Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Plagegeister aller Art und deren Bekämpfung: BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 5 1 23 Letzte »
Alt 19.04.2012, 17:23   #1
_Chiisai_
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Ich bin wahrscheinlich nicht die erste mit diesem Problem,aber ich bin wirklich am Verzweifeln ^^'
vor ca 3 Wochen habe ich mir den Virus (version 1.03) eingefangen und dann nach diesem Tutorial hxxp://www.youtube.com/watch?v=uv-xirezoD0 also mit dem Wiederherstellungspunkt "entfernt".Danach Malwarebytes runtergeladen und scannen lassen.Es gab keinen Fund
Jetzt läuft mein Laptop wieder so wie vorher.
Habe allerdings nach ein bisschen Recherche herausgefunden,dass das Ding doch nicht so ganz ohne ist.Ich hatte einfach weitergearbeitet,wie sonst auch ..

Was ist jetzt zu tun? Muss ich wirklich mein System neu aufsetzen? und wenn ja,wie rette ich meine Daten ohne den Virus gleich mitzukopieren?
Mir wurde eine Rettung über eine "linux Cd" empfohlen
Außerdem hing während des Befalls mein iPhone,eine Maus und eventuell eine SD karte am Laptop...

Ich bin leider ein totaler Computerlaie und weiß nicht weiter :/
Ich hoffe jemand kann mir helfen!
Danke schonmal im Voraus !

liebe Grüße,
_Chiisai_

Alt 19.04.2012, 19:13   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Bitte erstmal routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. =>ALLE lokalen Datenträger (außer CD/DVD) überprüfen lassen!
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
__________________

__________________
Alt 20.04.2012, 21:01   #3
_Chiisai_
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


So.. erstmal vielen Dank für die schnelle Antwort !!
Ich hoffe ich habe alles richtig gemacht
Hier die Ergebnisse:

Malewarebytes
Code:
ATTFilter
 2012/04/08 10:27:35 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting protection
2012/04/08 10:27:39 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Protection started successfully
2012/04/08 10:27:41 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Executing scheduled update:  Daily
2012/04/08 10:27:42 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/08 10:27:43 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/08 10:27:53 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Scheduled update executed successfully:  database updated from version v2012.04.07.04 to version v2012.04.08.02
2012/04/08 10:27:53 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting database refresh
2012/04/08 10:27:53 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Stopping IP protection
2012/04/08 10:29:56 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection stopped
2012/04/08 10:29:58 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Database refreshed successfully
2012/04/08 10:29:58 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/08 10:30:00 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/08 13:28:19 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 56979, Process: avastsvc.exe)
2012/04/08 13:28:19 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 56980, Process: avastsvc.exe)
2012/04/08 13:28:44 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57019, Process: avastsvc.exe)
2012/04/08 13:28:44 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57020, Process: avastsvc.exe)
2012/04/08 13:29:32 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57031, Process: avastsvc.exe)
2012/04/08 13:29:32 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57032, Process: avastsvc.exe)
2012/04/08 13:31:01 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57076, Process: avastsvc.exe)
2012/04/08 13:31:01 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57077, Process: avastsvc.exe)
2012/04/08 13:31:49 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57104, Process: avastsvc.exe)
2012/04/08 13:31:49 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57105, Process: avastsvc.exe)
2012/04/08 13:31:49 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57107, Process: avastsvc.exe)
2012/04/08 13:31:49 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57108, Process: avastsvc.exe)
2012/04/08 13:34:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57710, Process: avastsvc.exe)
2012/04/08 13:34:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57711, Process: avastsvc.exe)
2012/04/08 13:34:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57715, Process: avastsvc.exe)
2012/04/08 13:34:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57716, Process: avastsvc.exe)
2012/04/08 13:34:39 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57720, Process: avastsvc.exe)
2012/04/08 13:34:39 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57721, Process: avastsvc.exe)
Code:
ATTFilter
 2012/04/07 14:31:46 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting protection
2012/04/07 14:31:51 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Protection started successfully
2012/04/07 14:31:54 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Executing scheduled update:  Daily
2012/04/07 14:31:54 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/07 14:31:56 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/07 14:32:08 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Scheduled update executed successfully:  database updated from version v2012.04.06.07 to version v2012.04.07.04
2012/04/07 14:32:08 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting database refresh
2012/04/07 14:32:08 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Stopping IP protection
2012/04/07 14:34:12 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection stopped
2012/04/07 14:34:16 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Database refreshed successfully
2012/04/07 14:34:16 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/07 14:34:18 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/07 14:49:53 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 50922, Process: avastsvc.exe)
2012/04/07 14:49:53 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 50923, Process: avastsvc.exe)
2012/04/07 14:50:01 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Stopping IP protection
2012/04/07 14:50:01 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 50929, Process: avastsvc.exe)
2012/04/07 14:50:01 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 50930, Process: avastsvc.exe)
2012/04/07 14:52:07 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection stopped
2012/04/07 17:41:08 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting protection
2012/04/07 17:41:11 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Protection started successfully
2012/04/07 17:41:14 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/07 17:41:15 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/07 20:54:17 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57088, Process: avastsvc.exe)
2012/04/07 20:54:17 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57089, Process: avastsvc.exe)
2012/04/07 20:54:17 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57098, Process: avastsvc.exe)
2012/04/07 20:54:17 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	80.82.70.249 (Type: outgoing, Port: 57099, Process: avastsvc.exe)
2012/04/07 20:54:24 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Stopping IP protection
2012/04/07 20:56:03 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection stopped
Code:
ATTFilter
 2012/04/06 00:28:05 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting protection
2012/04/06 00:28:08 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Protection started successfully
2012/04/06 00:28:11 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/06 00:28:12 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/06 00:37:31 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting protection
2012/04/06 00:37:34 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Protection started successfully
2012/04/06 00:37:37 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/06 00:37:39 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/06 21:22:59 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting protection
2012/04/06 21:23:03 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Protection started successfully
2012/04/06 21:23:04 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Executing scheduled update:  Daily
2012/04/06 21:23:06 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/06 21:23:08 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/06 21:24:21 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting database refresh
2012/04/06 21:24:21 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Scheduled update executed successfully:  database updated from version v2012.04.05.04 to version v2012.04.06.07
2012/04/06 21:24:21 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Stopping IP protection
2012/04/06 21:26:53 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection stopped
2012/04/06 21:26:56 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Database refreshed successfully
2012/04/06 21:26:57 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/06 21:26:59 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
Code:
ATTFilter
 2012/04/04 00:00:01 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60735, Process: firefox.exe)
2012/04/04 00:00:17 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60738, Process: firefox.exe)
2012/04/04 00:00:26 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60739, Process: firefox.exe)
2012/04/04 00:00:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60744, Process: firefox.exe)
2012/04/04 00:00:50 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60745, Process: firefox.exe)
2012/04/04 00:01:06 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60746, Process: firefox.exe)
2012/04/04 00:01:06 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60747, Process: firefox.exe)
2012/04/04 00:01:14 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60750, Process: firefox.exe)
2012/04/04 00:01:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60751, Process: firefox.exe)
2012/04/04 00:01:39 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60752, Process: firefox.exe)
2012/04/04 00:01:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60756, Process: firefox.exe)
2012/04/04 00:02:03 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60757, Process: firefox.exe)
2012/04/04 00:02:19 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60760, Process: firefox.exe)
2012/04/04 00:02:27 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60761, Process: firefox.exe)
2012/04/04 00:02:44 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60765, Process: firefox.exe)
2012/04/04 00:02:52 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60768, Process: firefox.exe)
2012/04/04 00:03:08 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60778, Process: firefox.exe)
2012/04/04 00:03:16 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60780, Process: firefox.exe)
2012/04/04 00:03:32 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60781, Process: firefox.exe)
2012/04/04 00:03:41 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60782, Process: firefox.exe)
2012/04/04 00:03:57 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60784, Process: firefox.exe)
2012/04/04 00:04:05 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60785, Process: firefox.exe)
2012/04/04 00:04:21 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60804, Process: firefox.exe)
2012/04/04 00:04:29 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60808, Process: firefox.exe)
2012/04/04 00:04:45 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60813, Process: firefox.exe)
2012/04/04 00:04:54 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60816, Process: firefox.exe)
2012/04/04 00:05:10 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60822, Process: firefox.exe)
2012/04/04 00:05:18 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60823, Process: firefox.exe)
2012/04/04 00:05:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60824, Process: firefox.exe)
2012/04/04 00:05:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60828, Process: firefox.exe)
2012/04/04 00:06:06 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60831, Process: firefox.exe)
2012/04/04 00:06:06 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60834, Process: firefox.exe)
2012/04/04 00:06:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60837, Process: firefox.exe)
2012/04/04 00:06:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60840, Process: firefox.exe)
2012/04/04 00:06:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60846, Process: firefox.exe)
2012/04/04 00:06:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60848, Process: firefox.exe)
2012/04/04 00:07:20 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60852, Process: firefox.exe)
2012/04/04 00:07:44 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60858, Process: firefox.exe)
2012/04/04 00:07:52 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60859, Process: firefox.exe)
2012/04/04 00:08:08 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60862, Process: firefox.exe)
2012/04/04 00:08:16 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60864, Process: firefox.exe)
2012/04/04 00:08:32 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60866, Process: firefox.exe)
2012/04/04 00:08:41 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60867, Process: firefox.exe)
2012/04/04 00:08:57 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60871, Process: firefox.exe)
2012/04/04 00:09:05 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60873, Process: firefox.exe)
2012/04/04 00:09:21 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60875, Process: firefox.exe)
2012/04/04 00:09:29 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60876, Process: firefox.exe)
2012/04/04 00:09:46 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60878, Process: firefox.exe)
2012/04/04 00:09:54 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60879, Process: firefox.exe)
2012/04/04 00:10:10 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60894, Process: firefox.exe)
2012/04/04 00:10:18 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60895, Process: firefox.exe)
2012/04/04 00:10:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60898, Process: firefox.exe)
2012/04/04 00:10:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60899, Process: firefox.exe)
2012/04/04 00:11:07 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60904, Process: firefox.exe)
2012/04/04 00:11:07 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60907, Process: firefox.exe)
2012/04/04 00:11:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60910, Process: firefox.exe)
2012/04/04 00:11:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60911, Process: firefox.exe)
2012/04/04 00:11:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60928, Process: firefox.exe)
2012/04/04 00:11:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60935, Process: firefox.exe)
2012/04/04 00:12:20 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60937, Process: firefox.exe)
2012/04/04 00:12:28 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60941, Process: firefox.exe)
2012/04/04 00:12:44 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60959, Process: firefox.exe)
2012/04/04 00:12:52 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60966, Process: firefox.exe)
2012/04/04 00:13:08 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60978, Process: firefox.exe)
2012/04/04 00:13:16 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 60989, Process: firefox.exe)
2012/04/04 00:13:33 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61006, Process: firefox.exe)
2012/04/04 00:13:41 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61008, Process: firefox.exe)
2012/04/04 00:13:57 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61014, Process: firefox.exe)
2012/04/04 00:14:05 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61015, Process: firefox.exe)
2012/04/04 00:14:21 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61038, Process: firefox.exe)
2012/04/04 00:14:30 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61039, Process: firefox.exe)
2012/04/04 00:14:46 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61048, Process: firefox.exe)
2012/04/04 00:14:54 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61049, Process: firefox.exe)
2012/04/04 00:15:18 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61070, Process: firefox.exe)
2012/04/04 00:15:18 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61081, Process: firefox.exe)
2012/04/04 00:15:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61085, Process: firefox.exe)
2012/04/04 00:15:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61087, Process: firefox.exe)
2012/04/04 00:16:07 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61091, Process: firefox.exe)
2012/04/04 00:16:07 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61110, Process: firefox.exe)
2012/04/04 00:16:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61124, Process: firefox.exe)
2012/04/04 00:16:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61126, Process: firefox.exe)
2012/04/04 00:16:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61132, Process: firefox.exe)
2012/04/04 00:16:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61136, Process: firefox.exe)
2012/04/04 00:17:20 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61148, Process: firefox.exe)
2012/04/04 00:17:28 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61149, Process: firefox.exe)
2012/04/04 00:17:44 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61154, Process: firefox.exe)
2012/04/04 00:17:52 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61155, Process: firefox.exe)
2012/04/04 00:18:08 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61157, Process: firefox.exe)
2012/04/04 00:18:17 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61158, Process: firefox.exe)
2012/04/04 00:18:33 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61159, Process: firefox.exe)
2012/04/04 00:18:41 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61163, Process: firefox.exe)
2012/04/04 00:18:57 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61165, Process: firefox.exe)
2012/04/04 00:19:05 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61166, Process: firefox.exe)
2012/04/04 00:19:05 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61167, Process: firefox.exe)
2012/04/04 00:19:21 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61169, Process: firefox.exe)
2012/04/04 00:19:29 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61170, Process: firefox.exe)
2012/04/04 00:19:46 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61172, Process: firefox.exe)
2012/04/04 00:19:54 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61175, Process: firefox.exe)
2012/04/04 00:20:18 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61178, Process: firefox.exe)
2012/04/04 00:20:18 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61179, Process: firefox.exe)
2012/04/04 00:20:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61181, Process: firefox.exe)
2012/04/04 00:20:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61182, Process: firefox.exe)
2012/04/04 00:21:07 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61183, Process: firefox.exe)
2012/04/04 00:21:07 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61185, Process: firefox.exe)
2012/04/04 00:21:31 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61186, Process: firefox.exe)
2012/04/04 00:21:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61193, Process: firefox.exe)
2012/04/04 00:22:03 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61194, Process: firefox.exe)
2012/04/04 00:22:19 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61196, Process: firefox.exe)
2012/04/04 00:22:28 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61198, Process: firefox.exe)
2012/04/04 00:22:44 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61201, Process: firefox.exe)
2012/04/04 00:22:52 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61202, Process: firefox.exe)
2012/04/04 00:23:08 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61204, Process: firefox.exe)
2012/04/04 00:23:16 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61205, Process: firefox.exe)
2012/04/04 00:23:32 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61207, Process: firefox.exe)
2012/04/04 00:23:40 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61209, Process: firefox.exe)
2012/04/04 00:23:57 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61210, Process: firefox.exe)
2012/04/04 00:24:05 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61211, Process: firefox.exe)
2012/04/04 00:24:29 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61213, Process: firefox.exe)
2012/04/04 00:24:29 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61214, Process: firefox.exe)
2012/04/04 00:24:53 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61216, Process: firefox.exe)
2012/04/04 00:24:53 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61217, Process: firefox.exe)
2012/04/04 00:25:18 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61220, Process: firefox.exe)
2012/04/04 00:25:18 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61221, Process: firefox.exe)
2012/04/04 00:25:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61223, Process: firefox.exe)
2012/04/04 00:25:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61224, Process: firefox.exe)
2012/04/04 00:26:06 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61225, Process: firefox.exe)
2012/04/04 00:26:14 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61227, Process: firefox.exe)
2012/04/04 00:26:30 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61229, Process: firefox.exe)
2012/04/04 00:26:39 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61231, Process: firefox.exe)
2012/04/04 00:26:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61233, Process: firefox.exe)
2012/04/04 00:27:03 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61234, Process: firefox.exe)
2012/04/04 00:27:19 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61237, Process: firefox.exe)
2012/04/04 00:27:27 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61238, Process: firefox.exe)
2012/04/04 00:27:44 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61241, Process: firefox.exe)
2012/04/04 00:27:52 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61242, Process: firefox.exe)
2012/04/04 00:28:08 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61245, Process: firefox.exe)
2012/04/04 00:28:16 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61246, Process: firefox.exe)
2012/04/04 00:28:32 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61247, Process: firefox.exe)
2012/04/04 00:28:40 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61249, Process: firefox.exe)
2012/04/04 00:29:05 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61250, Process: firefox.exe)
2012/04/04 00:29:05 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61251, Process: firefox.exe)
2012/04/04 00:29:29 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61253, Process: firefox.exe)
2012/04/04 00:29:29 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61255, Process: firefox.exe)
2012/04/04 00:29:53 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61257, Process: firefox.exe)
2012/04/04 00:29:53 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61258, Process: firefox.exe)
2012/04/04 00:30:17 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61260, Process: firefox.exe)
2012/04/04 00:30:18 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61261, Process: firefox.exe)
2012/04/04 00:30:42 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61263, Process: firefox.exe)
2012/04/04 00:30:50 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61264, Process: firefox.exe)
2012/04/04 00:31:06 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61266, Process: firefox.exe)
2012/04/04 00:31:06 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61267, Process: firefox.exe)
2012/04/04 00:31:14 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61269, Process: firefox.exe)
2012/04/04 00:31:30 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61270, Process: firefox.exe)
2012/04/04 00:31:38 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61272, Process: firefox.exe)
2012/04/04 00:31:55 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61274, Process: firefox.exe)
2012/04/04 00:32:03 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61275, Process: firefox.exe)
2012/04/04 00:32:19 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61280, Process: firefox.exe)
2012/04/04 00:32:27 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61281, Process: firefox.exe)
2012/04/04 00:32:43 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61285, Process: firefox.exe)
2012/04/04 00:32:51 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61286, Process: firefox.exe)
2012/04/04 00:33:08 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61287, Process: firefox.exe)
2012/04/04 00:33:08 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	78.140.152.35 (Type: outgoing, Port: 61289, Process: firefox.exe)
2012/04/04 13:42:09 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting protection
2012/04/04 13:42:12 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Protection started successfully
2012/04/04 13:42:12 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Executing scheduled update:  Daily
2012/04/04 13:42:15 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/04 13:42:17 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/04 13:42:25 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting database refresh
2012/04/04 13:42:25 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Scheduled update executed successfully:  database updated from version v2012.04.03.08 to version v2012.04.04.02
2012/04/04 13:42:25 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Stopping IP protection
2012/04/04 13:44:00 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection stopped
2012/04/04 13:44:03 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Database refreshed successfully
2012/04/04 13:44:03 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/04 13:44:04 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/04 17:33:09 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting protection
2012/04/04 17:33:12 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Protection started successfully
2012/04/04 17:33:15 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Starting IP protection
2012/04/04 17:33:17 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection started successfully
2012/04/04 18:03:17 +0200	CYNTHIA-VAIO	Cynthia	IP-BLOCK	62.122.74.123 (Type: outgoing, Port: 50056, Process: firefox.exe)
2012/04/04 18:03:28 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	Stopping IP protection
2012/04/04 18:05:09 +0200	CYNTHIA-VAIO	Cynthia	MESSAGE	IP Protection stopped
( das sind glaub ich nur die täglichen Updates.Davon gibt es noch mehr,aber die scheinen nicht zu varieren)

Code:
ATTFilter
 alwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.04.20.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cynthia :: CYNTHIA-VAIO [Administrator]

20.04.2012 18:29:27
mbam-log-2012-04-20 (18-29-27).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 355218
Laufzeit: 1 Stunde(n), 8 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.04.05.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cynthia :: CYNTHIA-VAIO [Administrator]

Schutz: Aktiviert

05.04.2012 23:46:40
mbam-log-2012-04-05 (23-46-40).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 214169
Laufzeit: 5 Minute(n), 54 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.03.30.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cynthia :: CYNTHIA-VAIO [Administrator]

Schutz: Aktiviert

31.03.2012 17:47:27
mbam-log-2012-03-31 (17-47-27).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 342385
Laufzeit: 1 Stunde(n), 33 Minute(n), 39 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
ATTFilter
 
 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.03.30.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cynthia :: CYNTHIA-VAIO [Administrator]

Schutz: Aktiviert

30.03.2012 20:35:20
mbam-log-2012-03-30 (20-35-20).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 340828
Laufzeit: 1 Stunde(n), 9 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.1.1000
www.malwarebytes.org

Datenbank Version: v2012.03.30.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Cynthia :: CYNTHIA-VAIO [Administrator]

Schutz: Aktiviert

30.03.2012 19:02:31
mbam-log-2012-03-30 (19-02-31).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 340511
Laufzeit: 1 Stunde(n), 7 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
und das kam bei Eset
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=e6c1c209a8b5b645839a864030f54901
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-04-20 07:30:13
# local_time=2012-04-20 09:30:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5121 16777213 100 75 11413802 35432419 0 0
# compatibility_mode=5893 16776574 100 94 19900110 86574425 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=150211
# found=3
# cleaned=0
# scan_time=5659
C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\qlps-qlipso-sntb.exe	Win32/Toolbar.Zugo application (unable to clean)	00000000000000000000000000000000	I
C:\Users\Cynthia\Downloads\shimeji_kuran_kaname_downloader.exe	a variant of Win32/ExpressFiles application (unable to clean)	00000000000000000000000000000000	I
C:\Users\Cynthia\Downloads\VeohWebPlayerSetup_eng.exe	Win32/Toolbar.Zugo application (unable to clean)	00000000000000000000000000000000	I
Ich habe die lezten Tage bemerkt,dass nach dem Anmelden der Bildschirm für einige Minuten schwarz bleibt und sich nurnoch der Mauszeiger bewegen lässt.
Ich vermute diese lässt sich möglicherweise auf den Virus zurückführen ...
__________________
Alt 20.04.2012, 21:05   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Das sieht ziemlich unauffällig aus
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 20.04.2012, 21:13   #5
_Chiisai_
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Ja! alles genauso wie vorher!
Nur jetzt das mit dem schwarzen Bildschirm ist nicht normal.
Außerdem ist alles ein klein bisschen langsamer als sonst.. das kann allerdings auch Einbildung sein ^^' Ich bin echt schon ziemlich verrückt vor Sorge...
ansonsten kann ich noch sagen,dass das Wiederherstellen insgesamt ziemlich flott ging

Eine Auffäligkeit gab es noch bei einem scan von avira. Da wurden viren erkannt und danach hat sich das Programm aufgehangen .. avira ist,soweit ich gelesen habe, bekannt für Fehlermeldungen,aber es ist das einzige Antivirenprogramm,welches ich vor dem BKA Trojaner installiert hatte.

Bei den Programmen habe ich noch nicht genauer nachgesehen,weil ich insgesamt nicht soviel auf dem Rechner habe...
Heute beim Zusammensuchen der Daten für das eventuelle Neuaufsetzen ist mir jedoch ncihts aufgefallen


Alt 20.04.2012, 22:53   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
--> BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?

Alt 23.04.2012, 19:08   #7
_Chiisai_
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Avast meldet,dass das Programm Malware enthalten könnte. Ist das normal?
und muss ich bei dem Scan auch wieder meine Virenscanner ausschalten?

Alt 23.04.2012, 21:24   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Ja sowas nennt man Fehlalarm. "Unsere" Tools sind keine Viren
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 02.05.2012, 22:17   #9
_Chiisai_
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Erstmal möchte ich mich wegen der verspäteten Antwort entschuldigen ><
Jetzt habe ich endlich die Zeit für den Scan gefunden
Hier das Ergebnis:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.05.2012 22:40:37 - Run 1
OTL by OldTimer - Version 3.2.42.2     Folder = C:\Users\Cynthia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,95 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 53,64% Memory free
7,90 Gb Paging File | 5,35 Gb Available in Paging File | 67,73% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,78 Gb Total Space | 384,64 Gb Free Space | 85,14% Space Free | Partition Type: NTFS
Drive D: | 955,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: CYNTHIA-VAIO | User Name: Cynthia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.05.02 22:38:46 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Cynthia\Desktop\OTL(1).exe
PRC - [2012.04.26 13:43:54 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.03.07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\afwServ.exe
PRC - [2012.02.23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012.01.22 16:15:32 | 002,230,416 | ---- | M] (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
PRC - [2012.01.22 16:15:16 | 003,735,680 | ---- | M] (Giraffic) -- C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
PRC - [2012.01.02 15:24:42 | 004,692,296 | ---- | M] (Veoh Networks) -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2011.04.29 17:20:18 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.03.05 16:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011.03.05 16:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011.03.01 21:23:36 | 000,391,432 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingBar.exe
PRC - [2011.03.01 21:23:36 | 000,259,336 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BingApp.exe
PRC - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011.02.15 11:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\VAIO Care\VCService.exe
PRC - [2011.02.01 13:20:48 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.01 13:20:46 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.29 05:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Programme\Sony\VAIO Care\listener.exe
PRC - [2011.01.17 19:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011.01.17 19:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010.11.27 00:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010.11.27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.26 13:43:54 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012.04.15 15:55:43 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2011.12.05 18:52:34 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.06.21 15:48:28 | 000,910,336 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
MOD - [2011.06.20 15:37:16 | 010,836,992 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtWebKit4.dll
MOD - [2011.06.20 13:52:20 | 001,283,584 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtScript4.dll
MOD - [2011.06.20 13:32:40 | 000,266,752 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\phonon4.dll
MOD - [2011.06.20 13:21:50 | 007,994,880 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtGui4.dll
MOD - [2011.06.20 13:04:56 | 002,233,344 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\QtCore4.dll
MOD - [2011.05.26 11:38:06 | 000,120,320 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll
MOD - [2011.05.26 11:38:06 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\imageformats\qgif4.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.10.18 15:32:28 | 000,161,168 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011.10.18 15:23:24 | 000,208,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011.10.18 15:23:06 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011.01.29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011.01.27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011.01.27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011.01.27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McOobeSv)
SRV:64bit: - [2011.01.27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011.01.27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011.01.27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011.01.27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2011.01.27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.04.26 13:43:55 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.15 15:55:44 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.03.07 01:15:13 | 000,134,920 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2012.01.22 16:15:32 | 002,230,416 | ---- | M] (Giraffic) [Auto | Running] -- C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe -- (Giraffic)
SRV - [2011.10.18 18:01:08 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\mcafee\virusscan\mcods.exe -- (McODS)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.05.19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2011.04.29 17:20:18 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.04.29 17:19:22 | 000,091,296 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011.03.30 09:09:12 | 001,021,112 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Update 5\VUAgent.exe -- (VUAgent)
SRV - [2011.03.29 08:13:25 | 002,361,344 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.05 16:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011.03.01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.28 10:29:18 | 000,852,160 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.02.23 14:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011.02.21 12:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011.02.21 12:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011.02.18 22:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV - [2011.02.18 22:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV - [2011.02.14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Programme\Sony\VAIO Care\VCService.exe -- (VCService)
SRV - [2011.02.01 13:20:48 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2011.02.01 13:20:46 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2011.01.20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV - [2011.01.20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.11.27 00:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.08.09 14:41:46 | 000,220,528 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- c:\Programme\mcafee\msc\McAWFwk.exe -- (McAWFwk)
SRV - [2010.03.18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.25 14:25:29 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012.03.25 14:25:29 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012.03.07 01:04:31 | 000,141,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2012.03.07 01:04:06 | 000,819,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.03.07 01:04:04 | 000,337,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.03.07 01:03:29 | 000,258,904 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2012.03.07 01:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.03.07 01:02:20 | 000,053,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.03.07 01:01:57 | 000,059,224 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.03.07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.10.15 14:16:16 | 000,647,080 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011.10.15 14:16:16 | 000,481,768 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011.10.15 14:16:16 | 000,284,648 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011.10.15 14:16:16 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011.10.15 14:16:16 | 000,160,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011.10.15 14:16:16 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011.10.15 14:16:16 | 000,075,808 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011.10.15 14:16:16 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.04.29 17:19:36 | 000,288,416 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.04.29 17:19:36 | 000,283,296 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.04.29 17:19:36 | 000,166,048 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.04.29 17:19:36 | 000,109,216 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2011.04.29 17:19:36 | 000,059,040 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.04.29 17:19:36 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.04.29 17:19:36 | 000,029,344 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.04.29 17:19:34 | 000,259,232 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.04.29 17:19:34 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.03.29 11:00:53 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2011.03.29 10:55:05 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.29 08:51:30 | 000,425,064 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.29 08:15:05 | 000,335,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2011.03.29 05:57:20 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.22 17:27:05 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.02.17 05:06:44 | 000,316,024 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011.02.16 14:50:45 | 002,377,216 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.04.26 22:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.04.29 17:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com [binary data]
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com/ [binary data]
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=101067&mntrId=6662ef86000000000000ccaf78d711e1
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101067&mntrId=6662ef86000000000000ccaf78d711e1
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\..\SearchScopes\{39F3EC28-44F6-4976-BEAF-D7368AC20CE1}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\..\SearchScopes\{48C8D07F-DA99-4309-9AA4-44AD2AC4E122}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3241464272-3312323868-824178396-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://by161w.bay161.mail.live.com/mail/home.mvc?n=1543237549&livecom=1#!/mail/InboxLight.aspx?n=165013733|https://twitter.com/#!/|hxxp://www.youtube.com/|hxxp://www.facebook.com/|hxxp://animexx.onlinewelten.com/|hxxp://www.tumblr.com/dashboard"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.02.24 15:39:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.15 23:12:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2011.12.24 00:37:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.04.06 00:30:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.26 13:43:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.05 23:27:51 | 000,000,000 | ---D | M]
 
[2011.12.04 20:07:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cynthia\AppData\Roaming\mozilla\Extensions
[2012.05.02 22:08:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cynthia\AppData\Roaming\mozilla\Firefox\Profiles\kfnkfwhu.default\extensions
[2012.04.26 13:43:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.04.06 00:30:25 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.04.26 13:43:55 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.10.13 22:28:54 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012.04.05 23:27:11 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.16 20:43:02 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.27 18:47:40 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.02.16 20:43:02 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.16 20:43:02 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 20:43:01 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 20:43:01 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 20:43:01 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Programme\Common Files\mcafee\systemcore\ScriptSn.20111223223538.dll (McAfee, Inc.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Programme\mcafee\msk\mskapbho.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111223223538.dll (McAfee, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PrnStatusMX] C:\Programme\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3241464272-3312323868-824178396-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-3241464272-3312323868-824178396-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3241464272-3312323868-824178396-1000..\Run: [VeohPlugin] C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Cynthia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Cynthia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk = C:\Windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{23DE1942-ED20-4DCD-902C-54A192B2EFD3}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: mcmscsvc - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: McMPFSvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:64bit: mcmscsvc - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SafeBootNet:64bit: mfefirek - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:64bit: mfefirek.sys - C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet:64bit: mfehidk - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:64bit: mfehidk.sys - C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet:64bit: mfevtp - C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - C:\Programme\mcafee\virusscan\mcods.exe (McAfee, Inc.)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{3942788D-F1D2-4201-9BF0-003753DCCEB6} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NETFramework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.05.02 22:38:26 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\Cynthia\Desktop\OTL(1).exe
[2012.05.02 21:37:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012.05.02 21:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
[2012.05.02 21:16:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\osu!
[2012.05.02 21:15:10 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Roaming\Downloaded Installations
[2012.05.02 20:05:56 | 000,000,000 | R--D | C] -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2012.04.30 12:46:46 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Local\{C52BBC29-3A46-49F7-9452-20A6D8544789}
[2012.04.30 08:59:32 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Local\{A070DAEC-CFFF-4F1F-87A0-E140C292EC03}
[2012.04.30 08:59:17 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Local\{BC52CE5C-F3E9-4D37-BCB9-3A4EA241D826}
[2012.04.30 08:46:21 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\Desktop\29.02.2012 Hannover
[2012.04.27 23:10:38 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Local\{24105662-2A64-4875-9DA0-5B4AD2ACA307}
[2012.04.27 23:10:10 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Local\{4C63B187-C0E8-4D8E-A58D-A9E0FE03B9B1}
[2012.04.26 13:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.04.26 13:44:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.04.20 19:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.04.20 18:48:08 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\Desktop\JaeJae
[2012.04.19 19:58:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\svnet
[2012.04.19 19:58:17 | 000,266,307 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartWebASP.dll
[2012.04.19 19:58:11 | 000,147,456 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartWeb.dll
[2012.04.19 19:58:10 | 000,163,840 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartSecure2.dll
[2012.04.19 19:58:10 | 000,155,648 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartCertificate.dll
[2012.04.19 19:58:10 | 000,122,880 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartWebUtil.dll
[2012.04.19 19:58:04 | 000,221,184 | ---- | C] (Dart Communications) -- C:\Windows\SysWow64\DartSock.dll
[2012.04.19 19:58:03 | 000,794,304 | ---- | C] (Data Dynamics) -- C:\Windows\SysWow64\Actbar2.ocx
[2012.04.19 19:58:03 | 000,790,528 | ---- | C] (Polar          sales@polarsoftware.com        www.polarsoftware.com) -- C:\Windows\SysWow64\polarcrypto.dll
[2012.04.19 19:58:02 | 000,303,104 | ---- | C] (Inner Media, Inc.) -- C:\Windows\SysWow64\dzactx.dll
[2012.04.19 19:58:02 | 000,262,144 | ---- | C] (Inner Media, Inc.) -- C:\Windows\SysWow64\duzactx.dll
[2012.04.19 19:58:01 | 001,060,864 | ---- | C] (ComponentOne LLC) -- C:\Windows\SysWow64\tdbg8.ocx
[2012.04.19 19:58:01 | 000,311,296 | ---- | C] (ComponenetOne) -- C:\Windows\SysWow64\c1sizer.ocx
[2012.04.19 19:58:00 | 001,114,112 | ---- | C] (ComponentOne LLC) -- C:\Windows\SysWow64\tdbl8.ocx
[2012.04.19 19:58:00 | 000,507,904 | ---- | C] (ComponentOne LLC) -- C:\Windows\SysWow64\vsrpt8.ocx
[2012.04.19 19:58:00 | 000,417,792 | ---- | C] (ComponentOne) -- C:\Windows\SysWow64\vsprint8.ocx
[2012.04.19 19:57:59 | 000,192,512 | ---- | C] (ComponentOne) -- C:\Windows\SysWow64\vsvport8.ocx
[2012.04.19 19:57:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\svnet
[2012.04.11 15:22:48 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Local\{3DD4EB4A-CE6D-4BE6-BEE6-15EDC4985407}
[2012.04.10 00:42:52 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Local\{7A4B4801-F17A-4A87-9A7A-2DFB278D5488}
[2012.04.07 14:43:59 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Local\Apps
[2012.04.07 00:42:35 | 000,000,000 | ---D | C] -- C:\Users\Cynthia\AppData\Roaming\IrfanView
[2012.04.06 00:31:47 | 000,337,240 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.04.06 00:31:47 | 000,024,408 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.04.06 00:31:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012.04.06 00:31:42 | 000,141,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFW.sys
[2012.04.06 00:31:13 | 000,258,904 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswNdis2.sys
[2012.04.06 00:31:12 | 000,053,080 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.04.06 00:31:11 | 000,059,224 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.04.06 00:31:11 | 000,028,504 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2012.04.06 00:31:09 | 000,819,032 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.04.06 00:31:06 | 000,069,976 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.04.06 00:31:05 | 000,258,520 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.04.06 00:30:02 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.04.06 00:30:00 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.04.06 00:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.04.06 00:29:42 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.04.05 23:28:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.04.04 17:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.04.04 17:15:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.04.04 17:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.05.02 22:38:46 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Cynthia\Desktop\OTL(1).exe
[2012.05.02 22:07:18 | 000,023,882 | ---- | M] () -- C:\Users\Cynthia\Desktop\tumblr_lqad1iYItU1r1flfio5_400.jpg
[2012.05.02 21:54:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.02 21:37:46 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2012.05.02 21:17:22 | 000,000,885 | ---- | M] () -- C:\Users\Public\Desktop\osu!.lnk
[2012.05.02 20:12:48 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.05.02 20:12:48 | 000,020,720 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.05.02 20:11:51 | 001,614,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.05.02 20:11:51 | 000,697,534 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.05.02 20:11:51 | 000,652,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.05.02 20:11:51 | 000,148,540 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.05.02 20:11:51 | 000,121,486 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.05.02 20:05:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.05.02 20:04:58 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.23 21:47:13 | 000,001,462 | ---- | M] () -- C:\Users\Cynthia\.recently-used.xbel
[2012.04.07 00:13:33 | 000,001,031 | ---- | M] () -- C:\Users\Cynthia\Desktop\PhotoScape.lnk
[2012.04.06 01:42:32 | 000,233,792 | ---- | M] () -- C:\test.xml
[2012.04.06 00:31:06 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.04.04 22:49:11 | 000,002,535 | ---- | M] () -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk
[2012.04.04 17:16:24 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.05.02 22:07:18 | 000,023,882 | ---- | C] () -- C:\Users\Cynthia\Desktop\tumblr_lqad1iYItU1r1flfio5_400.jpg
[2012.05.02 21:17:22 | 000,000,885 | ---- | C] () -- C:\Users\Public\Desktop\osu!.lnk
[2012.05.01 11:56:15 | 000,001,828 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2012.04.23 21:47:13 | 000,001,462 | ---- | C] () -- C:\Users\Cynthia\.recently-used.xbel
[2012.04.07 00:13:33 | 000,001,031 | ---- | C] () -- C:\Users\Cynthia\Desktop\PhotoScape.lnk
[2012.04.06 00:31:06 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.04.04 22:49:11 | 000,002,535 | ---- | C] () -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk
[2012.04.04 17:16:24 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.04.03 17:03:50 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.01.29 18:50:07 | 000,001,065 | ---- | C] () -- C:\Windows\disney.ini
[2012.01.29 18:44:32 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2011.12.05 16:30:44 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.30 03:46:48 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.03.30 03:46:47 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.03.30 03:46:46 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.02.11 01:03:27 | 001,592,786 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
 
========== LOP Check ==========
 
[2012.02.17 23:01:38 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Audacity
[2012.01.27 18:47:34 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Babylon
[2012.05.02 21:15:10 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Downloaded Installations
[2012.02.06 18:11:27 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Ehdeo
[2012.02.04 17:56:44 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Giesfi
[2012.04.23 21:35:54 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\gtk-2.0
[2012.05.02 22:30:50 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\ICQ
[2012.04.07 14:52:41 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\IrfanView
[2011.12.12 20:09:45 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Jens Lorek
[2011.12.05 18:53:59 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\OpenOffice.org
[2012.04.07 00:38:49 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\PhotoScape
[2012.04.21 00:10:00 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\SoftGrid Client
[2011.12.27 17:28:07 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\TP
[2012.02.11 12:14:20 | 000,000,000 | ---D | M] -- C:\Users\Karin\AppData\Roaming\SoftGrid Client
[2012.02.22 21:08:39 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.12.06 19:53:41 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Adobe
[2012.03.12 21:23:50 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Apple Computer
[2011.12.08 22:04:07 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\ArcSoft
[2011.12.04 20:00:47 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Atheros
[2012.02.17 23:01:38 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Audacity
[2012.01.27 18:47:34 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Babylon
[2012.03.23 16:08:41 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\DivX
[2012.05.02 21:15:10 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Downloaded Installations
[2012.02.06 18:11:27 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Ehdeo
[2012.02.04 17:56:44 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Giesfi
[2012.04.23 21:35:54 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\gtk-2.0
[2012.05.02 22:30:50 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\ICQ
[2011.12.04 19:59:39 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Identities
[2011.12.04 20:00:54 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Intel Corporation
[2012.04.07 14:52:41 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\IrfanView
[2011.12.12 20:09:45 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Jens Lorek
[2011.09.03 02:45:31 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Macromedia
[2012.03.30 18:59:48 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Malwarebytes
[2011.07.13 04:58:01 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Media Center Programs
[2012.04.07 14:47:17 | 000,000,000 | --SD | M] -- C:\Users\Cynthia\AppData\Roaming\Microsoft
[2011.12.04 20:07:20 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Mozilla
[2011.12.05 18:53:59 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\OpenOffice.org
[2012.04.07 00:38:49 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\PhotoScape
[2012.05.02 22:31:02 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Skype
[2012.05.02 20:06:45 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\skypePM
[2012.04.21 00:10:00 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\SoftGrid Client
[2011.12.04 20:00:52 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\Sony Corporation
[2011.12.27 17:28:07 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\TP
[2012.01.02 00:30:08 | 000,000,000 | ---D | M] -- C:\Users\Cynthia\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.09.03 02:45:11 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Cynthia\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.12.12 20:03:42 | 000,034,494 | R--- | M] () -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Installer\{24F5BFDD-18E0-41F6-8A68-A22C742FC4A1}\_6FEFF9B68218417F98F549.exe
[2012.01.28 19:39:57 | 000,034,494 | R--- | M] () -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Installer\{6B48554C-9089-4177-A38D-B8FE122F11FC}\_6FEFF9B68218417F98F549.exe
[2012.03.12 21:48:27 | 000,010,134 | R--- | M] () -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Installer\{A78A5C61-2397-407E-A41F-0A0FFAD2572F}\_7F7458BFD582C00FF78826.exe
[2012.03.12 21:48:27 | 000,034,494 | R--- | M] () -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Installer\{A78A5C61-2397-407E-A41F-0A0FFAD2572F}\_853F67D554F05449430E7E.exe
[2012.03.12 21:48:27 | 000,355,574 | R--- | M] () -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Installer\{A78A5C61-2397-407E-A41F-0A0FFAD2572F}\_E460DD8AE65E9AE8A7F8F8.exe
[2012.03.12 21:48:27 | 000,355,574 | R--- | M] () -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Installer\{A78A5C61-2397-407E-A41F-0A0FFAD2572F}\_EF47F7F6FC8D853BE6A60C.exe
[2012.03.12 21:48:27 | 000,080,992 | R--- | M] () -- C:\Users\Cynthia\AppData\Roaming\Microsoft\Installer\{A78A5C61-2397-407E-A41F-0A0FFAD2572F}\_FEB897155D11C908CCA7A9.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2011.02.22 17:27:05 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.02.22 17:27:05 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_2b0c50dc63f09dae\iaStor.sys
[2011.02.22 17:27:05 | 000,437,272 | ---- | M] (Intel Corporation) MD5=F7CE9BE72EDAC499B713ECA6DAE5D26F -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_5b314ccea0aa569d\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009.07.14 03:16:13 | 000,163,840 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\scrrun.dll
 
<           >

< End of report >
--- --- ---

Vor dem Scan kam mehrere Male eine Fehlermeldung.Irgendwann hat der Scan dann allerdings doch funktioniert. Ich hoffe das führt nicht zu irgendwelchen Verfälschungen.
Das Problem des schwarzen Bildschirms nach dem Anmelden hat sich jetzt allerdings wieder gelegt.


Liebe Grüße

Alt 03.05.2012, 14:26   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Zitat:
DRV:64bit: - [2012.03.07 01:01:52 | 000,069,976 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.03.07 01:01:32 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.10.15 14:16:16 | 000,647,080 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011.10.15 14:16:16 | 000,481,768 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
Also sowas geht schonmal garnicht
Warum hast du Avast und McAfee drauf, willst du deinen Rechner in die Knie zwingen?
UMGEHEND einen der beiden deinstallieren!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 03.05.2012, 19:12   #11
_Chiisai_
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Alles Klar! Ist erledigt
Wie sieht es mit meinem Virusproblem aus? Sieht da etwas verdächtig aus?

Heute habe ich ein Dokument mit dem Namen $benannt1.odt und eine $crosoft benannte Word Datei auf meinem Desktop gefunden o.o beide lassen sich nicht öffnen,da sie wohl beschädigt sind. Das mit dem Wiederherrstellen hab ich erst mal gelassen.Außerdem hab ich noch 2 Textdokumente von OTL auf dem Desktop.Gehören die anderen 2 dazu?

ah und das desktopsymbol von Malewarebytes ist irgendwie gelöscht.Da ist jetzt nurnoch dieses "nicht vorhanden" Symbol.

Alt 04.05.2012, 08:57   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Mach bitte ein neues OTL-Log wie o.g.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.05.2012, 19:33   #13
_Chiisai_
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Ich hab das die lezten Tage probiert,aber jedesmal wieder dieselbe Fehlermeldung.Ich hab hier mal einen screenshoot gemacht hxxp://www.imagebanana.com/view/p43dkynj/error.PNG
Geändert von _Chiisai_ (06.05.2012 um 19:39 Uhr)

Alt 06.05.2012, 19:41   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


Der Link zum Bild ist kaputt, lädt nicht
Lad das Bild mal hier hoch => Saved.im
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 06.05.2012, 19:43   #15
_Chiisai_
 
BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Standard

BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


oh >< dann so
hxxp://saved.im/mtg3mdk0awtp/fehler.png

Antwort
Seite 1 von 5 1 23 Letzte »

Themen zu BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?
aufsetzen, beachten, bka - trojaner, bka bundeskriminalamt virus, daten, einfach, eingefangen, entfernt, gen, karte, laptop, linux, malwarebytes, maus, neu, neu aufsetzen, problem, scan, scannen, system, system neu, totaler, trojaner, tutorial, version, virus, wirklich, woche, wochen


« Ukash-Verschlüsselungs-Trojaner | Vodafone PDF Trojaner »


Ähnliche Themen: BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?


  1. GVU Trojaner - Persönliche Daten sichern, Externe Festplatte überprüfen & System neu aufsetzen
    Plagegeister aller Art und deren Bekämpfung - 16.09.2013 (2)
  2. System neu aufspielen nach GVU Trojaner: Muss ich etwas beachten?
    Plagegeister aller Art und deren Bekämpfung - 11.08.2012 (3)
  3. System neu aufsetzen nach Security Shield und BKA Trojaner
    Log-Analyse und Auswertung - 03.07.2011 (7)
  4. System neu aufsetzen nach erneutem Trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.06.2011 (8)
  5. Trojaner - Muss ich mein System neu aufsetzen?
    Log-Analyse und Auswertung - 21.04.2011 (20)
  6. TR/Yektel.A.15 - Trojaner beseitigen oder System neu aufsetzen
    Plagegeister aller Art und deren Bekämpfung - 11.12.2010 (5)
  7. Banking Trojaner Sparkasse - Entfernen oder System neu aufsetzen?
    Plagegeister aller Art und deren Bekämpfung - 25.09.2010 (7)
  8. System neu aufsetzen - Frage !
    Diskussionsforum - 31.07.2010 (2)
  9. Trojaner Virtumonde.scn in sshnas21.dll entfernt - trotzdem System neu aufsetzen?
    Plagegeister aller Art und deren Bekämpfung - 06.04.2010 (9)
  10. System neu aufsetzen
    Alles rund um Windows - 18.07.2009 (4)
  11. zu faul zum system aufsetzen..
    Mülltonne - 10.10.2008 (0)
  12. Tip zum System Aufsetzen Restore
    Alles rund um Windows - 06.11.2007 (0)
  13. Muss ich das System neu aufsetzen?
    Log-Analyse und Auswertung - 16.10.2007 (1)
  14. System neu aufsetzen
    Log-Analyse und Auswertung - 14.04.2006 (1)
  15. System neu aufsetzen
    Plagegeister aller Art und deren Bekämpfung - 28.12.2005 (7)
  16. System neu aufsetzen für Laien machbar?
    Log-Analyse und Auswertung - 20.02.2005 (1)
  17. Trojaner - wie wegbekommen ohne System neu aufsetzen??
    Plagegeister aller Art und deren Bekämpfung - 19.09.2004 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? - Ich bin wahrscheinlich nicht die erste mit diesem Problem,aber ich bin wirklich am Verzweifeln ^^' vor ca 3 Wochen habe ich mir den Virus (version 1.03) eingefangen und dann nach - BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten?...
Archiv
Du betrachtest: BKA Trojaner! System neu aufsetzen? Wenn ja,was ist zu beachten? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130