihanna - Who's That Chick (Prod. by David Guetta)by dj Adi.mp3
[2011.02.07 01:32:23 | 002,869,376 | ---- | M] () -- C:\Users\D&A\Rihanna feat sean paul - break it off.mp3
[2010.11.21 17:02:56 | 003,467,392 | ---- | M] () -- C:\Users\D&A\Rihanna- rude boy (Lyrics).mp3
[2010.11.14 23:39:34 | 003,745,920 | ---- | M] () -- C:\Users\D&A\Rodney ft. Jazze Pha - You Can Spend The Night (prod. by Jazze Pha).mp3
[2011.02.07 01:20:42 | 002,560,128 | ---- | M] () -- C:\Users\D&A\Ryan Leslie- How It Was Supposed To Be ( HoT RmX ).mp3
[2010.11.11 19:11:47 | 004,497,536 | ---- | M] () -- C:\Users\D&A\Sean Paul - So Fine (2009) HD.mp3
[2010.11.11 19:08:26 | 003,684,480 | ---- | M] () -- C:\Users\D&A\Sean Paul - Temperature.mp4.mp3
[2011.02.15 00:29:17 | 002,844,800 | ---- | M] () -- C:\Users\D&A\Sefo Grüne Augen.mp3
[2011.03.16 21:28:13 | 006,037,632 | ---- | M] () -- C:\Users\D&A\Sevin feat. Pitbull & Ying Yang Twins - Club Sexin (Unrls Prod. By Dj Idam).mp3
[2010.11.14 23:27:58 | 002,386,048 | ---- | M] () -- C:\Users\D&A\Shai - If I Ever Fall In Love (DJ Marv Remix).mp3
[2010.10.21 22:58:04 | 003,246,208 | ---- | M] () -- C:\Users\D&A\Shakira - Waka Waka Official Music Video.mp3
[2010.11.08 19:07:57 | 003,176,576 | ---- | M] () -- C:\Users\D&A\Shakira Feat Dizzee Rascal - Loca.mp3
[2010.10.22 19:20:19 | 002,764,928 | ---- | M] () -- C:\Users\D&A\Shawn Desman  The place Where you belong.mp3
[2010.12.07 22:27:28 | 004,350,080 | ---- | M] () -- C:\Users\D&A\Shawn Desman - Night Like This (New Hot RnB Music 2010).mp3
[2011.02.02 00:34:21 | 004,804,736 | ---- | M] () -- C:\Users\D&A\She Aint my Gurl Trey Songz.mp3
[2010.12.09 23:34:00 | 004,753,536 | ---- | M] () -- C:\Users\D&A\shorty-jowell y randy.mp3
[2011.02.07 01:29:41 | 005,027,968 | ---- | M] () -- C:\Users\D&A\Soca 2007 Machel Montano - One more time.mp3
[2011.02.28 17:56:38 | 004,008,064 | ---- | M] () -- C:\Users\D&A\Soulja Boy Tell&#39; Em - 'Kiss Me Thru The Phone' (REGGUETON Remix) [Music Video] BY DJ BOCA CHULA.mp3
[2010.11.11 00:33:23 | 004,100,224 | ---- | M] () -- C:\Users\D&A\Stanfour - This is life without you.mp3
[2010.10.22 20:14:59 | 004,180,096 | ---- | M] () -- C:\Users\D&A\Sterling Simms - Your The Reason (Prod. by Cornaboyz).mp3
[2010.11.21 16:29:25 | 002,351,232 | ---- | M] () -- C:\Users\D&A\Strip Club.mp3
[2010.12.05 21:38:04 | 001,493,120 | ---- | M] () -- C:\Users\D&A\Tarzan- 'Zwei Welten. eine Familie'.mp3
[2010.11.29 21:50:20 | 004,065,408 | ---- | M] () -- C:\Users\D&A\The Black Eyed Peas - The Time (NEW 2010).mp3
[2010.12.07 23:06:50 | 004,987,008 | ---- | M] () -- C:\Users\D&A\THE VERY BEST (FT. M.I.A.) - RAIN DANCE.mp3
[2010.12.15 23:53:18 | 005,529,728 | ---- | M] () -- C:\Users\D&A\Timbaland feat. One Republic - Marching On.mp3
[2010.12.07 00:38:41 | 002,730,112 | ---- | M] () -- C:\Users\D&A\Tiziano Ferro - 'Perdono' (Versione Italiana - lyrics).mp3
[2010.11.11 00:14:16 | 003,950,720 | ---- | M] () -- C:\Users\D&A\Toni Braxton - Hands Tied.mp3
[2010.11.11 00:21:23 | 002,816,128 | ---- | M] () -- C:\Users\D&A\Toni Braxton - I Wanna Be.. ( Your Baby ).mp3
[2010.11.11 00:18:10 | 003,158,144 | ---- | M] () -- C:\Users\D&A\Toni Braxton - Melt (Like An Iceberg) (Lyrics).mp3
[2010.11.04 23:16:58 | 003,188,864 | ---- | M] () -- C:\Users\D&A\Toni Braxton - Please.mp3
[2010.10.21 22:30:37 | 004,028,544 | ---- | M] () -- C:\Users\D&A\Toni Braxton Feat Trey Songz Yesterday.mp3
[2010.10.22 20:09:33 | 005,103,744 | ---- | M] () -- C:\Users\D&A\Toni Braxton Heart Never Had A Hero new song 2010 (with Lyrics).mp3
[2011.02.15 00:24:02 | 005,408,896 | ---- | M] () -- C:\Users\D&A\Tonight -  Ryan Leslie [New Song 2010] HD Video.mp3
[2010.11.17 01:05:21 | 005,064,832 | ---- | M] () -- C:\Users\D&A\Trey Songz  - She Goes (Feat. Mel Gates).mp3
[2010.10.21 22:48:16 | 003,743,872 | ---- | M] () -- C:\Users\D&A\Trey Songz - 'Can't Be Friends' [Official Video].mp3
[2011.01.28 00:16:38 | 003,244,160 | ---- | M] () -- C:\Users\D&A\Trey Songz - Missin You (Official Music Video).mp3
[2010.10.22 19:46:04 | 002,863,232 | ---- | M] () -- C:\Users\D&A\Trey Songz - One Love.mp3
[2011.02.02 00:37:13 | 003,942,528 | ---- | M] () -- C:\Users\D&A\Trey Songz - Role Play.mp3
[2010.10.22 20:23:04 | 005,023,872 | ---- | M] () -- C:\Users\D&A\Trey Songz - Safari Love (With Lyrics).mp3
[2010.10.22 20:57:23 | 005,423,232 | ---- | M] () -- C:\Users\D&A\Trey Songz - Scratching me up.mp3
[2010.10.22 19:51:48 | 004,012,160 | ---- | M] () -- C:\Users\D&A\Trey Songz - The Ones U Love (New 2010).mp3
[2010.10.22 19:59:07 | 004,520,064 | ---- | M] () -- C:\Users\D&A\Trey Songz - U Belong To Me (Lyrics).mp3
[2011.02.02 00:24:38 | 006,633,600 | ---- | M] () -- C:\Users\D&A\Trey Songz - We Should Be.mp3
[2011.02.02 00:19:42 | 005,654,656 | ---- | M] () -- C:\Users\D&A\Trey Songz - Wonder woman.mp3
[2011.02.02 00:31:06 | 004,614,272 | ---- | M] () -- C:\Users\D&A\Trey Songz - You belong to me.mp3
[2010.11.04 23:21:10 | 005,599,360 | ---- | M] () -- C:\Users\D&A\Trey Songz Ft. Keri Hilson & Usher - I Invented Sex Remix.mp3
[2010.10.22 20:04:25 | 004,612,224 | ---- | M] () -- C:\Users\D&A\trey songz i invented sex.mp3
[2011.02.02 00:27:57 | 004,765,824 | ---- | M] () -- C:\Users\D&A\Trey Songz- Does She Know.mp3
[2010.10.22 19:55:25 | 004,370,560 | ---- | M] () -- C:\Users\D&A\Trey Songz- More Than That.mp3
[2011.01.28 00:13:04 | 004,878,464 | ---- | M] () -- C:\Users\D&A\Trey songz-Holla if you need me Lyrics.mp3
[2010.11.04 23:24:34 | 005,730,432 | ---- | M] () -- C:\Users\D&A\Trina Ft. Qwote - Phone Sexx.mp3
[2011.01.26 11:08:56 | 006,199,424 | ---- | M] () -- C:\Users\D&A\Tyrese -  How You Gonna Act Like That(5AM Remix).mp3
[2011.03.02 18:58:18 | 003,768,448 | ---- | M] () -- C:\Users\D&A\Usher - More (Official Music) [HQ].mp3
[2010.11.11 19:31:22 | 004,651,136 | ---- | M] () -- C:\Users\D&A\Usher - Trading Places.mp3
[2010.11.11 00:08:01 | 004,198,528 | ---- | M] () -- C:\Users\D&A\Usher- There Goes my Baby.mp3
[2010.11.08 18:47:53 | 003,858,560 | ---- | M] () -- C:\Users\D&A\Vybz Kartel ft Gaza Slim - One Man {FEB 2010} {AdidjahiemNotnice Prod}.mp3
[2011.02.15 00:16:18 | 003,424,384 | ---- | M] () -- C:\Users\D&A\When I Look At You. Miley Cyrus Music Video - THE LAST SONG - Available on DVD & Blu-ray NOW.mp3
[2011.03.22 22:24:16 | 004,767,872 | ---- | M] () -- C:\Users\D&A\Xavier Naidoo - Ich brauche dich - (T.I.O. Remix) (Official Video).mp3
[2010.12.05 21:29:41 | 004,499,584 | ---- | M] () -- C:\Users\D&A\You'll Be In My Heart - Phil Collins.mp3
[2010.10.22 19:30:24 | 004,343,936 | ---- | M] () -- C:\Users\D&A\You're My Angel - Ryan Leslie [New Song 2010] HD Video.mp3
[2010.10.21 22:52:25 | 004,612,224 | ---- | M] () -- C:\Users\D&A\Your side of the bed Lyrics.mp3
[2010.10.24 18:33:49 | 004,661,376 | ---- | M] () -- C:\Users\D&A\[FIRST EVER LYRICS] Nelly - Just a Dream With Lyrics! (BRAND NEW).mp3
[2010.10.21 22:21:26 | 004,524,160 | ---- | M] () -- C:\Users\D&A\[HD] Cassie - Let's Get Crazy (PARTY ROCK REMIX) ft. LMFAO & AKON (MP3 DOWNLOAD).mp3
[2010.11.11 00:03:54 | 004,100,096 | ---- | M] () -- C:\Users\D&A\İndir (Mustafa Sandal).mp3
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
<           >
 
========== Files - Unicode (All) ==========
[2010.12.16 00:15:49 | 008,753,152 | ---- | M] ()(C:\Users\D&A\Arabic song ???? ???? ???? ?? ??? ? ????? 2010(In  English)???? ????.mp3) -- C:\Users\D&A\Arabic song عمرو دياب يهمك في ايه و اليسا 2010(In  English)افضل كليب.mp3
[2010.11.02 19:31:53 | 003,545,088 | ---- | M] ()(C:\Users\D&A\¦¦¦?Next - One Night Only (2010) [HQ] _ Hottest RnBmusic.mp3) -- C:\Users\D&A\▒▓█►Next - One Night Only (2010) [HQ] _ Hottest RnBmusic.mp3
[2010.11.02 16:08:41 | 002,684,928 | ---- | M] ()(C:\Users\D&A\I just wanna hold you in my arms. ?.mp3) -- C:\Users\D&A\I just wanna hoℓd you in my arms. ♥.mp3

< End of report >
         
--- --- ---



wenn ich irgendwas falsch gemacht habe, bitte ich Euch dies zu entschuldigen und mir weitere Anweisungen zu geben!
Danke!

hey, kann mur dann keiner weiter helfen? es waere echt super wenn wir jemand sagen kann was ich jetz tuen soll.

Alt 31.03.2012, 19:03   #2
markusg
/// Malware-holic
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [SkypePM] C:\Users\DA\AppData\Local\Skype\SkypePM.exe (Microsoft Corporation)
 :Files
C:\Users\DA\AppData\Local\Skype
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________

__________________

Alt 01.04.2012, 13:54   #3
klobrille
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



So hab es so gemacht wie du geschrieben hast.
Das kam dabei raus.
Und die Datei hochzuladen war auch erfolgreich.
Dankeschoen!
Ich warte auf weitere Instruktionen.

HTML-Code:
All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SkypePM deleted successfully.
File C:\Users\DA\AppData\Local\Skype\SkypePM.exe not found.
========== COMMANDS ==========
 
[EMPTYFLASH]
 
User: All Users
 
User: AppData
 
User: D&A
->Flash cache emptied: 125503 bytes
 
User: Default
 
User: Default User
 
User: Public
 
Total Flash Files Cleaned = 0,00 mb
 
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: D&A
->Temp folder emptied: 1596967254 bytes
->Temporary Internet Files folder emptied: 214038464 bytes
->Java cache emptied: 5915523 bytes
->FireFox cache emptied: 124324812 bytes
->Google Chrome cache emptied: 6355765 bytes
->Flash cache emptied: 0 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 861184 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 111112573 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 183432 bytes
 
Total Files Cleaned = 1.964,00 mb
 
 
OTL by OldTimer - Version 3.2.39.2 log created on 04012012_144341

Files\Folders moved on Reboot...
File move failed. C:\Windows\SysNative\SETDB43.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UTFI1SLA\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IVDU736R\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I34Y2ROW\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E5PIN1QF\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\desktop.ini scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\desktop.ini scheduled to be moved on reboot.

Registry entries deleted on Reboot...
__________________

Alt 01.04.2012, 14:47   #4
markusg
/// Malware-holic
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



hi
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 01.04.2012, 15:06   #5
klobrille
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



So chef
hab das so gemacht wie du es mir gesagt hast. Das ist das Ergebnis von Combofix. Aber neustarten musste ich gar nicht.....


Combofix Logfile:
Code:
ATTFilter
ComboFix 12-03-31.03 - D&A 01.04.2012  15:56:17.1.4 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.49.1031.18.6142.4423 [GMT 2:00]
ausgeführt von:: c:\users\D&A\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Install.cmd
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-01 bis 2012-04-01  ))))))))))))))))))))))))))))))
.
.
2012-04-01 14:02 . 2012-04-01 14:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-01 12:43 . 2012-04-01 12:55	--------	d-----w-	C:\_OTL
2012-03-30 19:58 . 2012-03-30 19:58	--------	d-----w-	c:\program files (x86)\Lavalys
2012-03-23 05:29 . 2012-03-14 03:27	8669240	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{C406A4E5-1016-46A7-80CC-A8526A7274C9}\mpengine.dll
2012-03-22 19:12 . 2012-03-22 19:12	4435968	----a-w-	c:\windows\SysWow64\GPhotos.scr
2012-03-16 13:37 . 2012-04-01 12:22	--------	d-----w-	c:\users\D&A\AppData\Roaming\Skype
2012-03-16 13:37 . 2012-03-16 13:37	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2012-03-16 13:37 . 2012-03-16 13:37	--------	d-----r-	c:\program files (x86)\Skype
2012-03-16 13:37 . 2012-03-16 13:37	--------	d-----w-	c:\programdata\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-21 20:09 . 2012-02-10 22:55	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2010-07-20 10:10	279656	------w-	c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472]
"SmpcSys"="c:\program files\PACKARD BELL\SetUpMyPC\SmpSys.exe" [2008-07-07 1038136]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-04-28 1828136]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2009-04-02 102400]
"ICQ"="c:\program files (x86)\ICQ7.2\ICQ.exe" [2011-01-05 133432]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-02-29 17148552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SmpcSys"="c:\program files\Packard Bell\SetupMyPC\SmpSys.exe" [2008-07-07 1038136]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-02 281768]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-09-24 421160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - Lavasoft Kernexplorer
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-11 15:51]
.
2012-04-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-01-11 15:51]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2008-08-18 333344]
"RtHDVCpl"="RAVCpl64.exe" [2008-09-18 6495264]
"Skytel"="Skytel.exe" [2008-09-18 1833504]
"FijiKeyboard"="c:\acer\Preload\Autorun\DRV\FIJI Keyboard\ABoard.exe" [2008-09-18 79416]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mStart Page = hxxp://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0407&s=1&o=vp64&d=0710&m=imedia_x6605_ge
mLocal Page = %SystemRoot%\system32\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
LSP: %SYSTEMROOT%\system32\nvLsp.dll
TCP: DhcpNameServer = 192.168.178.1
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\D&A\AppData\Roaming\Mozilla\Firefox\Profiles\u1fye323.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - www.Freeware-download.com Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT2325506&SearchSource=13
FF - prefs.js: keyword.URL - hxxp://plasmoo.com/index.htm?SearchMashine=true&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Facebook: Rosa Themen-Plugin: pink@rosa-plugin.info - %profile%\extensions\pink@rosa-plugin.info
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
URLSearchHooks-{26647ca4-a2a7-4eac-8a72-761aa9141de7} - (no file)
Wow6432Node-HKLM-Run-NPSStartup - (no file)
WebBrowser-{26647CA4-A2A7-4EAC-8A72-761AA9141DE7} - (no file)
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
HKLM-Run-FujiKeyboard - c:\acer\Preload\Autorun\DRV\FUJI Keyboard\ABoard.exe
AddRemove-Adobe Shockwave Player - c:\windows\System32\Macromed\SHOCKW~1\UNWISE.EXE
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@SACL=
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
@SACL=
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@SACL=
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@SACL=
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@SACL=
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@SACL=
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@SACL=
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@SACL=
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@SACL=
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@SACL=
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2012-04-01  16:04:13
ComboFix-quarantined-files.txt  2012-04-01 14:04
.
Vor Suchlauf: 9 Verzeichnis(se), 708.944.982.016 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 708.244.946.944 Bytes frei
.
- - End Of File - - 440BF0AA3B5E0556E93928AD0945E75C
         
--- --- ---


Alt 02.04.2012, 08:51   #6
markusg
/// Malware-holic
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
--> Windows blockade durch Deutschlandflaggenvirus!

Alt 02.04.2012, 16:24   #7
klobrille
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



hallo, hab mir malewarebytes und hab jetz schon zwei mal versucht es durch laufen... beim ersten versuch hat er sich nach 20 minuten aufgehangen und es half nur ein hard reset. gerade ebend hab ich es nochmal probiert, aber er haengt sich wieder. inwieweit beeinflusst das nun meinen weiteren erfolg? gibts ein anderes programm?
vielen dank fuer die hilfe.

Alt 02.04.2012, 20:26   #8
markusg
/// Malware-holic
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



gehts im abgesicherten modus mit netzwerk, bei pc start über f8 zu erreichen.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 02.04.2012, 21:49   #9
klobrille
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



danke fuer deine schnellen antworten.
nein leider gab das auch keinen erfolg... ab ca 8 minuten kam es wieder zum haengen und mir blieb nur ein hard reset.
waskann da noch helfen? eine formatierung?

Alt 03.04.2012, 11:59   #10
markusg
/// Malware-holic
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



wie siehts mit nem qick scan aus?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.04.2012, 16:22   #11
klobrille
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



So das kam nun beim Quick Scan raus...
Versuche jetz nochmal einen Voll-Scan.
Ich hoffe du kannst damit schon was anfangen...


HTML-Code:
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.02.04

Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 7.0.6001.18000
D&A :: D-PC [Administrator]

03.04.2012 17:08:42
mbam-log-2012-04-03 (17-08-42).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 202719
Laufzeit: 4 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\D&A\Downloads\SoftonicDownloader_fuer_photoscape.exe (PUP.BundleOffer.Downloader.S) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Alt 03.04.2012, 18:10   #12
markusg
/// Malware-holic
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



ok meld dich obs geklappt hatt
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.04.2012, 16:37   #13
klobrille
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



soo egall was ich mache chef den vollen scan macht er nicht. haengt sich immer wieder auf. was kann ich noch tuen?

Alt 04.04.2012, 17:04   #14
markusg
/// Malware-holic
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



hi,
lade den CCleaner standard:
CCleaner Download - CCleaner 3.17.1689
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.04.2012, 17:35   #15
klobrille
 
Windows blockade durch Deutschlandflaggenvirus! - Standard

Windows blockade durch Deutschlandflaggenvirus!



HTML-Code:
Ad-Aware	Lavasoft	18.07.2010	87,9MB	                                                                           notwendig
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	20.03.2012	  	10.3.183.16                                notwendig
Adobe Flash Player ActiveX	Adobe Systems Incorporated	18.07.2010		9.0.124.0                                  notwendig
Adobe Photoshop Elements 6.0	Adobe Systems, Inc.	21.01.2009	375MB	6.0                                                notwendig                                            
Adobe Reader 9 - Deutsch	Adobe Systems Incorporated	21.01.2009	232MB	9.0.0                                      notwendig                                     
Adobe Shockwave Player	Adobe Systems, Inc.	18.07.2010		10.3.0.24                                                  notwendig
Apple Mobile Device Support	Apple Inc.	20.10.2010	20,7MB	3.2.0.47                                                   nicht benoetigt
Apple Software Update	Apple Inc.	20.10.2010	2,26MB	2.1.2.120
Avira AntiVir Personal - Free Antivirus	Avira GmbH	31.03.2012	101,3MB	10.2.0.707                                         notwendig
CCleaner	Piriform	03.04.2012	8,94MB	3.17                                                                       notwendig
Compatibility Pack für 2007 Office System	Microsoft Corporation	13.03.2012	39,0MB	12.0.6612.1000                     notwendig
CPUID CPU-Z 1.58		20.11.2011	3,24MB	                                                                           nicht benötigt
EasyBits Magic Desktop		18.07.2010	                                                                                   nicht benötigt	
EVEREST Home Edition v2.20	Lavalys Inc	29.03.2012	6,58MB	2.20                                                       nicht benötigt
Google Chrome	Google Inc.	10.01.2012	249MB	17.0.963.83                                                                nicht benötigt
HP Customer Participation Program 8.0	HP	15.10.2010	254MB	8.0
HP Imaging Device Functions 8.0	HP	15.10.2010	2,21MB	8.0                                                                 Hp notwendig Drucker
HP OCR Software 8.0	HP	15.10.2010	2,20MB	8.0
HP Photosmart Essential	HP	15.10.2010	10,2MB	1.12.0.46
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B	HP	15.10.2010	76,9MB	8.0
HP Solution Center 8.0	HP	15.10.2010	2,20MB	8.0
HP Update	Hewlett-Packard	15.10.2010	3,57MB	4.000.005.006
HPSSupply	Ihr Firmenname	15.10.2010	0,96MB	2.1.3.0000
iTunes	Apple Inc.	20.10.2010	139,7MB	10.0.1.22                                                                          notwendig
Java(TM) 6 Update 21	Sun Microsystems, Inc.	20.07.2010	94,5MB	6.0.210
Malwarebytes Anti-Malware Version 1.60.1.1000	Malwarebytes Corporation	01.04.2012	11,5MB	1.60.1.1000                notwendig
MetaBoli		21.01.2009	1.821MB	1.00.0000                                                                          notwendig                      
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU	Microsoft Corporation	20.07.2010	42,1MB	
Microsoft .NET Framework 3.5 SP1	Microsoft Corporation	20.07.2010	42,1MB	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	24.11.2010	189,3MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	24.11.2010	46,5MB	4.0.30319
Microsoft Office Home and Student		18.07.2010	297MB	
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	13.03.2012	33,8MB	12.0.6612.1000              microsoft notwendig
Microsoft Office Suite Activation Assistant	Microsoft Corporation	21.01.2009	8,37MB	2.9
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	21.01.2009	1,74MB	3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053	Microsoft Corporation	20.07.2010	0,25MB	8.0.50727.4053 
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	20.07.2010	0,25MB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	15.06.2011	0,29MB	8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	21.01.2009	0,69MB	8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175	Microsoft Corporation	29.04.2011	0,56MB	8.0.51011
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148	Microsoft Corporation	20.07.2010	0,21MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570	Microsoft Corporation	29.04.2011	0,77MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	29.04.2011	0,58MB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	18.07.2010	0,76MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	15.06.2011	0,76MB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	18.07.2010	0,58MB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	15.06.2011	0,58MB	9.0.30729.6161
Microsoft Works 9.0 SE		18.07.2010	297MB	
Mozilla Firefox (3.6.28)	Mozilla	20.03.2012	34,4MB	3.6.28 (de)                                                         notwendig
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	21.01.2009	1,29MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	20.07.2010	1,34MB	4.20.9876.0
Nero 8 Essentials	Nero AG	18.07.2010	1.743MB	8.3.389                                                                     funktioniert nicht
NVIDIA Display Control Panel	NVIDIA Corporation	18.07.2010	1,29MB	6.14.12.5896                                        nvidia benötigt
NVIDIA Drivers	NVIDIA Corporation	18.07.2010		1.10.62.40
NVIDIA ForceWare Network Access Manager		18.07.2010		
NVIDIA PhysX	NVIDIA Corporation	18.07.2010	80,0MB	9.10.0224
NVIDIA Stereoscopic 3D Driver	NVIDIA Corporation	18.07.2010	16,1MB	7.17.12.5896
Packard Bell ImageWriter		21.01.2009	1.821MB	1.00.0000
Packard Bell Updator		21.01.2009	1.821MB	3.00.0000
PC Connectivity Solution	Nokia	01.12.2010	15,0MB	8.15.0.0
Picasa 3	Google, Inc.	10.01.2012	78,3MB	3.8                                                                         nicht benötigt
QuickTime	Apple Inc.	20.10.2010	73,7MB	7.68.75.0
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	21.01.2009	21,5MB	6.0.1.5704
SAMSUNG Mobile Composite Device Software		01.12.2010                                                                  samsung nicht benötigt		
Samsung Mobile Modem Device Software		01.12.2010		
SAMSUNG Mobile Modem Driver Set		01.12.2010		
Samsung Mobile phone USB driver Software		01.12.2010		
SAMSUNG Mobile USB Modem 1.0 Software		01.12.2010		
SAMSUNG Mobile USB Modem Software		01.12.2010		
Samsung New PC Studio	Samsung Electronics Co., Ltd.	01.12.2010	165,4MB	1.00.0000
SAMSUNG USB Mobile Device Software		01.12.2010		
SamsungConnectivityCableDriver	Samsung	01.12.2010	0,72MB	6.83.6.2.1
Setup My PC		21.01.2009	1.821MB	3.00.0000                                                                            unbekannt
Skype Click to Call	Skype Technologies S.A.	15.03.2012	15,7MB	5.10.9560
Skype™ 5.8	Skype Technologies S.A.	15.03.2012	19,1MB	5.8.158                                                              skype notwendig
SpeedFan (remove only)		20.11.2011	5,54MB	
Star Wars JK II Jedi Outcast		08.01.2012	601MB	                                                                        notwendig
TeamSpeak 3 Client	TeamSpeak Systems GmbH	20.07.2010	34,5MB	                                                           nicht benötigt
Uninstall 1.0.0.1		02.05.2011	30,8MB	
Windows Live Anmelde-Assistent	Microsoft Corporation	18.07.2010	1,93MB	5.000.818.5
Windows Live Essentials	Microsoft Corporation	18.07.2010	136,3MB	14.0.8117.0416
Windows Live Sync	Microsoft Corporation	18.07.2010	2,79MB	14.0.8117.416
Windows Live-Uploadtool	Microsoft Corporation	21.01.2009	0,22MB	14.0.8014.1029
Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)	Nokia	01.12.2010		10/12/2007 6.85.4.0
WinRAR 4.01 (64-Bit)	win.rar GmbH	20.11.2011	4,61MB	4.01.0
soo chef hier manche sachen hab ich zusammengefasst wie die microsoft updates und die samsung sachen ich hoffe du findest dich zurecht.

Antwort

Themen zu Windows blockade durch Deutschlandflaggenvirus!
ad-aware, autorun, avira, bho, bildschirm, black, blockiert, bonjour, brand new, converter, desktop, downloadlink, firefox, funktioniert nicht mehr, helper, home, logfile, mp3, nvstor.sys, packard bell, plug-in, realtek, registry, required, scan, schwarzer bildschirm, searchscopes, security, security scan, senden, software, soundtrack, super, version=1.0, virus, vista, windows




Ähnliche Themen: Windows blockade durch Deutschlandflaggenvirus!


  1. Malwarebytes Anti-Malware meldet Blockade von bösartigen Websites
    Plagegeister aller Art und deren Bekämpfung - 04.11.2015 (13)
  2. Avast Schädliche Datei Blockade Mozilla Firefox
    Log-Analyse und Auswertung - 22.11.2014 (15)
  3. nach Befall durch BKA Virus Entfernung durch Fachhandel Jetzt startet Windows sicherheitsdienst nicht mehr
    Log-Analyse und Auswertung - 05.06.2014 (14)
  4. Gefälschte Polizeiliche Anzeige und Blockade des Internets/CD Laufwerks
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (23)
  5. Laptop mit Windows xp gesperrt durch Bundespolizei, Entsperrung nur durch Geld
    Log-Analyse und Auswertung - 25.01.2013 (34)
  6. lost+found: Trojanerknacker, Brute-Force-Blockade und Bollywood
    Nachrichten - 04.01.2013 (0)
  7. "Der Computer ist für die Verletzung der Gesetze der Bundesrepublik Deutschland ... " -Blockade
    Log-Analyse und Auswertung - 10.08.2012 (25)
  8. Blockade des Computers durch internetexplorer
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  9. Windows-Blockade 50 € wegen besuch von infizierten seiten
    Log-Analyse und Auswertung - 27.02.2012 (10)
  10. 50€-Blockade
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (26)
  11. Windows Blockade 50 € abzocke!
    Log-Analyse und Auswertung - 11.02.2012 (3)
  12. Nach GEMA-Blockade nun Google-Umleitung
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (1)
  13. Blockade von exe dateien nach windows 7 home security 2012 trojaner
    Log-Analyse und Auswertung - 24.12.2011 (1)
  14. Windows Blockade, Freigabe gegen 50€
    Log-Analyse und Auswertung - 23.12.2011 (3)
  15. Ebenfalls:Windows Blockade
    Plagegeister aller Art und deren Bekämpfung - 14.12.2011 (7)
  16. Blockade durch "Achtung aus Sicherheitsgründen wurde ihr Windows System blockiert"
    Plagegeister aller Art und deren Bekämpfung - 10.12.2011 (1)
  17. Langsam und Blockade von Google und Yahoo
    Plagegeister aller Art und deren Bekämpfung - 13.12.2004 (2)

Zum Thema Windows blockade durch Deutschlandflaggenvirus! - Hallo, es geht um folgendes. Mein Pc funktioniert nicht mehr und zwar geht bei jedem Windows Start die Funktionsfähigkeit des Pcs verloren. Ein schwarzer Bildschirm erscheint und mir wird mitgeteilt, - Windows blockade durch Deutschlandflaggenvirus!...
Archiv
Du betrachtest: Windows blockade durch Deutschlandflaggenvirus! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.