Home » Viren, Trojaner & Malware Forum » Meldung: Critical System Waring - warsch. verursacht vom Program WinMediaCod » Themenansicht
Meldung: Critical System Waring - warsch. verursacht vom Program WinMediaCodThema ist geschlossen! |
||
|---|---|---|
Thema ist geschlossen! |
||
| #0
| ||
|
24.09.2006, 11:04
...neu hier
Beiträge: 2 |
||
 
|
|
|
|
24.09.2006, 14:39
Ehrenmitglied
 Beiträge: 29434 |
#2
««
1. codec.zip laden - auf dem Desktop entpacken - doppelt anklicken und die reg-Datei der Registry beifügen http://virus-protect.org/zip/codec.zip «« 2. Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein Zitat registry keys to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten «« 3. mit smitfraudfix http://virus-protect.org/artikel/tools/smitfrautfix.html scannen (Option 1 und 2) - lasse auch die Registry mitreinigen «« 4. öffne das HijackThis -- Button "scan" -- vor die Malware-Einträge Häkchen setzen -- Button "Fix checked" -- PC neustarten Zitat R3 - URLSearchHook: (no name) - {298ABCDB-501A-5D94-15F2-2C2727FCE2CD} - C:\WINDOWS\system32\ciwimxzr.dll (file missing)PC neustarten __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
24.09.2006, 15:15
...neu hier
Themenstarter Beiträge: 2 |
#3
So hab nun alles so gemacht wie du geschrieben hast...
Soweit sieht alles gut aus - er Ordner ist gelöscht... und ich hoffe die Popupfenster die einfach auftauchen obwohl ich garnicht surf kommen nun auch nicht mehr. Mein Bruder darf wohl so schnell nichtmehr an meinen pc  Vielen vielen Dank! Dieser Beitrag wurde am 24.09.2006 um 15:53 Uhr von Diabolox editiert.
|
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
die Meldung im Anhang taucht ab und zu auf, was kann ich tun?
Mein Bruder, hat er zumindestens gesagt irgenein Programm zum Filme schauen runtergeladen.
Und zwar folgendes Programm "C:\Programme\WimMediaCodec" - ich glaube des hängt mit diesem Programm zusammen.
Deinstalliert habe ich es schon nur die datei pmsngr.exe in diesem ordner lässt sich nicht löschen.
Beim Systemstart wird immer wieder die Datei pmmon.exe in diesem Ordner hergestellt - diese lässt sich löschen - aber wie gesagt taucht sie wieder auf.
Mein Antiviren-Programm "AntiVirenKit 2006" erkennt es auch als Trojan.Zlob.BY.
Mehr weiß ich nicht.. . und in Google und anderen diversen Foren ist nichts zu finden.
Logfile of HijackThis v1.99.1
Scan saved at 11:45:39, on 24.09.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programme\WinMediaCodec\pmsngr.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\Programme\WinMediaCodec\pmmon.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
E:\Programme\InternetSecurity 2006\AVKTray\AVKTray.exe
E:\Treiber\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
E:\Programme\InternetSecurity 2006\Firewall\GDFirewallTray.exe
C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
E:\Programme\Logitech\SetPoint\SetPoint.exe
E:\Programme\InternetSecurity 2006\AVK\AVKService.exe
E:\Programme\InternetSecurity 2006\AVK\AVKWCtl.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\wbem\wmiapsrv.exe
E:\Programme\InternetSecurity 2006\Firewall\GDFwSvc.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
E:\Programme\Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
E:\Programme\Hijack\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R3 - URLSearchHook: (no name) - {298ABCDB-501A-5D94-15F2-2C2727FCE2CD} - C:\WINDOWS\system32\ciwimxzr.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - E:\Programme\InternetSecurity 2006\Webfilter\AvkWebIE.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {298ABCDB-501A-5D94-15F2-2C2727FCE2CD} - C:\WINDOWS\system32\ciwimxzr.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [AVKTray] "E:\Programme\InternetSecurity 2006\AVKTray\AVKTray.exe"
O4 - HKCU\..\Run: [LDM] E:\Treiber\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Serc] "C:\WINDOWS\SMANTE~1\wuauboot.exe" -vt mt
O4 - Global Startup: G DATA Firewall Tray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = E:\Treiber\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Programme\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: Easy-WebPrint - Drucken - res://E:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - res://E:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau - res://E:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - res://E:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - E:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - E:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - E:\Programme\PartyGaming\PartyCasino\RunCasino.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - E:\Programme\PartyGaming\PartyCasino\RunCasino.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\Programme\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programme\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - E:\Programme\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1101404304150
O17 - HKLM\System\CCS\Services\Tcpip\..\{33DA7C11-8B6C-401D-B439-B9D0AD8E3D47}: NameServer = 192.168.2.1
O18 - Protocol: bw+0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - E:\Treiber\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2D9E93C4-083E-46B7-AF86-C0F661234833} - E:\Treiber\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs:
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winhld32 - winhld32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVKProxy - G DATA Software AG - C:\Programme\Gemeinsame Dateien\G DATA\AVKProxy\AVKProxy.exe
O23 - Service: AVK Service (AVKService) - Unknown owner - E:\Programme\InternetSecurity 2006\AVK\AVKService.exe
O23 - Service: AVK Wächter (AVKWCtl) - Unknown owner - E:\Programme\InternetSecurity 2006\AVK\AVKWCtl.exe
O23 - Service: G DATA Personal Firewall (GDFwSvc) - Unknown owner - E:\Programme\InternetSecurity 2006\Firewall\GDFwSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
***USER*** - 06-09-24 11:49:58,75 Service Pack 2
ComboFix 06.09.23.2 - Running from: "E:\Programme\Hijack\Virus\Combofix"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\QooBox\Purity\Dokumente und Einstellungen\***USER***\Anwendungsdaten\PPATCH~1
C:\QooBox\Purity\Dokumente und Einstellungen\***USER***\Anwendungsdaten\SEMBLY~1
C:\QooBox\Purity\Dokumente und Einstellungen\***USER***\Anwendungsdaten\SMBOLS~1
C:\QooBox\Purity\Dokumente und Einstellungen\***USER***\Anwendungsdaten\WNSXS~1
C:\QooBox\Purity\Dokumente und Einstellungen\***USER***\Eigene Dateien\ICROSO~1
C:\QooBox\Purity\Dokumente und Einstellungen\***USER***\Eigene Dateien\STEM32~1
C:\QooBox\Purity\Dokumente und Einstellungen\***USER***\Eigene Dateien\WNSXS~1
C:\QooBox\Purity\Programme\APPATC~1
C:\QooBox\Purity\Programme\CROSOF~1
C:\QooBox\Purity\Programme\CURITY~1
C:\QooBox\Purity\WINDOWS\APPATC~1
C:\QooBox\Purity\WINDOWS\ASKS~1
C:\QooBox\Purity\WINDOWS\CURITY~1
C:\QooBox\Purity\WINDOWS\PPATCH~1
C:\QooBox\Purity\WINDOWS\SMANTE~1
C:\QooBox\Purity\WINDOWS\SMANTE~1\SMANTE~1
C:\QooBox\Purity\WINDOWS\system32\FNTS~1
C:\QooBox\Purity\WINDOWS\system32\SMANTE~1
C:\QooBox\Purity\WINDOWS\system32\SSEMBL~1
C:\QooBox\Purity\WINDOWS\system32\YMBOLS~1
C:\QooBox\Purity\WINDOWS\system32\SSEMBL~1\l?ass.exe
((((((((((((((((((((((((((((((( Files Created from 2006-08-24 to 2006-09-24 ))))))))))))))))))))))))))))))))))
2006-09-23 20:53 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2006-09-01 13:27 52,858 --a------ C:\WINDOWS\system32\interceptor.sys
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-09-24 11:43 -------- d-------- C:\Programme\WinMediaCodec
2006-09-22 18:29 -------- d--h----- C:\Programme\InstallShield Installation Information
2006-09-22 17:56 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-09-21 19:20 18048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2006-09-21 19:20 165376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2006-09-18 12:20 -------- d-------- C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\teamspeak2
2006-09-03 15:40 -------- d-------- C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\My Games
2006-09-01 13:40 27219 --a------ C:\WINDOWS\system32\drivers\GDTdiIcpt.sys
2006-09-01 13:40 -------- d-------- C:\Programme\Gemeinsame Dateien\G DATA
2006-09-01 13:27 28066 --a------ C:\WINDOWS\system32\drivers\HookCentre.sys
2006-09-01 13:27 15382 --a------ C:\WINDOWS\system32\drivers\GDNdisIc.sys
2006-09-01 13:26 -------- d-------- C:\Programme\Gemeinsame Dateien
2006-09-01 13:26 -------- d-------- C:\Programme\CDRecordKit
2006-08-22 14:14 -------- d-------- C:\Programme\Borland
2006-08-22 14:13 -------- d-------- C:\Programme\AGFEO
2006-08-21 14:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 11:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-08-21 11:14 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-14 20:19 -------- d-------- C:\Programme\AGEIA Technologies
2006-08-14 20:09 -------- d-------- C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\Atari
2006-08-12 14:13 -------- d-------- C:\Programme\Gemeinsame Dateien\Microsoft Shared
2006-08-12 13:22 -------- d-------- C:\Programme\Internet Explorer
2006-08-08 19:46 -------- d-------- C:\Dokumente und Einstellungen\Shadow\Anwendungsdaten\Apple Computer
2006-07-27 15:25 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-07-26 19:22 -------- d-------- C:\Programme\Logitech
2006-07-22 11:42 34308 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-07-21 10:29 72704 --a------ C:\WINDOWS\system32\hlink.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="E:\\Treiber\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
"Serc"="\"C:\\WINDOWS\\SMANTE~1\\wuauboot.exe\" -vt mt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE"
"Logitech Utility"="Logi_MwX.Exe"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"ATICCC"="\"C:\\Programme\\ATI Technologies\\ATI.ACE\\cli.exe\" runtime -Delay"
"AVKTray"="\"E:\\Programme\\InternetSecurity 2006\\AVKTray\\AVKTray.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Runonceex]
@=""
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Die derzeitige Homepage"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e4,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\run]
"pmsngr.exe"="C:\\Programme\\WinMediaCodec\\pmsngr.exe"
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Reader - Schnellstart.lnk]
"path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Adobe Reader - Schnellstart.lnk"
"backup"="C:\\WINDOWS\\pss\\Adobe Reader - Schnellstart.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader - Schnellstart"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Kodak EasyShare Software.lnk]
"path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Kodak EasyShare Software.lnk"
"backup"="C:\\WINDOWS\\pss\\Kodak EasyShare Software.lnkCommon Startup"
"location"="Common Startup"
"command"="E:\\PROGRA~1\\KODAKD~1\\KODAKE~1\\bin\\EASYSH~1.EXE -h"
"item"="Kodak EasyShare Software"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Kodak software updater.lnk]
"path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Kodak software updater.lnk"
"backup"="C:\\WINDOWS\\pss\\Kodak software updater.lnkCommon Startup"
"location"="Common Startup"
"command"="C:\\PROGRA~1\\Kodak\\KODAKS~1\\7288971\\Program\\KODAKS~1.EXE "
"item"="Kodak software updater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Microsoft Office.lnk]
"path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Microsoft Office.lnk"
"backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
"location"="Common Startup"
"command"="E:\\PROGRA~1\\MICROS~1\\Office\\OSA9.EXE -b -l"
"item"="Microsoft Office"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"=""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\AGEIA PhysX SysTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TrayIcon"
"hkey"="HKLM"
"command"="C:\\Programme\\AGEIA Technologies\\TrayIcon.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\EA Core]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Core"
"hkey"="HKCU"
"command"="C:\\Programme\\Electronic Arts\\EA Downloader\\Core.exe -silent"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\ICQ Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ICQLite"
"hkey"="HKLM"
"command"="\"E:\\Programme\\ICQLite\\ICQLite.exe\" -minimize"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\iTunesHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"E:\\Programme\\iTunes\\iTunesHelper.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Mirabilis ICQ]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ICQNet"
"hkey"="HKLM"
"command"="E:\\PROGRA~1\\ICQ\\ICQNet.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\mmtask]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mmtask"
"hkey"="HKLM"
"command"="\"C:\\Programme\\Musicmatch\\Musicmatch Jukebox\\mmtask.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\MMTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mm_tray"
"hkey"="HKLM"
"command"="\"C:\\Programme\\Musicmatch\\Musicmatch Jukebox\\mm_tray.exe\""
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroCheck"
"hkey"="HKLM"
"command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\QuickTime Task]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="qttask"
"hkey"="HKLM"
"command"="\"C:\\Programme\\QuickTime\\qttask.exe\" -atboottime"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\RemoteControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDVDServ"
"hkey"="HKLM"
"command"="C:\\Programme\\CyberLink\\PowerDVD\\PDVDServ.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Sony Ericsson PC Suite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Application Launcher\" /Minimized"
"hkey"="HKCU"
"command"="\"E:\\Programme\\SonyEricsson\\PC Suite\\Application Launcher\\Application Launcher\" /Minimized"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="jusched"
"hkey"="HKLM"
"command"="C:\\Programme\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Tpyuie]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="l?ass"
"hkey"="HKCU"
"command"="C:\\WINDOWS\\system32\\?ssembly\\l?ass.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\WinampAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="winampa"
"hkey"="HKLM"
"command"="E:\\Programme\\Winamp\\winampa.exe"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\Windows Defender]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MSASCui"
"hkey"="HKLM"
"command"="\"C:\\Programme\\Windows Defender\\MSASCui.exe\" -hide"
"inimapping"="0"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winhld32
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Klick-Wartung.job
Completion time: 24.09.2006 11:50:51.60
ComboFix.txt
ComboFix2.txt