Home » Spyware & Browser Hijacker Support Forum » Mein Rechner plagt ein "Critical System Error" » Themenansicht

Mein Rechner plagt ein "Critical System Error"

Thema ist geschlossen!
Thema ist geschlossen!
#0
11.09.2006, 22:16
D3MON
...neu hier

Beiträge: 3
#1 Ich habe mir ein Media player codec gezogen (war ja schon blöd genug) und dabei hab ich mir den Mist gezocgen. Es blinkt jetzt immer so ein stressiges blaues Fragezeichen! Und ab und zu poppt mal eine Blase auf mit "Critical System Error".
Krieg ich den Schei... wieder runter?

Hier mein Hijack this LOG:

Logfile of HijackThis v1.99.1
Scan saved at 22:16:26, on 11.09.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\F-Secure Internet Security\Common\FSM32.EXE
C:\Programme\Glass2k\Glass2k.exe
C:\Programme\LClock\LClock.exe
C:\PROGRA~1\MICROS~2\wcescomm.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\PROGRA~1\F-SECU~1\backweb\1245240\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
C:\Programme\F-Secure Internet Security\backweb\1245240\program\fsbwsys.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE
C:\Programme\F-Secure Internet Security\backweb\1245240\Program\fspex.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\F-Secure Internet Security\Common\FSMB32.EXE
C:\Programme\F-Secure Internet Security\Anti-Virus\fssm32.exe
C:\Programme\F-Secure Internet Security\Common\FCH32.EXE
C:\Programme\F-Secure Internet Security\Common\FAMEH32.EXE
C:\Programme\F-Secure Internet Security\FSPC\fspc.exe
C:\Programme\F-Secure Internet Security\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programme\F-Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Programme\F-Secure Internet Security\FSGUI\fsguiexe.exe
C:\Programme\Trillian\trillian.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und Einstellungen\XenonX\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Programme\iCodecPack\isaddon.dll (file missing)
O3 - Toolbar: Protection Bar - {479fd0cf-5be9-4c63-8cda-b6d371c67bd5} - C:\Programme\iCodecPack\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programme\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programme\F-Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programme\F-Secure Internet Security\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Glass2k] C:\Programme\Glass2k\Glass2k.exe
O4 - HKLM\..\Run: [LClock] C:\Programme\LClock\LClock.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\PROGRA~1\MICROS~2\wcescomm.exe"
O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Website-&Liste anzeigen - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Webseitenfilter &aussetzen - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Diese Website &sperren - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Diese Website &zulassen - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Programme\F-Secure Internet Security\FSPC\fspcmsie.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O21 - SSODL: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - C:\WINDOWS\system32\oqabf.dll
O23 - Service: F-Secure product (BackWeb Plug-in - 1245240) - Unknown owner - C:\PROGRA~1\F-SECU~1\backweb\1245240\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programme\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Programme\F-Secure Internet Security\backweb\1245240\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programme\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Clean Up LOG:

CleanUp! started on 09/11/06 22:31:16.
...
Cookie:xenonx@com.com/ - deleted
Cookie:xenonx@virus-protect.org/ - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\backup an Tessiscomputer (192.168.0.104).lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Beispielbilder.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Derive 6 Trial Edition.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\hijackthis.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\icon.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\LClock (2).lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\lclock.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\license.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\NETWORK.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Neu Textdokument.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Trillian.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Trillian[1].Pro.3.1.Build.121.FiNAL-SCORPiON.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\w22.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\backup an Tessiscomputer (192.168.0.104).lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Beispielbilder.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Derive 6 Trial Edition.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\hijackthis.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\icon.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\LClock (2).lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\lclock.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\license.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\NETWORK.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Neu Textdokument.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Trillian.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\Trillian[1].Pro.3.1.Build.121.FiNAL-SCORPiON.lnk - deleted
C:\Dokumente und Einstellungen\XenonX\Recent\w22.lnk - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\2a097c.mst - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\4388FE2C.TMP - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\ActiveSync.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\BWDump.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\BWInstall.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\fla14.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\IEC54.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\IECA6.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\QTInstallCode.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\qtplugin.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\temp.bat - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\tmp26.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\VerChk.txt - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\WCESCOMM.LOG - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\WCESLog.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\WCESMgr.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\WcesView.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DF26AC.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DF27F7.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DF2A1B.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DF8567.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DFCB25.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\issE7.tmp\ - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\{7A42DF14-1171-446F-9EC5-042EC3B69447}\ - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\{A7453632-F549-4DF9-979C-6B2689B4E920}\QuickTimeInstaller.exe - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\{AC157741-3285-4D6A-B934-9174587A3493}\ - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~nsu.tmp\ - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\2a097c.mst - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\4388FE2C.TMP - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\ActiveSync.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\BWDump.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\BWInstall.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\fla14.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\IEC54.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\IECA6.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\QTInstallCode.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\qtplugin.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\temp.bat - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\tmp26.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\VerChk.txt - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\WCESCOMM.LOG - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\WCESLog.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\WCESMgr.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\WcesView.log - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DF26AC.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DF27F7.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DF2A1B.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DF8567.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\~DFCB25.tmp - deleted
C:\DOKUME~1\XenonX\LOKALE~1\Temp\{A7453632-F549-4DF9-979C-6B2689B4E920}\QuickTimeInstaller.exe - deleted
C:\WINDOWS\SET1C.tmp - deleted
C:\WINDOWS\SET1F.tmp - deleted
C:\WINDOWS\SET2B.tmp - deleted
C:\WINDOWS\SET3.tmp - deleted
C:\WINDOWS\SET4.tmp - deleted
C:\WINDOWS\SET8.tmp - deleted
C:\WINDOWS\temp\apub2 - deleted
C:\WINDOWS\temp\iufsav.log - deleted
C:\WINDOWS\temp\CTZAPXX\Drivers\ - deleted
C:\WINDOWS\temp\CTZAPXX\ - deleted
C:\WINDOWS\temp\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\ - deleted
C:\WINDOWS\temp\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\ - deleted
C:\WINDOWS\temp\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\ - deleted
C:\WINDOWS\temp\{7201B853-5833-11D6-A285-00A0CC51B2FE}\ - deleted
C:\WINDOWS\temp\{734BB64A-5A3D-4624-867D-6358B7068496}\ - deleted
C:\WINDOWS\temp\{A1185190-514F-11D6-A285-00A0CC51B2FE}\ - deleted
C:\WINDOWS\temp\{AC157741-3285-4D6A-B934-9174587A3493}\ - deleted
C:\WINDOWS\temp\{DABD554A-7DA6-4763-BF17-D3CAFB55E5A6}\ - deleted
C:\WINDOWS\temp\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\ - deleted
C:\WINDOWS\temp\{E2D27B84-6365-11D6-9BAF-0090271AF8A4}\ - deleted
C:\WINDOWS\temp\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\ - deleted
C:\WINDOWS\temp\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\ - deleted
C:\WINDOWS\temp\{FC0DD8AE-3DC0-11D7-AB2D-0090271A23A2}\ - deleted
C:\WINDOWS\Prefetch\6-5_XP-2K_DD_CCC_WDM_ENU_3246-2489EF84.pf - deleted
C:\WINDOWS\Prefetch\AU_.EXE-0536FD0E.pf - deleted
C:\WINDOWS\Prefetch\CLEANUP.EXE-3438663A.pf - deleted
C:\WINDOWS\Prefetch\CLEANUP452.EXE-2FB6AC91.pf - deleted
C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf - deleted
C:\WINDOWS\Prefetch\CONTROL.EXE-013DBFB5.pf - deleted
C:\WINDOWS\Prefetch\CTREGSVR.EXE-34549CFE.pf - deleted
C:\WINDOWS\Prefetch\D6SETUP.EXE-01946522.pf - deleted
C:\WINDOWS\Prefetch\DERIVE6.EXE-0C8A5530.pf - deleted
C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf - deleted
C:\WINDOWS\Prefetch\FSAV32.EXE-0F1E7668.pf - deleted
C:\WINDOWS\Prefetch\FSAVGUI.EXE-1BB87F0B.pf - deleted
C:\WINDOWS\Prefetch\FSAVSTRT.EXE-2FF14C42.pf - deleted
C:\WINDOWS\Prefetch\FSBWIH.EXE-02D6154E.pf - deleted
C:\WINDOWS\Prefetch\FSGUIEXE.EXE-1F3E3592.pf - deleted
C:\WINDOWS\Prefetch\FSPEX.EXE-25019812.pf - deleted
C:\WINDOWS\Prefetch\FSPEX.EXE-3944CED8.pf - deleted
C:\WINDOWS\Prefetch\GLJ4A.TMP-1A984479.pf - deleted
C:\WINDOWS\Prefetch\HAMACHI.EXE-240135B7.pf - deleted
C:\WINDOWS\Prefetch\HAMACHISETUP-0.9.9.9-EN.EXE-380ACFD1.pf - deleted
C:\WINDOWS\Prefetch\HEXCVT.EXE-2FAEBDAE.pf - deleted
C:\WINDOWS\Prefetch\HIJACKTHIS.EXE-2FE3FCED.pf - deleted
C:\WINDOWS\Prefetch\ICODECPACK.207.EXE-0A7D2B4A.pf - deleted
C:\WINDOWS\Prefetch\IDRIVER.EXE-13ABF1A8.pf - deleted
C:\WINDOWS\Prefetch\IDRIVERT.EXE-2DE35293.pf - deleted
C:\WINDOWS\Prefetch\IEXPLORE.EXE-2CA9778D.pf - deleted
C:\WINDOWS\Prefetch\IKERNEL.EXE-092EF074.pf - deleted
C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted
C:\WINDOWS\Prefetch\ISAMINI.EXE-22706837.pf - deleted
C:\WINDOWS\Prefetch\ISAMONITOR.EXE-160863D4.pf - deleted
C:\WINDOWS\Prefetch\Layout.ini - deleted
C:\WINDOWS\Prefetch\LCLOCK.EXE-05476BF8.pf - deleted
C:\WINDOWS\Prefetch\MGB_SCREENSAVER.SCR-057FE782.pf - deleted
C:\WINDOWS\Prefetch\MSCONFIG.EXE-35E4DAE9.pf - deleted
C:\WINDOWS\Prefetch\MSHTA.EXE-331DF029.pf - deleted
C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf - deleted
C:\WINDOWS\Prefetch\NICMGR.EXE-11AAB534.pf - deleted
C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted
C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted
C:\WINDOWS\Prefetch\NVUNINST.EXE-17251CD4.pf - deleted
C:\WINDOWS\Prefetch\PINBALL.EXE-0C9BC1F6.pf - deleted
C:\WINDOWS\Prefetch\PMMON.EXE-349D7132.pf - deleted
C:\WINDOWS\Prefetch\PMSNGR.EXE-39B5537A.pf - deleted
C:\WINDOWS\Prefetch\QTPLUGININSTALLER.EXE-04F25EAB.pf - deleted
C:\WINDOWS\Prefetch\QTTASK.EXE-2D7EEF34.pf - deleted
C:\WINDOWS\Prefetch\QUICKTIMEINSTALLER.EXE-131BF2D8.pf - deleted
C:\WINDOWS\Prefetch\QUICKTIMEINSTALLER.EXE-299B5E2E.pf - deleted
C:\WINDOWS\Prefetch\QUICKTIMEPLAYER.EXE-1683395B.pf - deleted
C:\WINDOWS\Prefetch\REG.EXE-0D2A95F7.pf - deleted
C:\WINDOWS\Prefetch\REGEDIT.EXE-1B606482.pf - deleted
C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf - deleted
C:\WINDOWS\Prefetch\RESHAC~1.EXE-3939EB3C.pf - deleted
C:\WINDOWS\Prefetch\RNDIS_UPDATE.EXE-01BB49D6.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1224CF94.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-14DB613F.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1831A4F3.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC55A4F.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1C980510.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1CBB9575.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-1FE5B1C9.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-20056AF4.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2586AB1A.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-268BFF96.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-285569AC.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2855CE4C.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-28CF1145.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-29413ED8.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-29A2BA7C.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-29C0EF1C.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-29F0DE28.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A0DDD9A.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A43317E.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B8B23D4.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2C703AED.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-2FF556E2.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-32C768B0.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-330B8C85.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-36A962EB.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-3775BF93.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-3A47DF99.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-483F1AE8.pf - deleted
C:\WINDOWS\Prefetch\RUNDLL32.EXE-4ABAF25B.pf - deleted
C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf - deleted
C:\WINDOWS\Prefetch\SERVIC~1.EXE-3383704B.pf - deleted
C:\WINDOWS\Prefetch\SETUP.EXE-080E0325.pf - deleted
C:\WINDOWS\Prefetch\SETUP.EXE-339BCFFA.pf - deleted
C:\WINDOWS\Prefetch\SETUP_WM.EXE-19AC5AA4.pf - deleted
C:\WINDOWS\Prefetch\SHMGRATE.EXE-1BA69E68.pf - deleted
C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf - deleted
C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf - deleted
C:\WINDOWS\Prefetch\TMP1B.TMP-296062C5.pf - deleted
C:\WINDOWS\Prefetch\TMP1C.TMP-259E7AED.pf - deleted
C:\WINDOWS\Prefetch\TMP21.TMP-2DE299BD.pf - deleted
C:\WINDOWS\Prefetch\TMP26.TMP-01ACBF12.pf - deleted
C:\WINDOWS\Prefetch\TNBUTIL.EXE-37BF47F3.pf - deleted
C:\WINDOWS\Prefetch\TRILLIAN-V3.1.EXE-166745E2.pf - deleted
C:\WINDOWS\Prefetch\TRILLIAN-V3.1LOO.EXE-349F524D.pf - deleted
C:\WINDOWS\Prefetch\TRILLIAN-V3[1].1.EXE-36AA3F2B.pf - deleted
C:\WINDOWS\Prefetch\TRILLIAN.EXE-302642F0.pf - deleted
C:\WINDOWS\Prefetch\UHARC.EXE-03599AD0.pf - deleted
C:\WINDOWS\Prefetch\UNINST.EXE-10F53BB8.pf - deleted
C:\WINDOWS\Prefetch\UNINST.EXE-32726331.pf - deleted
C:\WINDOWS\Prefetch\UNREGMP2.EXE-07CACB61.pf - deleted
C:\WINDOWS\Prefetch\UPDATE.EXE-2400AFD8.pf - deleted
C:\WINDOWS\Prefetch\VBOXM430.DLL-1085F63B.pf - deleted
C:\WINDOWS\Prefetch\VB_DISTRIB.EXE-208D7104.pf - deleted
C:\WINDOWS\Prefetch\VIRUS-BURST.EXE-0C261FE6.pf - deleted
C:\WINDOWS\Prefetch\VISTAUI.EXE-069254B9.pf - deleted
C:\WINDOWS\Prefetch\VLC-0.8.4A-WIN32.EXE-055ED508.pf - deleted
C:\WINDOWS\Prefetch\VSETUPT.EXE-09543553.pf - deleted
C:\WINDOWS\Prefetch\WCESCOMM.EXE-09177CEB.pf - deleted
C:\WINDOWS\Prefetch\WCESMGR.EXE-124269C0.pf - deleted
C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf - deleted
C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-09969339.pf - deleted
C:\WINDOWS\Prefetch\WMPLAYER.EXE-0996933B.pf - deleted
C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf - deleted
C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted
C:\WINDOWS\Prefetch\_IS46.TMP-00765066.pf - deleted
C:\WINDOWS\Prefetch\_IS66.TMP-18480BD2.pf - deleted
Emptied Recycle Bin on drive C:
'Run MRU' list - removed from the registry.
'Doc Find Spec MRU' list - removed from the registry.
'FindComputerMRU' list - removed from the registry.
'ComputerNameMRU' list - removed from the registry.
'ContainingTextMRU' list - removed from the registry.
'FilesNamedMRU' list - removed from the registry.
Search Assistant MRU list - removed from the registry.
Explorer Open/Save MRU list - removed from the registry.
Explorer Last Visited MRU list - removed from the registry.
Paint Recent File List - removed from the registry.
WordPad Recent File List - removed from the registry.
Telnet's MRU list - removed from the registry.
Windows Media Player Recent File List - removed from the registry.
WinZip Extract MRU list - removed from the registry.
WinZip File MRU list - removed from the registry.
CleanUp! 4.5.2 recovered 193.9 MB of disk space from 9206 files.
CleanUp! finished on 09/11/06 22:31:34.

Combo Fix LOG:

XenonX - 06-09-12 16:28:45,84
ComboFix 06.09.11B - Running from: C:\Dokumente und Einstellungen\XenonX\Desktop

Microsoft Windows XP [Version 5.1.2600]

((((((((((((((((((((((((((((((( Files Created from 2006-08-12 to 2006-09-12 ))))))))))))))))))))))))))))))))))


2006-09-11 18:39 176,128 --a------ C:\WINDOWS\system32\oqabf.dll
2006-09-10 17:16 720,412 --a------ C:\WINDOWS\system32\MGB_ScreenSaver.scr
2006-09-10 17:16 5,214,208 --a------ C:\WINDOWS\system32\vistaui.exe
2006-09-10 17:16 399,239 --a------ C:\WINDOWS\system32\vimc.exe
2006-09-10 17:16 382,976 --a------ C:\WINDOWS\system32\Vista.scr
2006-09-10 17:14 81,920 --a------ C:\WINDOWS\system32\closeapp.exe
2006-09-10 17:14 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
2006-09-10 17:14 19,968 --a------ C:\WINDOWS\system32\reico.exe
2006-09-10 17:14 111,104 --a------ C:\WINDOWS\system32\Uharc.exe
2006-09-10 17:13 77,312 --a------ C:\WINDOWS\system32\usbui.dll
2006-09-10 17:12 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2006-09-10 17:12 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2006-09-10 17:12 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2006-09-10 17:12 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2006-09-10 17:12 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2006-09-10 17:12 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2006-09-10 17:12 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2006-09-10 17:12 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2006-09-10 17:12 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdycc.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbduzb.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdur.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdtat.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdru1.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdru.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdkaz.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdbu.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdblr.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2006-09-10 17:12 5,632 -ra------ C:\WINDOWS\system32\kbdaze.dll
2006-09-10 17:12 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2006-09-10 17:12 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2006-09-10 17:11 86,556 --a------ C:\WINDOWS\system32\dgsetup.dll
2006-09-10 17:11 8,704 --a------ C:\WINDOWS\system32\batt.dll
2006-09-10 17:11 76,288 --a------ C:\WINDOWS\system32\storprop.dll
2006-09-10 17:11 70,144 --a------ C:\WINDOWS\NOTEPAD.EXE
2006-09-10 17:11 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2006-09-10 17:11 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2006-09-10 17:11 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2006-09-10 17:11 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2006-09-10 17:11 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2006-09-10 17:11 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2006-09-10 17:11 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2006-09-10 17:11 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2006-09-10 17:11 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2006-09-10 17:11 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2006-09-10 17:11 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2006-09-10 17:11 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2006-09-10 17:11 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2006-09-10 17:11 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-09-10 17:11 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2006-09-10 17:11 15,872 --a------ C:\WINDOWS\TASKMAN.EXE
2006-09-10 17:11 13,824 --a------ C:\WINDOWS\system32\irclass.dll
2006-09-10 17:11 103,936 --a------ C:\WINDOWS\system32\EqnClass.Dll
2006-09-10 17:07 90,112 --------- C:\WINDOWS\Updreg.EXE
2006-09-10 17:07 84,992 --------- C:\WINDOWS\system32\SFCVRT32.DLL
2006-09-10 17:07 82,432 --------- C:\WINDOWS\system32\CTWFLT32.DLL
2006-09-10 17:07 65,536 --a------ C:\WINDOWS\system32\A3d.dll
2006-09-10 17:07 60,928 --a------ C:\WINDOWS\system32\P17.dll
2006-09-10 17:07 54,784 --------- C:\WINDOWS\system32\INETWH32.DLL
2006-09-10 17:07 53,552 --------- C:\WINDOWS\CTCCW.DLL
2006-09-10 17:07 53,248 --a------ C:\WINDOWS\system32\P17CPI.dll
2006-09-10 17:07 49,152 --a------ C:\WINDOWS\MIDIDEF.EXE
2006-09-10 17:07 41,984 --------- C:\WINDOWS\Ctregrun.exe
2006-09-10 17:07 40,960 --------- C:\WINDOWS\system32\AC3API.DLL
2006-09-10 17:07 36,864 --a------ C:\WINDOWS\system32\sfman32.dll
2006-09-10 17:07 26,768 --------- C:\WINDOWS\system32\CTL3D.DLL
2006-09-10 17:07 24,976 --------- C:\WINDOWS\CTRES.DLL
2006-09-10 17:07 24,576 --a------ C:\WINDOWS\INRES.DLL
2006-09-10 17:07 20,480 --a------ C:\WINDOWS\P17DEF.EXE
2006-09-10 17:07 172,032 --a------ C:\WINDOWS\system32\sfms32.dll
2006-09-10 17:07 149,504 --------- C:\WINDOWS\system32\MFCANS32.DLL
2006-09-10 17:07 139,264 --a------ C:\WINDOWS\system32\EAX.DLL
2006-09-10 17:07 136,704 --a------ C:\WINDOWS\system32\P17res.dll
2006-09-10 17:07 131,072 --a------ C:\WINDOWS\system32\CtDvInst.dll
2006-09-10 17:07 108,032 --------- C:\WINDOWS\system32\MFCUIA32.DLL
2006-09-10 17:06 66,048 --a------ C:\WINDOWS\system32\CtDetres.dll
2006-09-10 17:06 44,032 --------- C:\WINDOWS\system32\CTSVCCDA.EXE
2006-09-10 17:06 331,776 --------- C:\WINDOWS\system32\CTMEDENG.DLL
2006-09-10 17:06 25,088 --------- C:\WINDOWS\system32\CTSVCCTL.EXE
2006-09-10 17:06 24,576 --a------ C:\WINDOWS\system32\CTMERes.DLL
2006-09-10 17:02 1,691,648 --a------ C:\WINDOWS\system32\winsflte.dll
2006-09-10 17:02 1,216,512 --a------ C:\WINDOWS\system32\cfgmig32.dll
2006-09-10 17:02 1,155,072 --a------ C:\WINDOWS\system32\winsflt.dll
2006-09-10 16:56 118,784 -r------- C:\WINDOWS\bwUnin-6.3.2.62-1245240L.exe
2006-09-10 16:52 6,144 -ra------ C:\WINDOWS\system32\nvack.dll
2006-09-10 16:52 5,120 -ra------ C:\WINDOWS\system32\ALut.dll
2006-09-10 16:52 44,032 -ra------ C:\WINDOWS\system32\nvopenal.dll
2006-09-10 16:52 44,032 --a------ C:\WINDOWS\system32\OpenAL32.dll
2006-09-10 16:52 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-09-10 16:52 30,208 -ra------ C:\WINDOWS\system32\nvasio.dll
2006-09-10 16:52 208,896 --a------ C:\WINDOWS\system32\nvuaudio.exe
2006-09-10 16:52 126,976 --------- C:\WINDOWS\system32\NVNFINST.DLL
2006-09-10 16:38 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2006-09-10 16:38 0 -rahs---- C:\MSDOS.SYS
2006-09-10 16:38 0 -rahs---- C:\IO.SYS
2006-09-10 16:38 0 --a------ C:\CONFIG.SYS
2006-09-10 16:38 0 --a------ C:\AUTOEXEC.BAT
2006-09-10 16:20 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2006-09-10 16:19 86,016 --a------ C:\WINDOWS\system32\isign32.dll
2006-09-10 16:19 81,920 --a------ C:\WINDOWS\system32\ils.dll
2006-09-10 16:19 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2006-09-10 16:19 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2006-09-10 16:19 70,144 --a------ C:\WINDOWS\system32\acctres.dll
2006-09-10 16:19 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2006-09-10 16:19 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2006-09-10 16:19 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-09-10 16:19 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2006-09-10 16:19 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2006-09-10 16:19 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2006-09-10 16:19 51,712 --a------ C:\WINDOWS\system32\inetres.dll
2006-09-10 16:19 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2006-09-10 16:19 44,032 --a------ C:\WINDOWS\system32\racpldlg.dll
2006-09-10 16:19 431,616 --a------ C:\WINDOWS\system32\wuapi.dll
2006-09-10 16:19 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2006-09-10 16:19 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2006-09-10 16:19 36,864 --a------ C:\WINDOWS\system32\wups.dll
2006-09-10 16:19 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2006-09-10 16:19 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2006-09-10 16:19 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2006-09-10 16:19 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2006-09-10 16:19 282,624 --a------ C:\WINDOWS\system32\inetcfg.dll
2006-09-10 16:19 280,064 --a------ C:\WINDOWS\system32\mstask.dll
2006-09-10 16:19 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2006-09-10 16:19 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2006-09-10 16:19 242,176 --a------ C:\WINDOWS\system32\srrstr.dll
2006-09-10 16:19 22,528 --a------ C:\WINDOWS\system32\fltMc.exe
2006-09-10 16:19 192,000 --a------ C:\WINDOWS\system32\schedsvc.dll
2006-09-10 16:19 183,808 --a------ C:\WINDOWS\system32\wuaueng1.dll
2006-09-10 16:19 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2006-09-10 16:19 171,008 --a------ C:\WINDOWS\system32\srsvc.dll
2006-09-10 16:19 168,448 --a------ C:\WINDOWS\system32\wuauclt1.exe
2006-09-10 16:19 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-09-10 16:19 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2006-09-10 16:19 120,320 --a------ C:\WINDOWS\system32\wuweb.dll
2006-09-10 16:19 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2006-09-10 16:19 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2006-09-10 16:19 113,664 --a------ C:\WINDOWS\system32\wucltui.dll
2006-09-10 16:19 111,616 --a------ C:\WINDOWS\system32\wuauclt.exe
2006-09-10 16:19 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2006-09-10 16:19 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll
2006-09-10 16:18 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2006-09-10 16:18 5,632 --a------ C:\WINDOWS\system32\write.exe
2006-09-10 16:18 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2006-09-10 16:18 35,840 --a------ C:\WINDOWS\system32\winchat.exe
2006-09-10 16:18 232,960 --a------ C:\WINDOWS\system32\avtapi.dll
2006-09-10 16:18 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2006-09-10 16:18 139,776 --a------ C:\WINDOWS\system32\sndvol32.exe
2006-09-10 16:17 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll
2006-09-10 16:17 94,720 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2006-09-10 16:17 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll
2006-09-10 16:17 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2006-09-10 16:17 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2006-09-10 16:17 83,968 --a------ C:\WINDOWS\system32\charmap.exe
2006-09-10 16:17 82,432 --a------ C:\WINDOWS\system32\comrepl.dll
2006-09-10 16:17 683,520 --a------ C:\WINDOWS\system32\getuname.dll
2006-09-10 16:17 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2006-09-10 16:17 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2006-09-10 16:17 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll
2006-09-10 16:17 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2006-09-10 16:17 62,464 --a------ C:\WINDOWS\system32\colbact.dll
2006-09-10 16:17 61,440 --a------ C:\WINDOWS\system32\remotepg.dll
2006-09-10 16:17 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2006-09-10 16:17 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2006-09-10 16:17 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2006-09-10 16:17 57,344 --a------ C:\WINDOWS\system32\sol.exe
2006-09-10 16:17 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2006-09-10 16:17 55,808 --a------ C:\WINDOWS\system32\freecell.exe
2006-09-10 16:17 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2006-09-10 16:17 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2006-09-10 16:17 539,136 --a------ C:\WINDOWS\system32\spider.exe
2006-09-10 16:17 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll
2006-09-10 16:17 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2006-09-10 16:17 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2006-09-10 16:17 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2006-09-10 16:17 412,672 --a------ C:\WINDOWS\system32\mstsc.exe
2006-09-10 16:17 4,608 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2006-09-10 16:17 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2006-09-10 16:17 39,424 --a------ C:\WINDOWS\system32\cfgbkend.dll
2006-09-10 16:17 365,056 --a------ C:\WINDOWS\system32\mspaint.exe
2006-09-10 16:17 354,304 --a------ C:\WINDOWS\system32\hypertrm.dll
2006-09-10 16:17 33,792 --a------ C:\WINDOWS\system32\regini.exe
2006-09-10 16:17 297,472 --a------ C:\WINDOWS\system32\termsrv.dll
2006-09-10 16:17 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2006-09-10 16:17 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2006-09-10 16:17 229,888 --a------ C:\WINDOWS\system32\catsrv.dll
2006-09-10 16:17 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe
2006-09-10 16:17 22,528 --a------ C:\WINDOWS\system32\msg.exe
2006-09-10 16:17 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2006-09-10 16:17 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2006-09-10 16:17 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2006-09-10 16:17 189,440 --a------ C:\WINDOWS\system32\cmprops.dll
2006-09-10 16:17 188,416 --a------ C:\WINDOWS\system32\accwiz.exe
2006-09-10 16:17 17,920 --a------ C:\WINDOWS\system32\tsshutdn.exe
2006-09-10 16:17 17,920 --a------ C:\WINDOWS\system32\mmfutil.dll
2006-09-10 16:17 17,408 --a------ C:\WINDOWS\system32\qappsrv.exe
2006-09-10 16:17 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2006-09-10 16:17 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2006-09-10 16:17 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe
2006-09-10 16:17 15,872 --a------ C:\WINDOWS\system32\logoff.exe
2006-09-10 16:17 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2006-09-10 16:17 15,360 --a------ C:\WINDOWS\system32\tsdiscon.exe
2006-09-10 16:17 15,360 --a------ C:\WINDOWS\system32\tscon.exe
2006-09-10 16:17 15,360 --a------ C:\WINDOWS\system32\shadow.exe
2006-09-10 16:17 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2006-09-10 16:17 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2006-09-10 16:17 142,848 --a------ C:\WINDOWS\system32\sessmgr.exe
2006-09-10 16:17 133,120 --a------ C:\WINDOWS\system32\sndrec32.exe
2006-09-10 16:17 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2006-09-10 16:17 128,000 --a------ C:\WINDOWS\system32\mshearts.exe
2006-09-10 16:17 124,928 --a------ C:\WINDOWS\system32\mplay32.exe
2006-09-10 16:17 120,320 --a------ C:\WINDOWS\system32\winmine.exe
2006-09-10 16:17 117,760 --a------ C:\WINDOWS\system32\calc.exe
2006-09-10 16:17 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2006-09-10 16:17 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2006-09-10 16:17 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2006-09-10 16:17 104,448 --a------ C:\WINDOWS\system32\clipbrd.exe
2006-09-10 16:17 10,240 --a------ C:\WINDOWS\system32\reset.exe
2006-09-10 16:17 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll
2006-09-10 16:17 1,237 --a------ C:\WINDOWS\system32\usrlogon.cmd


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-09-11 22:30 -------- d-------- C:\Programme\CleanUp!
2006-09-11 22:11 -------- d-------- C:\Programme\VideoLAN
2006-09-11 19:02 -------- d-------- C:\Programme\Virus-Burst
2006-09-11 17:41 2508 --a------ C:\Dokumente und Einstellungen\XenonX\Anwendungsdaten\$_hpcst$.hpc
2006-09-11 17:41 -------- d-------- C:\Programme\Trillian
2006-09-11 17:40 -------- d-------- C:\Programme\Microsoft ActiveSync
2006-09-11 17:40 -------- d-------- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2006-09-11 17:30 -------- d-------- C:\Dokumente und Einstellungen\XenonX\Anwendungsdaten\Help
2006-09-11 15:06 -------- d--h----- C:\Programme\InstallShield Installation Information
2006-09-11 15:06 -------- d-------- C:\Programme\QuickTime
2006-09-11 15:05 -------- d-------- C:\Programme\Gemeinsame Dateien\InstallShield
2006-09-11 14:21 -------- d-------- C:\Dokumente und Einstellungen\XenonX\Anwendungsdaten\Macromedia
2006-09-10 20:34 10345 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2006-09-10 20:34 -------- d-------- C:\Programme\Hamachi
2006-09-10 19:30 -------- d-------- C:\Programme\TI Education
2006-09-10 17:31 62 --ahs---- C:\Dokumente und Einstellungen\XenonX\Anwendungsdaten\desktop.ini
2006-09-10 17:20 -------- d-------- C:\Dokumente und Einstellungen\XenonX\Anwendungsdaten\PEX
2006-09-10 17:20 -------- d-------- C:\Dokumente und Einstellungen\XenonX\Anwendungsdaten\F-Secure
2006-09-10 17:18 -------- d---s---- C:\Dokumente und Einstellungen\XenonX\Anwendungsdaten\Microsoft
2006-09-10 17:16 -------- d-------- C:\Programme\Outlook Express
2006-09-10 17:16 -------- d-------- C:\Programme\LClock
2006-09-10 17:16 -------- d-------- C:\Programme\Internet Explorer
2006-09-10 17:16 -------- d-------- C:\Programme\Glass2k
2006-09-10 17:14 219648 --a------ C:\WINDOWS\system32\uxtheme.dll
2006-09-10 17:12 -------- d-------- C:\Programme\Gemeinsame Dateien\SpeechEngines
2006-09-10 17:12 -------- d-------- C:\Programme\Gemeinsame Dateien\ODBC
2006-09-10 17:07 -------- d-------- C:\Programme\Creative
2006-09-10 17:02 -------- d-------- C:\Programme\F-Secure Internet Security
2006-09-10 16:51 -------- d-------- C:\Programme\Gemeinsame Dateien
2006-09-10 16:43 -------- d--h----- C:\Programme\Uninstall Information
2006-09-10 16:43 -------- d-------- C:\Dokumente und Einstellungen\XenonX\Anwendungsdaten\Identities
2006-09-10 16:38 -------- d-------- C:\Programme\xerox
2006-09-10 16:38 -------- d-------- C:\Programme\Windows Media Player
2006-09-10 16:38 -------- d-------- C:\Programme\microsoft frontpage
2006-09-10 16:35 -------- d-------- C:\Programme\Messenger
2006-09-10 16:20 -------- d--h----- C:\Programme\WindowsUpdate
2006-09-10 16:20 -------- d-------- C:\Programme\Online-Dienste
2006-09-10 16:19 -------- d-------- C:\Programme\NetMeeting
2006-09-10 16:19 -------- d-------- C:\Programme\Movie Maker
2006-09-10 16:19 -------- d-------- C:\Programme\Gemeinsame Dateien\System
2006-09-10 16:19 -------- d-------- C:\Programme\Gemeinsame Dateien\MSSoap
2006-09-10 16:19 -------- d-------- C:\Programme\Gemeinsame Dateien\Dienste
2006-09-10 16:18 -------- d-------- C:\Programme\Windows NT
2006-09-10 16:18 -------- d-------- C:\Programme\Online Services
2006-09-10 16:18 -------- d-------- C:\Programme\MSN Gaming Zone
2006-09-10 16:18 -------- d-------- C:\Programme\ComPlus Applications
2006-09-10 16:17 -------- d-------- C:\Programme\MSN
2006-08-11 21:45 888832 --a------ C:\WINDOWS\system32\nvmobls.dll
2006-08-11 21:45 581632 --a------ C:\WINDOWS\system32\nvhwvid.dll
2006-08-11 21:45 5611520 --a------ C:\WINDOWS\system32\nvdisps.dll
2006-08-11 21:45 5251072 --a------ C:\WINDOWS\system32\nvdispsr.dll
2006-08-11 21:45 458752 --a------ C:\WINDOWS\system32\nvmccssr.dll
2006-08-11 21:45 45056 --a------ C:\WINDOWS\system32\nvmccsrs.dll
2006-08-11 21:45 3039232 --a------ C:\WINDOWS\system32\nvgames.dll
2006-08-11 21:45 2953216 --a------ C:\WINDOWS\system32\nvvitvsr.dll
2006-08-11 21:45 2928640 --a------ C:\WINDOWS\system32\nvgamesr.dll
2006-08-11 21:45 2904064 --a------ C:\WINDOWS\system32\nvvitvs.dll
2006-08-11 21:45 2859008 --a------ C:\WINDOWS\system32\nvmoblsr.dll
2006-08-11 21:45 266240 --a------ C:\WINDOWS\system32\nvrsesm.dll
2006-08-11 21:45 258048 --a------ C:\WINDOWS\system32\nvrsko.dll
2006-08-11 21:45 249856 --a------ C:\WINDOWS\system32\nvrssl.dll
2006-08-11 21:45 249856 --a------ C:\WINDOWS\system32\nvrssk.dll
2006-08-11 21:45 249856 --a------ C:\WINDOWS\system32\nvrshu.dll
2006-08-11 21:45 229376 --a------ C:\WINDOWS\system32\nvmccs.dll
2006-08-11 21:45 188416 --a------ C:\WINDOWS\system32\nvmccss.dll
2006-08-11 21:45 1732608 --a------ C:\WINDOWS\system32\nvwssr.dll
2006-08-11 21:45 1236992 --a------ C:\WINDOWS\system32\nvwss.dll
2006-08-11 21:44 323584 --a------ C:\WINDOWS\system32\nvrshe.dll
2006-08-11 21:44 323584 --a------ C:\WINDOWS\system32\nvrsar.dll
2006-08-11 21:44 274432 --a------ C:\WINDOWS\system32\nvrses.dll
2006-08-11 21:44 274432 --a------ C:\WINDOWS\system32\nvrsel.dll
2006-08-11 21:44 266240 --a------ C:\WINDOWS\system32\nvrspt.dll
2006-08-11 21:44 262144 --a------ C:\WINDOWS\system32\nvrsja.dll
2006-08-11 21:44 249856 --a------ C:\WINDOWS\system32\nvrstr.dll
2006-08-11 21:44 249856 --a------ C:\WINDOWS\system32\nvrspl.dll
2006-08-11 21:44 249856 --a------ C:\WINDOWS\system32\nvrsno.dll
2006-08-11 21:44 241664 --a------ C:\WINDOWS\system32\nvrscs.dll
2006-08-11 21:44 147456 --a------ C:\WINDOWS\system32\nvcolor.exe
2006-08-11 21:43 86016 --a------ C:\WINDOWS\system32\nvmctray.dll
2006-08-11 21:43 81920 --a------ C:\WINDOWS\system32\nvwddi.dll
2006-08-11 21:43 794624 --a------ C:\WINDOWS\system32\nvcplui.exe
2006-08-11 21:43 7630848 --a------ C:\WINDOWS\system32\nvcpl.dll
2006-08-11 21:43 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2006-08-11 21:43 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2006-08-11 21:43 425984 --a------ C:\WINDOWS\system32\keystone.exe
2006-08-11 21:43 335872 --a------ C:\WINDOWS\system32\nvwrses.dll
2006-08-11 21:43 335872 --a------ C:\WINDOWS\system32\nvwrsel.dll
2006-08-11 21:43 327680 --a------ C:\WINDOWS\system32\nvwrsfr.dll
2006-08-11 21:43 327680 --a------ C:\WINDOWS\system32\nvwrsesm.dll
2006-08-11 21:43 323584 --a------ C:\WINDOWS\system32\nvwrspt.dll
2006-08-11 21:43 323584 --a------ C:\WINDOWS\system32\nvwrsit.dll
2006-08-11 21:43 319488 --a------ C:\WINDOWS\system32\nvwrsptb.dll
2006-08-11 21:43 319488 --a------ C:\WINDOWS\system32\nvwrsnl.dll
2006-08-11 21:43 315392 --a------ C:\WINDOWS\system32\nvwrsru.dll
2006-08-11 21:43 315392 --a------ C:\WINDOWS\system32\nvwrshu.dll
2006-08-11 21:43 311296 --a------ C:\WINDOWS\system32\nvwrsde.dll
2006-08-11 21:43 311296 --a------ C:\WINDOWS\system32\nvexpbar.dll
2006-08-11 21:43 303104 --a------ C:\WINDOWS\system32\nvwrstr.dll
2006-08-11 21:43 303104 --a------ C:\WINDOWS\system32\nvwrssl.dll
2006-08-11 21:43 303104 --a------ C:\WINDOWS\system32\nvwrsfi.dll
2006-08-11 21:43 299008 --a------ C:\WINDOWS\system32\nvwrssk.dll
2006-08-11 21:43 299008 --a------ C:\WINDOWS\system32\nvwrsno.dll
2006-08-11 21:43 294912 --a------ C:\WINDOWS\system32\nvwrssv.dll
2006-08-11 21:43 294912 --a------ C:\WINDOWS\system32\nvwrspl.dll
2006-08-11 21:43 294912 --a------ C:\WINDOWS\system32\nvwrsda.dll
2006-08-11 21:43 286720 --a------ C:\WINDOWS\system32\nvwrseng.dll
2006-08-11 21:43 286720 --a------ C:\WINDOWS\system32\nvwrscs.dll
2006-08-11 21:43 286720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll
2006-08-11 21:43 282624 --a------ C:\WINDOWS\system32\nvwrsar.dll
2006-08-11 21:43 278528 --a------ C:\WINDOWS\system32\nvwrshe.dll
2006-08-11 21:43 278528 --a------ C:\WINDOWS\system32\nvrsfr.dll
2006-08-11 21:43 274432 --a------ C:\WINDOWS\system32\nvrsit.dll
2006-08-11 21:43 270336 --a------ C:\WINDOWS\system32\nvrsde.dll
2006-08-11 21:43 266240 --a------ C:\WINDOWS\system32\nvrsnl.dll
2006-08-11 21:43 262144 --a------ C:\WINDOWS\system32\nvrsru.dll
2006-08-11 21:43 262144 --a------ C:\WINDOWS\system32\nvrsptb.dll
2006-08-11 21:43 245760 --a------ C:\WINDOWS\system32\nvrssv.dll
2006-08-11 21:43 245760 --a------ C:\WINDOWS\system32\nvrsda.dll
2006-08-11 21:43 241664 --a------ C:\WINDOWS\system32\nvrsfi.dll
2006-08-11 21:43 241664 --a------ C:\WINDOWS\system32\nvrseng.dll
2006-08-11 21:43 221184 --a------ C:\WINDOWS\system32\nvrszhc.dll
2006-08-11 21:43 212992 --a------ C:\WINDOWS\system32\nvwrsja.dll
2006-08-11 21:43 196608 --a------ C:\WINDOWS\system32\nvwrsko.dll
2006-08-11 21:43 196608 --a------ C:\WINDOWS\system32\nvapi.dll
2006-08-11 21:43 167936 --a------ C:\WINDOWS\system32\nvwrszht.dll
2006-08-11 21:43 1662976 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2006-08-11 21:43 163840 --a------ C:\WINDOWS\system32\nvwrszhc.dll
2006-08-11 21:43 1519616 --a------ C:\WINDOWS\system32\nwiz.exe
2006-08-11 21:43 1470464 --a------ C:\WINDOWS\system32\nview.dll
2006-08-11 21:43 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2006-08-11 21:43 122880 --a------ C:\WINDOWS\system32\nvrszht.dll
2006-08-11 21:43 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2006-08-11 21:43 1011712 --a------ C:\WINDOWS\system32\nvcpluir.dll
2006-08-11 21:42 5636096 --a------ C:\WINDOWS\system32\nvoglnt.dll
2006-08-11 21:42 4496128 --a------ C:\WINDOWS\system32\nv4_disp.dll
2006-08-11 21:42 3958496 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2006-08-11 21:42 35840 --a------ C:\WINDOWS\system32\nvcodins.dll
2006-08-11 21:42 35840 --a------ C:\WINDOWS\system32\nvcod.dll
2006-08-11 21:42 155715 --a------ C:\WINDOWS\system32\nvsvc32.exe
2006-06-26 21:09 129832 --a------ C:\WINDOWS\system32\rapi.dll
2006-06-26 21:08 20264 --a------ C:\WINDOWS\system32\ceutil.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="\"C:\\PROGRA~1\\MICROS~2\\wcescomm.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"="\"C:\\Programme\\F-Secure Internet Security\\Common\\FSM32.EXE\" /splash"
"F-Secure TNB"="\"C:\\Programme\\F-Secure Internet Security\\TNB\\TNBUtil.exe\" /CHECKALL /WAITFORSW"
"F-Secure Startup Wizard"="\"C:\\Programme\\F-Secure Internet Security\\FSGUI\\FSSW.EXE\" /reboot"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"Glass2k"="C:\\Programme\\Glass2k\\Glass2k.exe"
"LClock"="C:\\Programme\\LClock\\LClock.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"considerateness"="{4d993022-0899-4599-b4b6-0f887d0802e6}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CTFMON.EXE]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ctfmon"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\ctfmon.exe"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\CTSysVol]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CTSysVol"
"hkey"="HKLM"
"command"="C:\\Programme\\Creative\\SB Live! 24-bit\\Surround Mixer\\CTSysVol.exe /r"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NvCplDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvCpl"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\UpdReg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdReg"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\UpdReg.EXE"
"inimapping"="0"


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll


Completion time: 12.09.2006 16:29:31.07
ComboFix.txt


VIELEN DANK SCHONMAL!!!

P.s.: Hab alles aktuallisiert, hoffe das das alles so richtig ist!!!!
Dieser Beitrag wurde am 12.09.2006 um 16:33 Uhr von D3MON editiert.
Seitenanfang Seitenende
12.09.2006, 13:58
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#2 poste ausser dem hijackthis folgende logs
http://board.protecus.de/t23187.htm
__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
12.09.2006, 21:59
D3MON
...neu hier

Themenstarter

Beiträge: 3
#3 !!!AKTUALLISIERT!!!

MfG Dennis
Seitenanfang Seitenende
12.09.2006, 23:03
Sabina
Ehrenmitglied
Avatar Sabina

Beiträge: 29434
#4 D3MON

mediacodec.zip laden
http://virus-protect.org/zip/mediacodec.zip
entpacken auf dem Desktop -> mediacodec.reg ->doppeltklicken und der Registry mit "ja/yes" beifügen

gehe in die Registry
Start - Ausfuehren - regedit
bearbeiten - suchen - oqabf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
loeschen:
considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - C:\WINDOWS\system32\oqabf.dll

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
loeschen
"considerateness"="{4d993022-0899-4599-b4b6-0f887d0802e6}"


**
Avenger
http://virus-protect.org/artikel/tools/avenger.html
kopiere rein:

Zitat

Files to delete:
C:\WINDOWS\system32\oqabf.dll

Folders to delete:
C:\Programme\Virus-Burst
C:\Programme\iCodecPack
Klicke die gruene Ampel
das Script wird nun ausgeführt, dann wird der PC automatisch neustarten


öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten

Zitat

O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - C:\Programme\iCodecPack\isaddon.dll (file missing)
O3 - Toolbar: Protection Bar - {479fd0cf-5be9-4c63-8cda-b6d371c67bd5} - C:\Programme\iCodecPack\iesplugin.dll (file missing)
O21 - SSODL: considerateness - {4d993022-0899-4599-b4b6-0f887d0802e6} - C:\WINDOWS\system32\oqabf.dll

__________
MfG Sabina

rund um die PC-Sicherheit
Seitenanfang Seitenende
13.09.2006, 12:24
D3MON
...neu hier

Themenstarter

Beiträge: 3
#5 Vielen Dank!!!

Es hat alles super geklappt!!!
Superschnelle Hilfe, genaue Anleitungen, da sollten sich Firmen wie "Microsoft" ne Scheibe abschneiden!

MfG Dennis
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1