Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojan.Generic.2861923 nach Neuinstallation

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 03.06.2010, 14:42   #1
Dave-RockZ
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Hallo!

Ich habe vor kurzen einen ICQ Wurm auf meinen Rechner gehabt. Dadurch ich den nicht weg bekommen habe musste ich das System neu machen. Dies habe ich gestern getan. Ich habe nach Windows erstmal F-Secure Internet Security 2010 installiert und nur einige Treiber.

Heute fahre ich mein System hoch und es begrüßt mich wieder einen Trojanermeldung: Trojan.Generic.2861923

Windows ist original, sowie Treiber CDs. Am Internet war der Rechner nicht. Einige Programme habe ich noch installiert die aber auch Original sind. Daher bin ich gerade sehr planlos was hier passiert.

Weiter finde ich im Autostart "WinUpdater" unter den Pfad: Windows\System32\Iexplorer.exe

In der Meldung von F-Secure stand der Pfad: Windows\SysWOW\Iexplorer.exe

Ich wäre mega dankbar wenn mir jemand helfen kann.

Mein System Windows 7 64Bit
Antivirus: F-Secure Internet Security 2010

Hijack:

HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:20:49, on 03.06.2010
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\F-Secure\Common\FSM32.EXE
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll
O3 - Toolbar: Foxit Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll
O4 - HKLM\..\Run: [WinUpdate] C:\Windows\system32\lexplorer.exe
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKLM\..\Policies\Explorer\Run: [lexplorer] C:\Windows\system32\lexplorer.exe
O4 - HKCU\..\Policies\Explorer\Run: [lexplorer] C:\Windows\system32\lexplorer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O13 - Gopher Prefix: 
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: StarMoney 7.0 OnlineUpdate - Star Finanz - Software Entwicklung und Vertriebs GmbH - C:\Program Files (x86)\StarMoney 7.0 Commerzbank-Edition\ouservice\StarMoneyOnlineUpdate.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7494 bytes
         
--- --- ---

Alt 03.06.2010, 16:07   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Hallo und

Zitat:
Dadurch ich den nicht weg bekommen habe musste ich das System neu machen.
Das ist zu ungenau, wie genau hast Du das System "neu gemacht"?
Hast Du richtig formatiert oder Windows nur drüberinstalliert?
Wurden ausführbare Dateien, die vom infizierten System verarbeitet wurden, gestartet?
__________________

__________________

Alt 03.06.2010, 16:28   #3
Dave-RockZ
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Natürlich komplett formatiert. Das einzige was ich mir denken könnte wie der wieder auf mein System kommt ist wenn er sich evtl. im Speicher festgesetzt hat. Aber... ich hab echt keine Ahnung und brauche meinen Rechner dringend zu Arbeiten.

Im System an sich macht sich nicht viel bemerkbar außer halt im Autostart der WinUpdater eintrag. Aber ich hab zur Zeit echt sorgen irgendwo ein Passwort einzugeben oder gar OnlineBanking.
__________________

Alt 03.06.2010, 16:39   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Zitat:
Das einzige was ich mir denken könnte wie der wieder auf mein System kommt ist wenn er sich evtl. im Speicher festgesetzt hat.
In welchem Speicher?
Eine Formatierung überlebt ein Schädling nicht, der RAM kanns auch nicht sein.

Was ist hiermit => Wurden ausführbare Dateien, die vom infizierten System verarbeitet wurden, gestartet?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.06.2010, 16:48   #5
Dave-RockZ
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Nein eigentlich gar nichts. Die Programm die ich nich auf CD hatte hab ich mir direkt vom Hersteller ausm Netz geholt.

Wie bekomm ich das wieder weg? Oder was passiert in mein System genau?


Alt 03.06.2010, 20:57   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Ich wollte erstmal klären, was die wahrscheinlichste Ursache für den erneuten Befall nach der Formatierung ist, es ist einfach nicht zielführend, wegen Schädlingsbefall zu formatieren und nach wenigen Tagen wieder die Pest drauf zu haben

Hast Du auf dem frisch installierten Windows irgendwelche externen Laufwerke angeschlossen? USB-Platten und Sticks?
__________________
--> Trojan.Generic.2861923 nach Neuinstallation

Alt 03.06.2010, 21:53   #7
Dave-RockZ
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Ich habe gesamt 3 extrerne Festplatten mit sehr viele Rohdaten und PSD Files. Ich bin in der Fotografie tätig. Ich kann mir ne vorstellen das diese Dateien auch betroffen sind. Zumindestens hatte ich keine Datei bis vorhin geöffnet.

F-Secure findet jetzt bei einen kompletten Scan nichts.

Alt 03.06.2010, 22:00   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Ok...dann mal bitte nen Vollscan mit Malwarebytes machen und Log posten. Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.06.2010, 23:12   #9
Dave-RockZ
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Erstmal OTL:


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 03.06.2010 23:05:57 - Run 1
OTL by OldTimer - Version 3.2.5.3     Folder = C:\Users\Dave-RockZ\Downloads
64bit- Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 61,00% Memory free
12,00 Gb Paging File | 9,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,51 Gb Total Space | 876,65 Gb Free Space | 94,11% Space Free | Partition Type: NTFS
Drive D: | 437,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
E: Drive not present or media not loaded
Drive F: | 465,76 Gb Total Space | 96,95 Gb Free Space | 20,81% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
Drive H: | 596,17 Gb Total Space | 200,53 Gb Free Space | 33,64% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded
Drive N: | 465,76 Gb Total Space | 69,72 Gb Free Space | 14,97% Space Free | Partition Type: NTFS
 
Computer Name: DAVE-ROCKZ-PC
Current User Name: Dave-RockZ
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Dave-RockZ\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
PRC - C:\Users\Dave-RockZ\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\F-Secure\Anti-Virus\FSGK32.EXE (F-Secure Corporation)
PRC - C:\Users\Dave-RockZ\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\iTunes\iTunes.exe (Apple Inc.)
PRC - C:\Program Files (x86)\StarMoney 7.0 Commerzbank-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\F-Secure\Common\FSLAUNCH.EXE (F-Secure Corporation)
PRC - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
PRC - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Dave-RockZ\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:64bit: - (WwanSvc) -- C:\Windows\SysNative\wwansvc.dll (Microsoft Corporation)
SRV:64bit: - (WbioSrvc) -- C:\Windows\SysNative\wbiosrvc.dll (Microsoft Corporation)
SRV:64bit: - (UmRdpService) -- C:\Windows\SysNative\umrdp.dll (Microsoft Corporation)
SRV:64bit: - (Power) -- C:\Windows\SysNative\umpo.dll (Microsoft Corporation)
SRV:64bit: - (Themes) -- C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
SRV:64bit: - (sppuinotify) -- C:\Windows\SysNative\sppuinotify.dll (Microsoft Corporation)
SRV:64bit: - (SensrSvc) -- C:\Windows\SysNative\sensrsvc.dll (Microsoft Corporation)
SRV:64bit: - (StorSvc) -- C:\Windows\SysNative\StorSvc.dll (Microsoft Corporation)
SRV:64bit: - (PeerDistSvc) -- C:\Windows\SysNative\PeerDistSvc.dll (Microsoft Corporation)
SRV:64bit: - (PNRPsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (p2pimsvc) -- C:\Windows\SysNative\pnrpsvc.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupProvider) -- C:\Windows\SysNative\provsvc.dll (Microsoft Corporation)
SRV:64bit: - (RpcEptMapper) -- C:\Windows\SysNative\RpcEpMap.dll (Microsoft Corporation)
SRV:64bit: - (PNRPAutoReg) -- C:\Windows\SysNative\pnrpauto.dll (Microsoft Corporation)
SRV:64bit: - (HomeGroupListener) -- C:\Windows\SysNative\ListSvc.dll (Microsoft Corporation)
SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (Dhcp) -- C:\Windows\SysNative\dhcpcore.dll (Microsoft Corporation)
SRV:64bit: - (defragsvc) -- C:\Windows\SysNative\defragsvc.dll (Microsoft Corporation)
SRV:64bit: - (CscService) -- C:\Windows\SysNative\cscsvc.dll (Microsoft Corporation)
SRV:64bit: - (bthserv) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (BDESVC) -- C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
SRV:64bit: - (AxInstSV) -- C:\Windows\SysNative\AxInstSv.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppIDSvc) -- C:\Windows\SysNative\appidsvc.dll (Microsoft Corporation)
SRV:64bit: - (wbengine) -- C:\Windows\SysNative\wbengine.exe (Microsoft Corporation)
SRV:64bit: - (sppsvc) -- C:\Windows\SysNative\sppsvc.exe (Microsoft Corporation)
SRV:64bit: - (Fax) -- C:\Windows\SysNative\FXSSVC.exe (Microsoft Corporation)
SRV - (FSORSPClient) -- C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe (F-Secure Corporation)
SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Program Files (x86)\StarMoney 7.0 Commerzbank-Edition\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (FSMA) -- C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE (F-Secure Corporation)
SRV - (FSDFWD) -- C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe (F-Secure Corporation)
SRV - (F-Secure Gatekeeper Handler Starter) -- C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe (F-Secure Corporation)
SRV - (NIHardwareService) -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Native Instruments GmbH)
SRV - (VSS) -- C:\Windows\Vss [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (MSDTC) -- C:\Windows\SysWOW64\Msdtc [2009.07.14 05:20:14 | 000,000,000 | ---D | M]
SRV - (HomeGroupProvider) -- C:\Windows\SysWOW64\provsvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\SysWOW64\dhcpcore.dll (Microsoft Corporation)
SRV - (vds) -- C:\Windows\SysWOW64\wbem\vds.mof ()
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (FSES) -- C:\Windows\SysNative\drivers\fses.sys (F-Secure Corporation)
DRV:64bit: - (MSHUSBVideo) -- C:\Windows\SysNative\drivers\nx6000.sys (Microsoft Corporation)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (KSecPkg) -- C:\Windows\SysNative\drivers\ksecpkg.sys (Microsoft Corporation)
DRV:64bit: - (FSFW) -- C:\Windows\SysNative\drivers\fsdfw.sys (F-Secure Corporation)
DRV:64bit: - (fvevol) -- C:\Windows\SysNative\drivers\fvevol.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (hwpolicy) -- C:\Windows\SysNative\drivers\hwpolicy.sys (Microsoft Corporation)
DRV:64bit: - (FsDepends) -- C:\Windows\SysNative\drivers\fsdepends.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (WIMMount) -- C:\Windows\SysNative\drivers\wimmount.sys (Microsoft Corporation)
DRV:64bit: - (vhdmp) -- C:\Windows\SysNative\drivers\vhdmp.sys (Microsoft Corporation)
DRV:64bit: - (vmbus) -- C:\Windows\SysNative\drivers\vmbus.sys (Microsoft Corporation)
DRV:64bit: - (storflt) -- C:\Windows\SysNative\drivers\vmstorfl.sys (Microsoft Corporation)
DRV:64bit: - (vdrvroot) -- C:\Windows\SysNative\drivers\vdrvroot.sys (Microsoft Corporation)
DRV:64bit: - (storvsc) -- C:\Windows\SysNative\drivers\storvsc.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (rdyboost) -- C:\Windows\SysNative\drivers\rdyboost.sys (Microsoft Corporation)
DRV:64bit: - (pcw) -- C:\Windows\SysNative\drivers\pcw.sys (Microsoft Corporation)
DRV:64bit: - (CNG) -- C:\Windows\SysNative\drivers\cng.sys (Microsoft Corporation)
DRV:64bit: - (rdpbus) -- C:\Windows\SysNative\drivers\rdpbus.sys (Microsoft Corporation)
DRV:64bit: - (RDPREFMP) -- C:\Windows\SysNative\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV:64bit: - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\SysNative\drivers\agilevpn.sys (Microsoft Corporation)
DRV:64bit: - (WfpLwf) -- C:\Windows\SysNative\drivers\wfplwf.sys (Microsoft Corporation)
DRV:64bit: - (NdisCap) -- C:\Windows\SysNative\drivers\ndiscap.sys (Microsoft Corporation)
DRV:64bit: - (vwififlt) -- C:\Windows\SysNative\drivers\vwififlt.sys (Microsoft Corporation)
DRV:64bit: - (vwifibus) -- C:\Windows\SysNative\drivers\vwifibus.sys (Microsoft Corporation)
DRV:64bit: - (1394ohci) -- C:\Windows\SysNative\drivers\1394ohci.sys (Microsoft Corporation)
DRV:64bit: - (HdAudAddService) -- C:\Windows\SysNative\drivers\HdAudio.sys (Microsoft Corporation)
DRV:64bit: - (usbvideo) USB Video Device (WDM) -- C:\Windows\SysNative\drivers\usbvideo.sys (Microsoft Corporation)
DRV:64bit: - (UmPass) -- C:\Windows\SysNative\drivers\umpass.sys (Microsoft Corporation)
DRV:64bit: - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\SysNative\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV:64bit: - (mshidkmdf) -- C:\Windows\SysNative\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV:64bit: - (WudfPf) -- C:\Windows\SysNative\drivers\WUDFPf.sys (Microsoft Corporation)
DRV:64bit: - (MTConfig) -- C:\Windows\SysNative\drivers\MTConfig.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\drivers\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (Beep) -- C:\Windows\SysNative\drivers\beep.sys (Microsoft Corporation)
DRV:64bit: - (AppID) -- C:\Windows\SysNative\drivers\appid.sys (Microsoft Corporation)
DRV:64bit: - (scfilter) -- C:\Windows\SysNative\drivers\scfilter.sys (Microsoft Corporation)
DRV:64bit: - (s3cap) -- C:\Windows\SysNative\drivers\vms3cap.sys (Microsoft Corporation)
DRV:64bit: - (VMBusHID) -- C:\Windows\SysNative\drivers\VMBusHID.sys (Microsoft Corporation)
DRV:64bit: - (discache) -- C:\Windows\SysNative\drivers\discache.sys (Microsoft Corporation)
DRV:64bit: - (HidBatt) -- C:\Windows\SysNative\drivers\hidbatt.sys (Microsoft Corporation)
DRV:64bit: - (CmBatt) -- C:\Windows\SysNative\drivers\CmBatt.sys (Microsoft Corporation)
DRV:64bit: - (AcpiPmi) -- C:\Windows\SysNative\drivers\acpipmi.sys (Microsoft Corporation)
DRV:64bit: - (CSC) -- C:\Windows\SysNative\drivers\csc.sys (Microsoft Corporation)
DRV:64bit: - (AmdPPM) -- C:\Windows\SysNative\drivers\amdppm.sys (Microsoft Corporation)
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (e1yexpress) Intel(R) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (F-Secure Gatekeeper) -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys ()
DRV - (CSC) -- C:\Windows\CSC [2010.06.02 22:59:04 | 000,000,000 | ---D | M]
DRV - ({1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl (CyberLink Corp.)
DRV - (F-Secure HIPS) -- C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys (F-Secure Corporation)
DRV - (F-Secure Filter) -- C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys ()
DRV - (F-Secure Recognizer) -- C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys ()
DRV - (fsvista) -- C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys ()
DRV - (ElbyCDIO) -- C:\Windows\SysWOW64\ElbyCDIO.dll (Elaborate Bytes AG)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NetBIOS) -- C:\Windows\SysWOW64\netbios.dll (Microsoft Corporation)
DRV - (mpsdrv) -- C:\Windows\SysWOW64\wbem\mpsdrv.mof ()
DRV - (Tcpip) -- C:\Windows\SysWOW64\wbem\tcpip.mof ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D9 A6 33 B5 16 03 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
FF - HKLM\software\mozilla\Firefox\Extensions\\litmus-ff@f-secure.com: C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2010.06.03 00:35:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.06.03 15:10:03 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.06.03 15:10:03 | 000,000,000 | ---D | M]
 
[2010.06.02 23:45:02 | 000,000,000 | ---D | M] -- C:\Users\Dave-RockZ\AppData\Roaming\mozilla\Extensions
[2010.06.02 23:45:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dave-RockZ\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
 
O1 HOSTS File: ([2010.06.03 15:09:51 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Browsing Protection Class) - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O3 - HKLM\..\Toolbar: (Browsing Protection Toolbar) - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (F-Secure Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files (x86)\F-Secure\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [WinUpdate] C:\Windows\SysWow64\lexplorer.exe File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: lexplorer = C:\Windows\system32\lexplorer.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: lexplorer = C:\Windows\system32\lexplorer.exe File not found
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files (x86)\F-Secure\FSPS\program\FSLSP.DLL (F-Secure Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.03.03 23:12:23 | 000,000,038 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2010.02.03 17:17:08 | 000,000,032 | ---- | M] () - N:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{46dc1c61-6e8a-11df-ad44-0025118adbd2}\Shell - "" = AutoRun
O33 - MountPoints2\{46dc1c61-6e8a-11df-ad44-0025118adbd2}\Shell\AutoRun\command - "" = O:\Set-up.exe -- File not found
O33 - MountPoints2\{99fa2a6c-6e89-11df-bd2e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{99fa2a6c-6e89-11df-bd2e-806e6f6e6963}\Shell\AutoRun\command - "" = D:\smoney_m_23_0_j_.exe -- [2009.03.03 22:45:32 | 139,864,448 | R--- | M] (Acresso Software Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.06.03 22:57:19 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Malwarebytes
[2010.06.03 22:57:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.06.03 22:57:10 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.06.03 22:57:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.03 22:57:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.06.03 22:46:47 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Native Instruments
[2010.06.03 22:45:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D69A48BF-7653-4AA8-94BC-5847522A4573}
[2010.06.03 22:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Digidesign
[2010.06.03 22:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2010.06.03 22:44:46 | 000,000,000 | -H-D | C] -- C:\ProgramData\{0CC51CB2-911C-40BB-BC1B-BD3CAC590222}
[2010.06.03 22:44:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D7CFB71A-972A-44FF-AE44-8780EB53ABB2}
[2010.06.03 22:44:31 | 000,000,000 | ---D | C] -- C:\Programme\Native Instruments
[2010.06.03 22:44:31 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Native Instruments
[2010.06.03 22:37:47 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\QuickPar
[2010.06.03 22:17:34 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\CommunicaEtor
[2010.06.03 22:03:07 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Tracing
[2010.06.03 22:02:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010.06.03 22:02:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.06.03 22:02:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010.06.03 22:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010.06.03 22:01:53 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.06.03 21:59:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010.06.03 21:56:51 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\skypePM
[2010.06.03 21:56:25 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Skype
[2010.06.03 21:56:09 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.06.03 21:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.06.03 21:55:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.06.03 20:32:42 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\ICQ
[2010.06.03 20:32:41 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\AOL
[2010.06.03 20:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.06.03 16:50:05 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010.06.03 16:36:21 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Trillian
[2010.06.03 16:32:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trillian
[2010.06.03 16:21:49 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.06.03 15:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2010.06.03 15:27:45 | 001,645,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2010.06.03 15:27:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BurnAware Free
[2010.06.03 15:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2010.06.03 15:19:50 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe
[2010.06.03 15:18:59 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2010.06.03 15:17:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010.06.03 15:17:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010.06.03 15:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.06.03 15:12:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.06.03 15:11:24 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Apple Computer
[2010.06.03 15:11:23 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Apple Computer
[2010.06.03 15:11:16 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2010.06.03 15:11:16 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2010.06.03 15:11:16 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2010.06.03 15:11:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.06.03 15:10:49 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Google
[2010.06.03 15:10:36 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2010.06.03 15:10:35 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2010.06.03 15:10:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010.06.03 15:10:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010.06.03 15:09:46 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Adobe
[2010.06.03 15:09:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010.06.03 15:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010.06.03 15:09:34 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Apple
[2010.06.03 15:09:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010.06.03 15:09:19 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Apple
[2010.06.03 15:09:12 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2010.06.03 15:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010.06.03 15:08:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010.06.03 15:08:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010.06.03 14:54:32 | 000,372,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NVUNINST.EXE
[2010.06.03 14:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010.06.03 14:50:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.06.03 14:48:22 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.06.03 14:20:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010.06.03 00:36:53 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft LifeCam
[2010.06.03 00:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft LifeCam
[2010.06.03 00:35:59 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010.06.03 00:35:57 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010.06.03 00:33:08 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\system32
[2010.06.03 00:30:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2010.06.03 00:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\StarMoney 7.0
[2010.06.03 00:16:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\StarMoney 7.0 Commerzbank-Edition
[2010.06.03 00:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Elaborate Bytes
[2010.06.03 00:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2010.06.03 00:09:49 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2010.06.03 00:08:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero
[2010.06.03 00:08:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.06.03 00:08:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero
[2010.06.03 00:07:55 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.06.03 00:07:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2010.06.03 00:06:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nvu
[2010.06.03 00:04:22 | 000,047,560 | ---- | C] (F-Secure Corporation) -- C:\Windows\SysNative\drivers\fses.sys
[2010.06.03 00:04:18 | 000,574,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp50.dll
[2010.06.03 00:04:18 | 000,094,024 | ---- | C] (F-Secure Corporation) -- C:\Windows\SysNative\drivers\fsdfw.sys
[2010.06.03 00:04:06 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\vlc
[2010.06.03 00:03:42 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Foxit
[2010.06.03 00:03:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foxit Software
[2010.06.03 00:03:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\F-Secure
[2010.06.03 00:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAMN NFO Viewer
[2010.06.03 00:01:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2010.06.02 23:57:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.06.02 23:57:37 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.06.02 23:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\fssg
[2010.06.02 23:57:11 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\TeamViewer
[2010.06.02 23:56:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2010.06.02 23:56:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tinypic
[2010.06.02 23:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ConeXware
[2010.06.02 23:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickPar
[2010.06.02 23:55:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerArchiver
[2010.06.02 23:55:14 | 000,000,000 | ---D | C] -- C:\Programme\CommunicaEtor
[2010.06.02 23:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\CommunicaEtor
[2010.06.02 23:51:00 | 000,241,664 | ---- | C] (Namtuk.com) -- C:\Windows\SysWow64\MyFramePanel.ocx
[2010.06.02 23:50:59 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2010.06.02 23:50:59 | 000,609,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ComCtl32.ocx
[2010.06.02 23:50:59 | 000,245,760 | ---- | C] (LansSoft Studio) -- C:\Windows\SysWow64\aUpdateNow.ocx
[2010.06.02 23:50:59 | 000,140,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\COMDLG32.OCX
[2010.06.02 23:50:59 | 000,132,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.ocx
[2010.06.02 23:50:59 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6STKIT.DLL
[2010.06.02 23:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FriendBlasterPro
[2010.06.02 23:46:24 | 000,000,000 | ---D | C] -- C:\ProgramData\f-secure
[2010.06.02 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Thunderbird
[2010.06.02 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Thunderbird
[2010.06.02 23:45:01 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Mozilla
[2010.06.02 23:44:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2010.06.02 23:44:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2010.06.02 23:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2010.06.02 23:37:01 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010.06.02 23:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2010.06.02 23:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.06.02 23:36:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.06.02 23:36:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.06.02 23:35:50 | 000,505,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010.06.02 23:35:50 | 000,353,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010.06.02 23:35:50 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.06.02 23:35:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2010.06.02 23:33:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2010.06.02 23:26:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nvidia Omega Drivers
[2010.06.02 23:20:42 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Opera
[2010.06.02 23:20:42 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Opera
[2010.06.02 23:20:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2010.06.02 23:19:49 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.06.02 23:16:58 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Macromedia
[2010.06.02 23:16:58 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Adobe
[2010.06.02 23:16:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010.06.02 23:11:26 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Searches
[2010.06.02 23:11:19 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Identities
[2010.06.02 23:11:18 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Contacts
[2010.06.02 23:11:16 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\VirtualStore
[2010.06.02 23:11:11 | 000,000,000 | --SD | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Microsoft
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Videos
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Saved Games
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Pictures
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Music
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Links
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Favorites
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Downloads
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Documents
[2010.06.02 23:11:11 | 000,000,000 | R--D | C] -- C:\Users\Dave-RockZ\Desktop
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Vorlagen
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\AppData\Local\Verlauf
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\AppData\Local\Temporary Internet Files
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Startmenü
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\SendTo
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Recent
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Netzwerkumgebung
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Lokale Einstellungen
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Documents\Eigene Videos
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Documents\Eigene Musik
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Eigene Dateien
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Documents\Eigene Bilder
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Druckumgebung
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Cookies
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\AppData\Local\Anwendungsdaten
[2010.06.02 23:11:11 | 000,000,000 | -HSD | C] -- C:\Users\Dave-RockZ\Anwendungsdaten
[2010.06.02 23:11:11 | 000,000,000 | -H-D | C] -- C:\Users\Dave-RockZ\AppData
[2010.06.02 23:11:11 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Temp
[2010.06.02 23:11:11 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Local\Microsoft
[2010.06.02 23:11:11 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\AppData\Roaming\Media Center Programs
[2010.06.02 23:10:59 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2010.06.02 23:10:58 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.06.02 23:10:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.06.02 22:59:09 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.06.02 22:59:04 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2010.05.31 21:01:31 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Simply Super Software
[2010.05.30 15:54:44 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Alpha Protocol
[2010.05.26 21:52:56 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\GcMail
[2010.05.25 18:44:55 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\microsoft
[2010.05.24 13:40:05 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\MeineWebSeiten
[2010.05.24 13:40:05 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Meine Corel-Shows
[2010.05.24 13:40:03 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\ICQ
[2010.05.24 13:40:03 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\HP Photosmart Projects
[2010.05.24 13:39:56 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Eigene Scans
[2010.05.24 13:39:55 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Eigene PaperPort-Dokumente
[2010.05.24 13:39:55 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\CyberLink
[2010.05.24 13:39:46 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Temporary Downloaded Files
[2010.05.24 13:39:46 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Adobe
[2010.05.24 13:39:45 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Outlook-Dateien
[2010.05.24 13:39:45 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\OneNote-Notizbücher
[2010.05.24 13:39:45 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Notes
[2010.05.24 13:39:44 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\My PSP Files
[2010.05.24 13:37:58 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\Downloads
[2010.05.24 13:30:52 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Documents\DriverGenius
[2010.05.24 13:01:47 | 000,000,000 | ---D | C] -- C:\Users\Dave-RockZ\Desktop\Desktop
[2010.05.11 23:05:43 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.05.11 22:44:30 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010.05.11 22:41:57 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010.05.11 22:41:06 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010.05.11 22:40:35 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010.05.11 22:40:28 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010.05.11 22:39:45 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010.05.11 22:39:09 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010.05.11 22:38:50 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010.05.11 22:38:49 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010.05.11 22:37:20 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010.05.11 22:37:15 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010.05.11 22:37:14 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010.05.11 22:37:10 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010.05.11 22:37:09 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010.05.11 22:37:09 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010.05.11 22:37:08 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010.05.11 22:37:08 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010.05.11 22:37:06 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010.05.11 22:37:06 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010.05.11 22:36:53 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010.05.11 22:36:52 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010.05.11 22:36:50 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010.05.11 22:36:47 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010.05.11 22:36:47 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010.05.11 22:36:46 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010.05.11 22:36:41 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010.05.11 22:35:43 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010.05.11 22:35:42 | 000,153,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys
[2010.05.11 22:35:41 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010.05.11 22:35:41 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010.05.11 22:35:39 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010.05.11 22:35:38 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010.05.11 22:35:38 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010.05.11 22:35:37 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010.05.11 22:35:37 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010.05.11 22:35:37 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010.05.11 22:35:37 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010.05.11 22:35:37 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010.05.11 22:35:37 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010.05.11 22:35:37 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010.05.11 22:35:36 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010.05.11 22:35:36 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010.05.11 22:35:36 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010.05.11 22:35:36 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010.05.11 22:35:36 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010.05.11 22:35:36 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010.05.11 22:35:36 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010.05.11 22:35:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010.05.11 22:35:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010.05.11 22:35:31 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010.05.11 22:35:22 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010.05.11 22:35:19 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010.05.11 22:35:12 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.05.11 22:35:07 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010.05.11 22:35:05 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010.05.11 22:35:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010.05.11 22:35:05 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010.05.11 22:35:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010.05.11 22:35:05 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010.05.11 22:35:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010.05.11 22:35:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010.05.11 22:35:03 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010.05.11 22:35:02 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010.05.11 22:35:01 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010.05.11 22:35:01 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010.05.11 22:35:01 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll
[2010.05.11 22:35:01 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll
[2010.05.11 22:35:01 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll
[2010.05.11 22:35:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll
[2010.05.11 22:35:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2010.05.11 22:34:54 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.05.11 22:34:54 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.05.11 22:34:54 | 000,223,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys
[2010.05.11 22:34:54 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010.05.11 22:34:54 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010.05.11 22:34:54 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010.05.11 22:34:54 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010.05.11 22:07:29 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
 
========== Files - Modified Within 30 Days ==========
 
[2010.06.03 23:08:38 | 001,310,720 | -HS- | M] () -- C:\Users\Dave-RockZ\NTUSER.DAT
[2010.06.03 22:57:14 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.03 22:45:34 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk
[2010.06.03 22:15:00 | 000,001,138 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53557663-373289401-340324060-1001UA.job
[2010.06.03 21:56:52 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.06.03 21:56:09 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.06.03 20:38:23 | 000,018,938 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\75530-2357-not_my_president.jpg
[2010.06.03 20:33:44 | 000,001,820 | ---- | M] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.06.03 20:32:04 | 000,012,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.06.03 20:32:04 | 000,012,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.06.03 20:29:16 | 001,493,750 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.06.03 20:29:16 | 000,650,756 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.06.03 20:29:16 | 000,614,120 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.06.03 20:29:16 | 000,129,432 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.06.03 20:29:16 | 000,106,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.06.03 20:24:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.06.03 20:24:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.06.03 20:24:40 | 536,219,647 | -HS- | M] () -- C:\hiberfil.sys
[2010.06.03 18:05:32 | 001,432,959 | -H-- | M] () -- C:\Users\Dave-RockZ\AppData\Local\IconCache.db
[2010.06.03 17:55:14 | 000,057,569 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\schueler-ges.jpg
[2010.06.03 16:50:05 | 000,057,944 | ---- | M] () -- C:\Users\Dave-RockZ\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.06.03 16:36:20 | 000,001,087 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\Trillian.lnk
[2010.06.03 16:22:37 | 004,831,960 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.06.03 16:21:30 | 623,303,599 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.06.03 15:27:46 | 000,000,974 | ---- | M] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2010.06.03 15:15:00 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53557663-373289401-340324060-1001Core.job
[2010.06.03 15:13:36 | 000,002,338 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\Google Chrome.lnk
[2010.06.03 15:11:19 | 000,002,429 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.03 15:10:00 | 000,001,845 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.06.03 15:08:34 | 000,001,246 | ---- | M] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2010.06.03 14:20:42 | 000,002,089 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\HijackThis.lnk
[2010.06.03 14:19:41 | 001,402,880 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\HiJackThis.msi
[2010.06.03 00:41:04 | 000,047,560 | ---- | M] (F-Secure Corporation) -- C:\Windows\SysNative\drivers\fses.sys
[2010.06.03 00:38:34 | 000,002,041 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2010.06.03 00:35:42 | 000,033,920 | ---- | M] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2010.06.03 00:32:51 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\F-Secure Internet Security 2010.lnk
[2010.06.03 00:31:04 | 000,524,288 | -HS- | M] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.06.03 00:31:04 | 000,524,288 | -HS- | M] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.06.03 00:31:04 | 000,065,536 | -HS- | M] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.06.03 00:18:39 | 000,002,248 | ---- | M] () -- C:\Users\Public\Desktop\StarMoney 7.0 Commerzbank-Edition.lnk
[2010.06.03 00:07:24 | 000,002,037 | ---- | M] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010.06.03 00:04:24 | 001,516,002 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.06.03 00:03:42 | 000,001,226 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2010.06.03 00:02:13 | 000,001,197 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010.lnk
[2010.06.02 23:58:18 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.06.02 23:57:38 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.06.02 23:57:05 | 000,001,158 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.06.02 23:56:23 | 000,000,987 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\TinyPic.lnk
[2010.06.02 23:55:56 | 000,001,964 | ---- | M] () -- C:\Users\Public\Desktop\PowerArchiver.lnk
[2010.06.02 23:55:51 | 000,001,003 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\QuickPar.lnk
[2010.06.02 23:51:00 | 000,001,921 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\FriendBlasterPro.lnk
[2010.06.02 23:44:21 | 000,002,001 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010.06.02 23:44:09 | 000,001,023 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2010.06.02 23:37:12 | 000,002,113 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010.06.02 23:36:46 | 000,001,174 | ---- | M] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010.06.02 23:36:46 | 000,001,138 | ---- | M] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010.06.02 23:36:38 | 000,001,615 | ---- | M] () -- C:\Users\Dave-RockZ\Desktop\DivX Movies.lnk
[2010.06.02 23:33:15 | 000,505,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp71.dll
[2010.06.02 23:33:15 | 000,353,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr71.dll
[2010.06.02 23:33:15 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.06.02 23:26:58 | 000,472,576 | ---- | M] () -- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
[2010.06.02 23:20:39 | 000,000,833 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.06.02 23:11:11 | 000,000,020 | -HS- | M] () -- C:\Users\Dave-RockZ\ntuser.ini
[2010.06.02 23:02:33 | 000,000,751 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.06.02 23:02:33 | 000,000,751 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.06.02 23:00:31 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.01 23:03:28 | 024,063,155 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\[aF]Death.Note.-.04.-.Verfolgt[80A38759].mp4
[2010.05.24 20:35:04 | 000,026,624 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc.doc
[2010.05.16 18:56:44 | 000,032,256 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc
[2010.05.16 18:53:27 | 000,017,435 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.docx
[2010.05.16 14:42:44 | 000,012,468 | ---- | M] () -- C:\Users\Dave-RockZ\Documents\Filme-Box.xlsx
 
========== Files Created - No Company Name ==========
 
[2010.06.03 22:57:14 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.03 22:45:34 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\Guitar Rig 4.lnk
[2010.06.03 21:56:52 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.06.03 21:56:09 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.06.03 20:38:23 | 000,018,938 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\75530-2357-not_my_president.jpg
[2010.06.03 20:33:44 | 000,001,820 | ---- | C] () -- C:\Users\Public\Desktop\ICQ7.2.lnk
[2010.06.03 17:55:14 | 000,057,569 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\schueler-ges.jpg
[2010.06.03 16:36:20 | 000,001,087 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\Trillian.lnk
[2010.06.03 16:21:30 | 623,303,599 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.06.03 15:27:46 | 000,000,974 | ---- | C] () -- C:\Users\Public\Desktop\BurnAware Free.lnk
[2010.06.03 15:13:36 | 000,002,338 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\Google Chrome.lnk
[2010.06.03 15:11:19 | 000,002,429 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010.06.03 15:10:53 | 000,001,138 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53557663-373289401-340324060-1001UA.job
[2010.06.03 15:10:51 | 000,001,086 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-53557663-373289401-340324060-1001Core.job
[2010.06.03 15:10:00 | 000,001,845 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010.06.03 14:20:42 | 000,002,089 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\HijackThis.lnk
[2010.06.03 14:19:37 | 001,402,880 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\HiJackThis.msi
[2010.06.03 00:38:34 | 000,002,041 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft LifeCam.lnk
[2010.06.03 00:32:51 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\F-Secure Internet Security 2010.lnk
[2010.06.03 00:18:38 | 000,002,248 | ---- | C] () -- C:\Users\Public\Desktop\StarMoney 7.0 Commerzbank-Edition.lnk
[2010.06.03 00:11:20 | 000,001,246 | ---- | C] () -- C:\Users\Public\Desktop\Virtual CloneDrive.lnk
[2010.06.03 00:07:24 | 000,002,037 | ---- | C] () -- C:\Users\Public\Desktop\LightScribe.lnk
[2010.06.03 00:05:05 | 000,033,920 | ---- | C] () -- C:\Windows\SysWow64\drivers\fsbts.sys
[2010.06.03 00:04:09 | 001,516,002 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.06.03 00:03:42 | 000,001,226 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2010.06.03 00:02:13 | 000,001,197 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010.lnk
[2010.06.02 23:58:18 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2010.06.02 23:57:38 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.06.02 23:57:37 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.06.02 23:57:05 | 000,001,158 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.06.02 23:56:23 | 000,000,987 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\TinyPic.lnk
[2010.06.02 23:55:56 | 000,001,964 | ---- | C] () -- C:\Users\Public\Desktop\PowerArchiver.lnk
[2010.06.02 23:55:51 | 000,001,003 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\QuickPar.lnk
[2010.06.02 23:51:00 | 000,001,921 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\FriendBlasterPro.lnk
[2010.06.02 23:44:21 | 000,002,001 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2010.06.02 23:44:09 | 000,001,023 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk
[2010.06.02 23:37:12 | 000,002,113 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink PowerDVD 10.lnk
[2010.06.02 23:36:46 | 000,001,174 | ---- | C] () -- C:\Users\Public\Desktop\DivX Converter.lnk
[2010.06.02 23:36:46 | 000,001,138 | ---- | C] () -- C:\Users\Public\Desktop\DivX Player.lnk
[2010.06.02 23:36:38 | 000,001,615 | ---- | C] () -- C:\Users\Dave-RockZ\Desktop\DivX Movies.lnk
[2010.06.02 23:26:58 | 000,472,576 | ---- | C] () -- C:\Windows\Nvidia Omega Drivers v1.169.25 Uninstall.exe
[2010.06.02 23:20:39 | 000,000,833 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2010.06.02 23:11:11 | 001,310,720 | -HS- | C] () -- C:\Users\Dave-RockZ\NTUSER.DAT
[2010.06.02 23:11:11 | 000,524,288 | -HS- | C] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010.06.02 23:11:11 | 000,524,288 | -HS- | C] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010.06.02 23:11:11 | 000,262,144 | -HS- | C] () -- C:\Users\Dave-RockZ\ntuser.dat.LOG1
[2010.06.02 23:11:11 | 000,065,536 | -HS- | C] () -- C:\Users\Dave-RockZ\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.06.02 23:11:11 | 000,000,020 | -HS- | C] () -- C:\Users\Dave-RockZ\ntuser.ini
[2010.06.02 23:11:11 | 000,000,000 | -HS- | C] () -- C:\Users\Dave-RockZ\ntuser.dat.LOG2
[2010.06.02 23:00:31 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.06.02 22:58:37 | 536,219,647 | -HS- | C] () -- C:\hiberfil.sys
[2010.06.01 23:01:59 | 024,063,155 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\[aF]Death.Note.-.04.-.Verfolgt[80A38759].mp4
[2010.05.24 20:35:21 | 000,026,624 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc.doc
[2010.05.24 13:39:46 | 001,752,590 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\Vorschau.pdf
[2010.05.24 13:39:46 | 000,032,256 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc
[2010.05.24 13:39:46 | 000,017,435 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.docx
[2010.05.24 13:39:46 | 000,012,468 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\Filme-Box.xlsx
[2010.05.24 13:39:46 | 000,002,684 | ---- | C] () -- C:\Users\Dave-RockZ\Documents\hosts
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Vorschau.pdf:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Temporary Downloaded Files:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.docx:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\RockZ-Photography Konzept Intern.doc.doc:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Outlook-Dateien:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\OneNote-Notizbücher:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Notes:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\My PSP Files:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\MeineWebSeiten:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Meine Corel-Shows:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\ICQ:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\HP Photosmart Projects:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\hosts:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Filme-Box.xlsx:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Eigene Scans:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Eigene PaperPort-Dokumente:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\DriverGenius:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Downloads:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\CyberLink:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Documents\Adobe:Mac_Metadata
@Alternate Data Stream - 20 bytes -> C:\Users\Dave-RockZ\Desktop\Desktop:Mac_Metadata
< End of report >
         
--- --- ---

und

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4168

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

03.06.2010 23:54:58
mbam-log-2010-06-03 (23-54-58).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|H:\|N:\|)
Durchsuchte Objekte: 418255
Laufzeit: 41 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 2
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{sjh5qq24-ed6n-wb4h-svu6-010843642ux7} (Generic.Bot.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Cerberus (Backdoor.Trace) -> No action taken.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winupdate (Spyware.Passwords) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Geändert von Dave-RockZ (03.06.2010 um 23:58 Uhr)

Alt 04.06.2010, 09:32   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Hast Du die Funde mit Malwarebytes entfernt?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.06.2010, 12:31   #11
Dave-RockZ
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Malwarebytes hat soweit alles gelöscht. Nach den Neustart ist auch der autostart Eintrag weg. Bei einen erneuten Scan wird auch nichts gefunden. Ist der Trojaner nun endlich komplett weg?

Vielen vielen Dank schon mal.

Alt 04.06.2010, 12:42   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Zitat:
[AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
Woher hast Du dieses Adobe CS5?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.06.2010, 14:20   #13
Dave-RockZ
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Von da:
https://www.adobe.com/cfusion/tdrc/index.cfm?product=master_collection&promoid=EBYET

Alt 04.06.2010, 15:38   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Du hast diese Trialversion aber nicht mit einem dubiosen Tool in eine Vollversion verwandelt?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 04.06.2010, 17:42   #15
Dave-RockZ
 
Trojan.Generic.2861923 nach Neuinstallation - Standard

Trojan.Generic.2861923 nach Neuinstallation



Nein die wurde mit einen Studenten Key freigeschalten. Ich bin langsam mit meinen Nerven am Ende. immer wenn ich den Rechner nun starte dauert es sehr lange bis es beim Start die Tastatur und Maus erkennt. Ich glaube ich schmeiß bald alle Windows Rechner raus und steige nun endgültig auf Mac um.

Jedenfalls scheint der Trojaner nun von mein System runter zu sein. Vielen Dank für deine Hilfe.

Antwort

Themen zu Trojan.Generic.2861923 nach Neuinstallation
agent, autostart, bho, firewall, fsm, hijackthis, icq, internet, internet explorer, lsass.exe, micro, microsoft, neu, object, programme, security, software, spoolsv.exe, starmoney, system, system neu, system32, syswow64, trojan.generic., userinit, windows, windows media player, wmp, wurm



Ähnliche Themen: Trojan.Generic.2861923 nach Neuinstallation


  1. Kaspersky meldet Trojan.Win32.Generic nach Installation von OpenVPN
    Plagegeister aller Art und deren Bekämpfung - 18.10.2015 (13)
  2. Trojan.GenericKD.2269178 (B) + Trojan.Generic.13051484 (B) + Trojan.Generic.12905642 (B)
    Log-Analyse und Auswertung - 10.04.2015 (12)
  3. Blockierter Internetzugang nach Quarantäne von Trojan.Generic.11216133 (B)
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (11)
  4. Desinfizierung durch Kaspersky nicht möglich: Trojan.Win32.Bromngr.k, HEUR:Trojan.Win32.Generic, Trojan-Downloader.Win32.MultiDL.I
    Plagegeister aller Art und deren Bekämpfung - 28.11.2013 (1)
  5. Windows7:Kapersky findet HEUR:Trojan.Win32.generic und Trojan.Downloader.Win32MultiDL (Arbeitspc!)
    Log-Analyse und Auswertung - 15.11.2013 (9)
  6. Trojan.Sirefef.MC und Trojan.Generic.8253580 lassen sich nicht entfernen!
    Log-Analyse und Auswertung - 23.02.2013 (9)
  7. trojan.hijacker - win7 auch nach neuinstallation infiziert? rootkit?
    Log-Analyse und Auswertung - 04.02.2013 (40)
  8. Trojan.Tdss-7762 und Trojan.Generic.FakeAV.WKA unter Vista
    Plagegeister aller Art und deren Bekämpfung - 19.11.2012 (20)
  9. Trojan.Generic Befall Bitte um Hilfe nach OTL Log Auswertung!
    Log-Analyse und Auswertung - 12.09.2012 (6)
  10. Virenfund Trojan.Generic.7552386 und Trojan.Sirefef.FY nach GVU-Befall
    Log-Analyse und Auswertung - 03.08.2012 (15)
  11. Nach Bereinigung von HEUR:Trojan.Win32.Generic Probleme in Windows Ausführung
    Log-Analyse und Auswertung - 02.05.2011 (6)
  12. Gen: Trojan.Heur.GM.01E0000002 und Trojan.Generic.4033639 von BitDefender Internet Security 2011 gef
    Plagegeister aller Art und deren Bekämpfung - 22.04.2011 (1)
  13. Trojan.Win32.Generic!BT nach neuinstallation immer noch auf dem PC
    Log-Analyse und Auswertung - 28.08.2010 (15)
  14. Trojan.Win32.Generic!BT nach Internetbetrug gefunden
    Plagegeister aller Art und deren Bekämpfung - 25.07.2010 (8)
  15. Trojan Agent nach windows neuinstallation!
    Plagegeister aller Art und deren Bekämpfung - 31.03.2010 (4)
  16. Trojan.Generic.IS.541395 und Trojan.Script.190190
    Plagegeister aller Art und deren Bekämpfung - 29.03.2010 (17)
  17. Trojan.generic nach entzippen gefunden (Kspersky)
    Log-Analyse und Auswertung - 06.03.2009 (5)

Zum Thema Trojan.Generic.2861923 nach Neuinstallation - Hallo! Ich habe vor kurzen einen ICQ Wurm auf meinen Rechner gehabt. Dadurch ich den nicht weg bekommen habe musste ich das System neu machen. Dies habe ich gestern getan. - Trojan.Generic.2861923 nach Neuinstallation...
Archiv
Du betrachtest: Trojan.Generic.2861923 nach Neuinstallation auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.