kennt sich einer mit trojanern gut aus??Thema ist geschlossen! |
||
|---|---|---|
Thema ist geschlossen! |
||
| #0
| ||
|
14.10.2006, 21:59
Member
Beiträge: 22 |
||
 
|
|
|
|
14.10.2006, 23:04
Ehrenmitglied
 Beiträge: 29434 |
#2
««
stelle den CleanUp genauso ein, wie hier angegeben: http://virus-protect.org/cleanup.html «« Kopiere diese 6 Textdateien ab . (rechtsklick mit der Maus -> den Text markieren -> kopieren -> einfügen) Sie sind nach Datum geordnet. (kopiere nur die letzten 3 Monate ab) http://virus-protect.org/datfindbat.html «« poste dieses log http://virus-protect.org/artikel/tools/combofix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
15.10.2006, 10:36
Member
Themenstarter Beiträge: 22 |
#3
das sind die logs von:
cleanup Verzeichnis von C:\WINDOWS\Temp 15.10.2006 10:12 43 removalfile.bat 15.10.2006 10:12 852.566 cmdinst.exe 14.10.2006 16:44 0 WER2B.tmp 11.10.2006 18:23 43.960 RGI2.tmp 11.10.2006 17:55 16.384 Perflib_Perfdata_2564.dat 14.09.2006 17:08 518 CamServr.log 14.09.2006 17:08 40.335 CamWizrd.log 14.09.2006 17:06 10.246 LgDSetup.txt 14.09.2006 17:06 7.350 InstExec.log 06.09.2006 17:21 86 del.bat 04.09.2006 10:46 16.384 Perflib_Perfdata_94.dat 04.09.2006 10:39 16.384 Perflib_Perfdata_7b4.dat 04.09.2006 10:25 16.384 Perflib_Perfdata_7d4.dat 04.09.2006 09:51 16.384 Perflib_Perfdata_20c.dat 04.09.2006 09:01 16.384 Perflib_Perfdata_c8.dat 04.09.2006 08:23 16.384 Perflib_Perfdata_a4.dat 01.09.2006 16:48 16.384 Perflib_Perfdata_7f4.dat 01.09.2006 15:57 16.384 Perflib_Perfdata_67c.dat 01.09.2006 15:00 16.384 Perflib_Perfdata_1a8.dat 01.09.2006 14:48 16.384 Perflib_Perfdata_7c4.dat 01.09.2006 14:41 16.384 Perflib_Perfdata_7c0.dat 01.09.2006 14:16 16.384 Perflib_Perfdata_7cc.dat 01.09.2006 14:01 16.384 Perflib_Perfdata_478.dat 01.09.2006 11:33 16.384 Perflib_Perfdata_5f0.dat 31.08.2006 20:52 16.384 Perflib_Perfdata_78.dat 31.08.2006 16:17 16.384 Perflib_Perfdata_638.dat 30.08.2006 19:22 16.384 Perflib_Perfdata_568.dat 30.08.2006 16:45 16.384 Perflib_Perfdata_77c.dat 30.08.2006 15:17 16.384 Perflib_Perfdata_658.dat 30.08.2006 15:09 16.384 Perflib_Perfdata_774.dat 30.08.2006 15:05 16.384 Perflib_Perfdata_44c.dat 30.08.2006 14:41 16.384 Perflib_Perfdata_7a4.dat 30.08.2006 14:27 16.384 Perflib_Perfdata_534.dat 29.08.2006 19:51 16.384 Perflib_Perfdata_5e0.dat 29.08.2006 18:50 16.384 Perflib_Perfdata_79c.dat 29.08.2006 15:45 16.384 Perflib_Perfdata_5c8.dat 29.08.2006 15:41 16.384 Perflib_Perfdata_5d0.dat 29.08.2006 15:31 16.384 Perflib_Perfdata_538.dat 28.08.2006 19:32 16.384 Perflib_Perfdata_424.dat 28.08.2006 19:27 16.384 Perflib_Perfdata_56c.dat 28.08.2006 14:21 16.384 Perflib_Perfdata_5dc.dat 28.08.2006 14:16 16.384 Perflib_Perfdata_5c4.dat 27.08.2006 20:00 16.384 Perflib_Perfdata_5bc.dat 27.08.2006 19:13 16.384 Perflib_Perfdata_524.dat 27.08.2006 12:18 16.384 Perflib_Perfdata_528.dat 27.08.2006 09:15 16.384 Perflib_Perfdata_598.dat 26.08.2006 23:08 16.384 Perflib_Perfdata_198.dat Verzeichnis von C:\ 15.10.2006 10:18 0 sys.txt 15.10.2006 10:18 535 down.txt 15.10.2006 10:18 3.702 tmp.txt 15.10.2006 10:18 8.097 system.txt 15.10.2006 10:18 10.519 systemtemp2.txt 15.10.2006 10:17 10.519 systemtemp.txt 15.10.2006 10:17 94.811 system32.txt 15.10.2006 10:12 372.736 kybrdff_e29.exe 15.10.2006 10:12 372.736 kybrdff_e28.exe 15.10.2006 10:12 25.105 MTE3NDI6ODoxNg.exe 15.10.2006 10:12 671.985 deskbar_e29.exe 15.10.2006 10:12 69.632 drsmartload.exe 15.10.2006 10:12 175.900 pro3_install.exe 15.10.2006 10:12 133.561 wacky32.exe 15.10.2006 10:05 805.306.368 pagefile.sys 14.10.2006 22:39 194 boot.ini 14.10.2006 20:41 360.448 nwnmff_e28.exe 14.10.2006 16:01 364.544 dfndrff_e29.exe 14.10.2006 13:22 233.719 Pict0002.JPG 14.10.2006 13:22 229.976 Pict0001.JPG 13.10.2006 11:23 356.352 nwnmff_e27.exe 12.10.2006 11:55 372.736 dfndrff_e27.exe 19.09.2006 11:00 251.352 deskbar.exe 23.08.2006 19:05 0 CONFIG.SYS 23.08.2006 19:05 0 IO.SYS 23.08.2006 19:05 0 AUTOEXEC.BAT 23.08.2006 19:05 0 MSDOS.SYS 29.08.2002 14:00 4.952 bootfont.bin 29.08.2002 14:00 47.580 NTDETECT.COM 29.08.2002 14:00 235.296 ntldr Verzeichnis von C:\WINDOWS 15.10.2006 10:12 0 keyboard1.dat 15.10.2006 10:11 8.012 algs.exe 15.10.2006 10:06 0 0.log 15.10.2006 10:06 1.625.563 WindowsUpdate.log 15.10.2006 10:06 159 wiadebug.log 15.10.2006 10:06 50 wiaservc.log 15.10.2006 10:05 2.048 bootstat.dat 14.10.2006 22:53 32.568 SchedLgU.Txt 14.10.2006 22:39 227 system.ini 14.10.2006 22:39 792 win.ini 14.10.2006 22:14 186.956 setupact.log 14.10.2006 13:11 593.074 setupapi.log 13.10.2006 18:34 1.444 COM+.log 11.10.2006 18:47 38.773 wmsetup.log 11.10.2006 18:47 447 wmsetup10.log 11.10.2006 18:26 152.767 Directx.log 11.10.2006 09:57 80.384 eiRecvr.exe 07.10.2006 21:11 316.640 WMSysPr9.prx 07.10.2006 20:13 25 SIERRA.INI 07.10.2006 19:19 10.783 cdplayer.ini 07.10.2006 14:30 80.384 ecRecvr.exe 07.10.2006 14:27 80.384 evRecvr.exe 07.10.2006 14:24 95.232 alrs.exe 28.09.2006 16:36 13.133 LUINSTALL.LOG 28.09.2006 14:39 43 drsmartload2.dat 28.09.2006 14:38 0 newname.dat 28.09.2006 14:09 79.360 spoolsv.exe 23.09.2006 09:02 3.121 mozver.dat 19.09.2006 13:33 6.092 ModemLog_Bluetooth-Modem.txt 10.09.2006 18:47 8.726 KB835732.log 10.09.2006 18:47 590 xpsp1hfm.log 10.09.2006 18:47 12.592 ntdtcsetup.log 10.09.2006 18:47 4.630 iis6.log 10.09.2006 18:47 23.660 comsetup.log 10.09.2006 18:47 17.777 tsoc.log 10.09.2006 18:47 1.374 imsins.log 10.09.2006 18:47 27.798 ocgen.log 10.09.2006 18:47 1.913 ocmsn.log 10.09.2006 18:47 2.098 msgsocm.log 10.09.2006 18:47 36.269 FaxSetup.log 04.09.2006 11:56 62.438 aolsoftware.exe 04.09.2006 08:37 7.066 KB899587.log 04.09.2006 08:37 7.440 KB885835.log 04.09.2006 08:28 6.948 KB885836.log 04.09.2006 08:28 6.768 KB911927.log 04.09.2006 08:28 6.670 KB922616.log 04.09.2006 08:27 6.473 KB901017.log 04.09.2006 08:27 6.369 KB899591.log 04.09.2006 08:27 6.639 KB896424.log 04.09.2006 08:27 6.176 KB893756.log 04.09.2006 08:27 6.077 KB911280.log 04.09.2006 08:27 6.350 KB911562.log 04.09.2006 08:27 5.878 KB917159.log 04.09.2006 08:27 5.856 KB873339.log 04.09.2006 08:26 5.453 KB891781.log 04.09.2006 08:26 5.185 KB890046.log 04.09.2006 08:26 4.509 KB900725.log 04.09.2006 08:21 1.229 Versatel.log 04.09.2006 08:21 31 wwwbatch.ini 04.09.2006 08:11 4.817 KB904706.log 04.09.2006 08:11 4.239 KB908531.log 04.09.2006 08:11 6.573 KB905749.log 03.09.2006 20:26 5.353 KB914388.log 03.09.2006 20:26 5.355 KB888302.log 03.09.2006 20:26 4.752 KB912919.log 03.09.2006 20:26 9.202 KB917344.log 03.09.2006 19:19 5.696 KB921398.log 03.09.2006 19:19 5.583 KB896358.log 03.09.2006 19:19 4.104 KB913580.log 03.09.2006 19:19 3.993 KB896428.log 03.09.2006 19:19 6.196 KB920670.log 03.09.2006 19:19 3.994 KB835409.log 03.09.2006 19:18 5.577 KB905495.log 01.09.2006 15:10 4.887 KB905414.log 01.09.2006 15:10 4.794 KB917953.log 01.09.2006 15:10 4.690 KB901214.log 01.09.2006 15:10 4.591 KB917422.log 01.09.2006 14:50 3.899 KB908519.log 01.09.2006 14:18 3.798 KB920683.log 01.09.2006 14:18 3.846 KB914389.log 01.09.2006 14:18 4.365 KB890859.log 01.09.2006 13:31 3.354 KB902400.log 01.09.2006 13:29 3.857 KB896423.log 01.09.2006 11:40 3.403 KB921883.log 29.08.2006 18:32 1.374 imsins.BAK 29.08.2006 18:32 7.809 KB842773.log 27.08.2006 13:01 8.115 KB893803v2.log 27.08.2006 13:01 7.015 KB898461.log 27.08.2006 12:43 336 nt24.dll 27.08.2006 09:23 400 ODBC.INI 26.08.2006 23:09 1.671.144 setupapi.log.0.old 26.08.2006 11:33 0 nsreg.dat 24.08.2006 21:23 1.392 Windows Update.log 23.08.2006 19:55 0 Sti_Trace.log 23.08.2006 19:53 1.348 regopt.log 23.08.2006 19:52 0 setuperr.log 23.08.2006 19:11 829 OEWABLog.txt 23.08.2006 19:08 8.192 REGLOCS.OLD 23.08.2006 19:05 0 control.ini 23.08.2006 19:05 299.552 WMSysPrx.prx 23.08.2006 19:05 4.161 ODBCINST.INI 23.08.2006 19:04 749 WindowsShell.Manifest 23.08.2006 19:02 37 vbaddin.ini 23.08.2006 19:02 36 vb.ini 23.08.2006 19:02 128 DtcInstall.log 23.08.2006 19:02 1.060 sessmgr.setup.log Verzeichnis von C:\DOKUME~1\Florian\LOKALE~1\Temp 15.10.2006 10:15 14.363 jusched.log 15.10.2006 10:12 43 removalfile.bat 15.10.2006 10:11 32.768 ~DF6170.tmp 15.10.2006 10:06 54.272 ginstall.dll 15.10.2006 09:58 32.768 ~DF7C4.tmp 14.10.2006 22:29 9.650.176 1fa8bc.msi 14.10.2006 21:58 32.768 ~DF4600.tmp 14.10.2006 21:46 32.768 ~DF8101.tmp 14.10.2006 21:37 0 WER3A.tmp 14.10.2006 21:10 171.020 rpt-1.txt 14.10.2006 15:57 32.768 ~DF4275.tmp 14.10.2006 15:04 416 java_install_reg.log 14.10.2006 14:20 32.768 ~DFA894.tmp 14.10.2006 13:23 8.021 TWAIN.LOG 14.10.2006 13:23 431.622 Preview.bmp 14.10.2006 13:23 168 CONFIG.DAT 14.10.2006 13:23 107.100 WhiteDPCM.dat 14.10.2006 13:23 91.800 BlackDPCM.dat 14.10.2006 13:23 30.720 NoStaggerWhiteShading.txt 14.10.2006 13:23 30.720 NoStaggerBlackShading.txt 14.10.2006 13:23 3 Twain001.Mtx 14.10.2006 13:23 156 Twunk001.MTX 14.10.2006 13:12 0 Twunk002.MTX 13.10.2006 18:06 514 MSIf00c5.LOG 13.10.2006 12:12 188 _uninsep.bat 13.10.2006 11:33 0 WER1C.tmp 13.10.2006 11:33 0 WER1B.tmp 13.10.2006 11:10 32.768 ~DF23DE.tmp 12.10.2006 14:55 230 _isdelet.ini 12.10.2006 14:30 32.768 ~DFA2BA.tmp 12.10.2006 13:04 32.768 ~DFC991.tmp 12.10.2006 12:03 0 WER8.tmp 12.10.2006 11:51 32.768 ~DFF552.tmp 11.10.2006 17:57 4.494.918 dd_netfx20MSI312C.txt 11.10.2006 17:54 5.238 ASPNETSetup_00000.log 11.10.2006 16:47 16.384 Perflib_Perfdata_1bcc.dat 11.10.2006 16:46 11.640 dd_netfx20UI312C.txt 11.10.2006 10:10 16.384 ~DFF50.tmp 11.10.2006 09:57 32.768 ~DF61D8.tmp 10.10.2006 18:55 32.768 ~DF918.tmp 10.10.2006 18:47 32.768 ~DF3411.tmp 10.10.2006 12:01 32.768 ~DF85DC.tmp 09.10.2006 19:55 32.768 ~DF47A4.tmp 08.10.2006 17:09 32.768 ~DFD611.tmp 08.10.2006 16:09 32.768 ~DFEE0B.tmp 08.10.2006 14:06 32.768 ~DF4BD6.tmp 08.10.2006 12:37 32.768 ~DFAB8F.tmp 07.10.2006 21:33 16.384 ~DF32B1.tmp 07.10.2006 21:02 12.674.858 mpsetup.cab 07.10.2006 20:57 10.538 control.xml 07.10.2006 20:55 32.768 ~DF7DF5.tmp 07.10.2006 20:48 158 WMPBE.tmp 07.10.2006 20:47 158 WMPBD.tmp 07.10.2006 20:43 1.581 serviceinfo.xml 07.10.2006 20:43 2.069 allservices.xml 07.10.2006 20:33 14.738 tmp.xpi 07.10.2006 20:15 32.768 ~DFC5E2.tmp 07.10.2006 16:40 98.304 a4d6.rra 07.10.2006 16:32 13.255 wsdD.tmp 07.10.2006 16:23 32.768 ~DFF28C.tmp 07.10.2006 15:45 158 WMP26.tmp 29.09.2006 18:09 32.768 ~DF5051.tmp 29.09.2006 15:23 36.644 AAX35.tmp 29.09.2006 15:23 34.304 AAX34.tmp 29.09.2006 15:15 36.644 AAX30.tmp 29.09.2006 15:15 34.304 AAX2F.tmp 29.09.2006 15:14 36.644 AAX2D.tmp 29.09.2006 15:14 34.304 AAX2B.tmp 29.09.2006 15:11 36.644 AAX29.tmp 29.09.2006 15:11 34.304 AAX28.tmp 29.09.2006 15:09 36.644 AAX26.tmp 29.09.2006 15:04 36.644 AAX23.tmp 29.09.2006 15:04 34.304 AAX1F.tmp 29.09.2006 15:00 36.644 AAX1E.tmp 29.09.2006 15:00 34.304 AAX1D.tmp 29.09.2006 14:59 36.644 AAX1C.tmp 29.09.2006 14:59 34.304 AAX1B.tmp 29.09.2006 14:56 36.644 AAX18.tmp 29.09.2006 14:52 73.728 toxiffwk.dll 29.09.2006 14:42 36.644 AAX12.tmp 29.09.2006 14:40 36.644 AAXE.tmp 29.09.2006 14:40 34.304 AAXC.tmp 29.09.2006 14:32 36.644 AAXA.tmp 29.09.2006 14:32 34.304 AAX8.tmp 29.09.2006 14:30 36.644 AAX4.tmp 29.09.2006 14:30 34.304 AAX3.tmp 29.09.2006 14:11 36.644 AAX9.tmp 29.09.2006 13:57 36.644 AAX7.tmp 29.09.2006 13:56 32.768 ~DF260F.tmp 29.09.2006 13:42 27.188 mp16523.cct 29.09.2006 13:42 53.529 mp15702.cct 29.09.2006 13:42 63.731 mp15844.cct 29.09.2006 13:42 26.002 mp24184.cct 29.09.2006 13:42 965.220 mp17151.cct 29.09.2006 13:42 12.471 mp23716.cct 29.09.2006 13:42 32.732 mp24170.cct 29.09.2006 13:42 97.810 mp18750.cct 29.09.2006 13:42 287.903 mp8117.cct 29.09.2006 13:42 161.016 mpc01200.cct 29.09.2006 13:42 61.596 mp7553.cct 29.09.2006 13:42 84.417 mp3887.cct 29.09.2006 13:42 18.732 mp1546.cct 29.09.2006 13:42 1.409 tmp341A7.FOT 29.09.2006 13:42 36.644 AAX37.tmp 29.09.2006 13:42 1.409 tmpD9F97.FOT 29.09.2006 13:42 34.304 AAX36.tmp 29.09.2006 13:42 75.254 mp535.cct 29.09.2006 13:42 151.513 mp12432.cct 29.09.2006 13:42 98.064 mpb01200.cct 29.09.2006 13:42 519 mp31300.cct 29.09.2006 13:42 26.538 mpb01200.w32 29.09.2006 13:42 10.302 mpa01200 29.09.2006 13:11 32.768 ~DFE1BA.tmp 28.09.2006 16:36 409 SYMDEL.bat 28.09.2006 16:36 1.996.544 Norton AntiVirus 2004 9-28-2006 16h28m50s.log 28.09.2006 16:35 2.642 LSInstall.log 28.09.2006 16:35 34.996 symcprop.dat 28.09.2006 16:33 172 NAVLiveReg.dat 28.09.2006 16:20 32.768 ~DF7F49.tmp 28.09.2006 15:37 32.768 ~DF5FFD.tmp 28.09.2006 15:33 32.768 ~DF59B5.tmp 28.09.2006 15:20 36.644 AAX7C.tmp 28.09.2006 15:20 34.304 AAX7B.tmp 28.09.2006 15:18 36.644 AAX76.tmp 28.09.2006 15:18 34.304 AAX75.tmp 28.09.2006 15:16 36.644 AAX6E.tmp 28.09.2006 15:16 34.304 AAX6D.tmp 28.09.2006 15:12 36.644 AAX65.tmp 28.09.2006 14:48 36.644 AAX55.tmp 27.09.2006 19:41 34.304 AAX4F.tmp 27.09.2006 19:23 36.644 AAX3E.tmp 27.09.2006 15:19 44 mpc02996 27.09.2006 15:18 68.160 mp9008.cct 27.09.2006 15:16 44 mpb02996 27.09.2006 15:16 60.588 mp8499.cct 27.09.2006 15:16 169.033 mp20966.cct 27.09.2006 15:16 89.684 mp16887.cct 27.09.2006 15:16 203.732 mp29572.cct 27.09.2006 15:16 27.380 mp29314.cct 27.09.2006 15:16 190.582 mp22461.cct 27.09.2006 15:16 151.158 mp5265.cct 27.09.2006 15:16 195.345 mp31430.cct 27.09.2006 15:16 140.107 mp25207.cct 27.09.2006 15:16 128.314 mp22738.cct 27.09.2006 15:16 157.052 mp1340.cct 27.09.2006 15:16 37.734 mp26919.cct 27.09.2006 15:14 27.188 mp23797.cct 27.09.2006 15:14 53.529 mp6677.cct 27.09.2006 15:14 63.731 mp25147.cct 27.09.2006 15:13 965.220 mp7511.cct 27.09.2006 15:13 26.002 mp27936.cct 27.09.2006 15:13 12.471 mp28727.cct 27.09.2006 15:13 32.732 mp26539.cct 27.09.2006 15:13 287.903 mp8239.cct 27.09.2006 15:13 97.810 mp4238.cct 27.09.2006 15:13 161.016 mp27351.cct 27.09.2006 15:13 61.596 mpc02996.cct 27.09.2006 15:13 84.417 mp31148.cct 27.09.2006 15:13 18.732 mp24115.cct 27.09.2006 15:13 1.409 tmp36755.FOT 27.09.2006 15:13 36.644 AAX6B.tmp 27.09.2006 15:13 1.409 tmp34755.FOT 27.09.2006 15:13 34.304 AAX6A.tmp 27.09.2006 15:13 75.254 mp10529.cct 27.09.2006 15:13 151.513 mp2831.cct 27.09.2006 15:13 98.064 mpb02996.cct 27.09.2006 15:13 519 mp9253.cct 27.09.2006 15:13 26.538 mpb02996.w32 27.09.2006 15:13 10.302 mpa02996 27.09.2006 15:00 36.644 AAX5E.tmp 27.09.2006 14:42 36.644 AAX2C.tmp 27.09.2006 14:42 36.644 AAX25.tmp 27.09.2006 14:35 32.768 ~DFFC7D.tmp 26.09.2006 20:49 36.644 AAX1A.tmp 26.09.2006 20:14 36.644 AAXD.tmp 26.09.2006 20:08 36.644 AAX74.tmp 26.09.2006 20:08 34.304 AAX73.tmp 26.09.2006 19:53 36.644 AAX69.tmp 26.09.2006 19:52 36.644 AAX63.tmp 26.09.2006 19:45 36.644 AAX5A.tmp 26.09.2006 19:44 34.304 AAX53.tmp 26.09.2006 19:40 36.644 AAX4C.tmp 26.09.2006 19:40 34.304 AAX4B.tmp 26.09.2006 19:38 36.644 AAX44.tmp 26.09.2006 19:38 34.304 AAX43.tmp 26.09.2006 19:23 36.644 AAX33.tmp 26.09.2006 19:23 34.304 AAX32.tmp 26.09.2006 19:22 36.644 AAX2A.tmp 26.09.2006 15:19 36.644 AAX2E.tmp 26.09.2006 14:58 36.644 AAX20.tmp 26.09.2006 14:50 36.644 AAX16.tmp 26.09.2006 14:50 34.304 AAX15.tmp 26.09.2006 14:50 36.644 AAX10.tmp 26.09.2006 14:50 34.304 AAXF.tmp 26.09.2006 14:49 32.768 ~DFE0F1.tmp 26.09.2006 14:37 36.644 AAX78.tmp 26.09.2006 14:31 36.644 AAX70.tmp 26.09.2006 14:15 364 tmp-1.xpi 26.09.2006 13:42 32.768 ~DF51B9.tmp 28.07.2006 07:52 1.081.856 GoogleInstall.dll Verzeichnis von C:\WINDOWS\system32 15.10.2006 10:17 54.389 dccdd.ini 15.10.2006 10:12 40.973 rqrppmj.dll 15.10.2006 10:12 40.973 cbxvurr.dll 15.10.2006 10:12 40.973 ddcdbxy.dll 14.10.2006 22:01 24.576 wu.exe 14.10.2006 16:10 116 wlouzg.bat 14.10.2006 16:10 51.068 iitz.exe 11.10.2006 17:54 397.374 perfh009.dat 11.10.2006 17:54 411.168 perfh007.dat 11.10.2006 17:54 60.366 perfc009.dat 11.10.2006 17:54 73.018 perfc007.dat 11.10.2006 17:54 914.316 PerfStringBackup.INI 11.10.2006 10:32 350.720 MSDHCP32.exe 11.10.2006 09:59 1.233 aaa00000.sys 10.10.2006 19:22 123 fjjzlop.bat 10.10.2006 19:22 51.068 mkbnvf.exe 10.10.2006 19:00 69 i 10.10.2006 09:16 164.864 mxs.exe 09.10.2006 21:50 552 d3d8caps.dat 09.10.2006 19:57 1.233 ukv195d1.sys 09.10.2006 19:53 2.206 wpa.dbl 08.10.2006 12:55 0 TFTP6316 07.10.2006 21:12 16.832 amcompat.tlb 07.10.2006 21:12 23.392 nscompat.tlb 07.10.2006 21:00 80.384 setup_04871.exe 07.10.2006 19:24 6.582 lvcoinst.log 07.10.2006 16:28 487.936 TFTP3088 29.09.2006 18:17 79.360 setup_06106.exe 29.09.2006 14:52 674.971 dccdd.bak2 29.09.2006 13:57 79.360 setup_88852.exe 28.09.2006 18:01 40.973 efcyaxv.dll 28.09.2006 15:03 79.360 setup_65802.exe 28.09.2006 14:51 143.380 idkuyfxm.exe 28.09.2006 14:51 672.263 dccdd.bak1 28.09.2006 14:51 577.588 ddccd.dll 28.09.2006 14:38 687.592 atmtd.dll 28.09.2006 14:38 687.592 atmtd.dll._ 27.09.2006 19:27 85 printsvc.inf 26.09.2006 14:32 129 bmjrfxy.bat 26.09.2006 14:32 51.068 kqiqedfp.exe 23.09.2006 16:16 0 TFTP4768 23.09.2006 12:34 319.488 lame_enc.dll 23.09.2006 09:02 6.977 jupdate-1.5.0_06-b05.log 22.09.2006 17:41 21.840 SIntfNT.dll 22.09.2006 17:41 17.212 SIntf32.dll 22.09.2006 17:41 12.067 SIntf16.dll 21.09.2006 14:53 0 TFTP4812 19.09.2006 20:13 0 setup_56700.exe 18.09.2006 15:40 1.412 setup_56332.exe 18.09.2006 14:08 0 TFTP5148 18.09.2006 14:03 0 TFTP3892 15.09.2006 20:04 0 setup_34577.exe 15.09.2006 13:23 0 TFTP3840 11.09.2006 20:33 0 TFTP5368 09.09.2006 21:42 0 TFTP2304 08.09.2006 18:45 0 TFTP2760 08.09.2006 15:03 34.064 k.exe 08.09.2006 08:01 0 TFTP1360 07.09.2006 12:54 57.384 avsda.dll 04.09.2006 11:30 2.953 CONFIG.NT 01.09.2006 00:00 73.728 EmAcmMp3Wrapper.ax 01.09.2006 00:00 237.568 HDX4mp4Source.ax 01.09.2006 00:00 151.552 HDX4AMRDecoder.ax 01.09.2006 00:00 155.648 HDX4AACDecoder.ax 01.09.2006 00:00 1.007.616 MediaReveal.dll 31.08.2006 20:51 135.664 FNTCACHE.DAT 31.08.2006 00:00 1.339.392 BCGCB650.dll 31.08.2006 00:00 504.832 hdx4_dshow.dll 28.08.2006 19:29 8.192 zdjfg.exe 27.08.2006 19:33 0 haeost.exe 27.08.2006 19:19 0 TFTP232 26.08.2006 22:51 0 hngbb.exe 25.08.2006 16:37 111.616 fzxc.exe 24.08.2006 21:43 7.168 mgaagq.exe 24.08.2006 21:23 0 x_dtrace_log 23.08.2006 19:59 0 h323log.txt 23.08.2006 19:11 25.065 wmpscheme.xml 23.08.2006 19:08 237 $winnt$.inf 23.08.2006 19:04 488 WindowsLogon.manifest 23.08.2006 19:04 488 logonui.exe.manifest 23.08.2006 19:04 749 ncpa.cpl.manifest 23.08.2006 19:04 749 sapi.cpl.manifest 23.08.2006 19:04 749 nwc.cpl.manifest 23.08.2006 19:04 749 wuaucpl.cpl.manifest 23.08.2006 19:04 749 cdplayer.exe.manifest 23.08.2006 19:02 21.740 emptyregdb.dat 23.08.2006 00:00 188.416 vorbis.dll 23.08.2006 00:00 45.056 ogg.dll 23.08.2006 00:00 237.568 OggDS.dll 23.08.2006 00:00 921.600 vorbisenc.dll 28.07.2006 09:30 236.824 xactengine2_3.dll 28.07.2006 09:30 63.768 dxdllreg.exe 28.07.2006 09:30 62.744 xinput1_2.dll combofix (((((((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\drsmartload2.dat C:\dfndrff_e27.exe C:\dfndrff_e29.exe C:\drsmartload.exe C:\nwnmff_e28.exe C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WTQ7KLM7\nwnmff_e[1].exe C:\mte3ndi6odoxng.exe C:\WINDOWS\system32\aaa00000.sys C:\WINDOWS\uninstall_nmon.vbs C:\WINDOWS\system32\atmtd.dll C:\WINDOWS\system32\atmtd.dll._ C:\WINDOWS\Rmxvcmlhbg C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\NetMon C:\Programme\Deskbar C:\Programme\network monitor ((((((((((((((((((((((((((((((( Files Created from 2006-09-15 to 2006-10-15 )))))))))))))))))))))))))))))))))) 2006-10-15 10:12 671,985 --a------ C:\deskbar_e29.exe 2006-10-15 10:12 40,973 ---hs---- C:\WINDOWS\system32\rqrppmj.dll 2006-10-15 10:12 40,973 ---hs---- C:\WINDOWS\system32\ddcdbxy.dll 2006-10-15 10:12 40,973 ---hs---- C:\WINDOWS\system32\cbxvurr.dll 2006-10-15 10:12 372,736 --a------ C:\kybrdff_e29.exe 2006-10-15 10:12 372,736 --a------ C:\kybrdff_e28.exe 2006-10-15 10:12 251,352 --a------ C:\deskbar.exe 2006-10-15 10:12 175,900 --a------ C:\pro3_install.exe 2006-10-14 16:10 51,068 --ah----- C:\WINDOWS\system32\iitz.exe 2006-10-14 16:10 116 --a------ C:\WINDOWS\system32\wlouzg.bat 2006-10-14 14:22 133,561 --a------ C:\wacky32.exe 2006-10-14 13:11 87,040 --a------ C:\WINDOWS\system32\wiafbdrv.dll 2006-10-14 13:11 36,864 -ra------ C:\WINDOWS\system32\Vizmicro.dll 2006-10-14 13:11 26,112 -ra------ C:\WINDOWS\RunUnDrv.exe 2006-10-14 13:11 14,208 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2006-10-13 11:22 356,352 --a------ C:\nwnmff_e27.exe 2006-10-12 11:51 24,576 --ahs---- C:\WINDOWS\system32\wu.exe 2006-10-11 19:02 77,824 --a------ C:\WINDOWS\system32\ctdvda32.dll 2006-10-11 19:02 333,600 --a------ C:\WINDOWS\system32\drivers\ctdvda2k.sys 2006-10-11 19:02 204,800 --a------ C:\WINDOWS\system32\IVIresizeW7.dll 2006-10-11 19:02 200,704 --a------ C:\WINDOWS\system32\IVIresizeA6.dll 2006-10-11 19:02 20,480 --a------ C:\WINDOWS\system32\IVIresize.dll 2006-10-11 19:02 192,512 --a------ C:\WINDOWS\system32\IVIresizeP6.dll 2006-10-11 19:02 192,512 --a------ C:\WINDOWS\system32\IVIresizeM6.dll 2006-10-11 19:02 188,416 --a------ C:\WINDOWS\system32\IVIresizePX.dll 2006-10-11 18:20 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2006-10-11 18:20 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2006-10-11 18:19 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2006-10-11 18:18 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll 2006-10-11 18:18 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe 2006-10-11 18:18 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys 2006-10-11 18:18 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe 2006-10-11 18:18 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll 2006-10-11 18:18 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll 2006-10-11 18:18 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll 2006-10-11 18:18 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll 2006-10-11 18:18 76,800 --a------ C:\WINDOWS\system32\dmscript.dll 2006-10-11 18:18 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll 2006-10-11 18:18 723,968 --a------ C:\WINDOWS\system32\dpnet.dll 2006-10-11 18:18 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2006-10-11 18:18 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll 2006-10-11 18:18 64,512 --a------ C:\WINDOWS\system32\amstream.dll 2006-10-11 18:18 63,768 --a------ C:\WINDOWS\system32\dxdllreg.exe 2006-10-11 18:18 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll 2006-10-11 18:18 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll 2006-10-11 18:18 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys 2006-10-11 18:18 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys 2006-10-11 18:18 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2006-10-11 18:18 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll 2006-10-11 18:18 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys 2006-10-11 18:18 470,528 --a------ C:\WINDOWS\system32\qdvd.dll 2006-10-11 18:18 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll 2006-10-11 18:18 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2006-10-11 18:18 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2006-10-11 18:18 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys 2006-10-11 18:18 381,952 --a------ C:\WINDOWS\system32\dsound.dll 2006-10-11 18:18 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll 2006-10-11 18:18 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll 2006-10-11 18:18 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll 2006-10-11 18:18 33,280 --a------ C:\WINDOWS\system32\dmloader.dll 2006-10-11 18:18 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll 2006-10-11 18:18 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll 2006-10-11 18:18 316,928 --a------ C:\WINDOWS\system32\qdv.dll 2006-10-11 18:18 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll 2006-10-11 18:18 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll 2006-10-11 18:18 292,864 --a------ C:\WINDOWS\system32\ddraw.dll 2006-10-11 18:18 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe 2006-10-11 18:18 27,136 --a------ C:\WINDOWS\system32\dmband.dll 2006-10-11 18:18 257,024 --a------ C:\WINDOWS\system32\qcap.dll 2006-10-11 18:18 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll 2006-10-11 18:18 230,400 --a------ C:\WINDOWS\system32\dplayx.dll 2006-10-11 18:18 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll 2006-10-11 18:18 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll 2006-10-11 18:18 181,248 --a------ C:\WINDOWS\system32\dmime.dll 2006-10-11 18:18 18,944 --a------ C:\WINDOWS\system32\encapi.dll 2006-10-11 18:18 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys 2006-10-11 18:18 18,432 --a------ C:\WINDOWS\system32\dswave.dll 2006-10-11 18:18 16,896 --a------ C:\WINDOWS\system32\msyuv.dll 2006-10-11 18:18 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe 2006-10-11 18:18 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys 2006-10-11 18:18 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys 2006-10-11 18:18 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys 2006-10-11 18:18 132,608 --a------ C:\WINDOWS\system32\devenum.dll 2006-10-11 18:18 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys 2006-10-11 18:18 13,312 --a------ C:\WINDOWS\system32\msdmo.dll 2006-10-11 18:18 122,880 --a------ C:\WINDOWS\system32\dmusic.dll 2006-10-11 18:18 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll 2006-10-11 18:18 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys 2006-10-11 18:18 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll 2006-10-11 18:18 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys 2006-10-11 18:18 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys 2006-10-11 18:18 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll 2006-10-11 18:18 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll 2006-10-11 18:18 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll 2006-10-11 18:18 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll 2006-10-11 18:18 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll 2006-10-11 18:18 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll 2006-10-11 18:18 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll 2006-10-11 18:18 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll 2006-10-11 10:31 350,720 -ra------ C:\WINDOWS\system32\MSDHCP32.exe 2006-10-11 09:59 8,012 --a------ C:\WINDOWS\algs.exe 2006-10-11 09:57 80,384 -r-hs---- C:\WINDOWS\eiRecvr.exe 2006-10-10 19:22 51,068 --ah----- C:\WINDOWS\system32\mkbnvf.exe 2006-10-10 19:22 123 --a------ C:\WINDOWS\system32\fjjzlop.bat 2006-10-10 09:16 164,864 --a------ C:\WINDOWS\system32\mxs.exe 2006-10-07 21:00 80,384 --a------ C:\WINDOWS\system32\setup_04871.exe 2006-10-07 18:56 384,512 --a------ C:\WINDOWS\system32\mp4sdmod.dll 2006-10-07 18:56 316,040 --a------ C:\WINDOWS\system32\mp43dmod.dll 2006-10-07 18:56 241,664 --a------ C:\WINDOWS\system32\mpg4dmod.dll 2006-10-07 14:30 80,384 -r-hs---- C:\WINDOWS\ecRecvr.exe 2006-10-07 14:27 80,384 -r-hs---- C:\WINDOWS\evRecvr.exe 2006-10-07 14:24 95,232 -r-hs---- C:\WINDOWS\alrs.exe 2006-09-29 18:17 79,360 --a------ C:\WINDOWS\system32\setup_06106.exe 2006-09-29 18:13 1,233 --a------ C:\WINDOWS\system32\ukv195d1.sys 2006-09-29 14:52 674,971 ---hs---- C:\WINDOWS\system32\dccdd.bak2 2006-09-29 13:57 79,360 --a------ C:\WINDOWS\system32\setup_88852.exe 2006-09-28 18:12 57,384 --a------ C:\WINDOWS\system32\avsda.dll 2006-09-28 18:12 32,768 --a------ C:\WINDOWS\system32\drivers\avgntdd.sys 2006-09-28 18:12 14,848 --a------ C:\WINDOWS\system32\drivers\avgntmgr.sys 2006-09-28 18:01 40,973 --------- C:\WINDOWS\system32\efcyaxv.dll 2006-09-28 15:03 79,360 --a------ C:\WINDOWS\system32\setup_65802.exe 2006-09-28 14:51 672,263 ---hs---- C:\WINDOWS\system32\dccdd.bak1 2006-09-28 14:51 577,588 --------- C:\WINDOWS\system32\ddccd.dll 2006-09-28 14:51 143,380 --a------ C:\WINDOWS\system32\idkuyfxm.exe 2006-09-28 14:09 79,360 -r-hs---- C:\WINDOWS\spoolsv.exe 2006-09-26 14:32 51,068 --ah----- C:\WINDOWS\system32\kqiqedfp.exe 2006-09-26 14:32 129 --a------ C:\WINDOWS\system32\bmjrfxy.bat 2006-09-23 12:34 319,488 --a------ C:\WINDOWS\system32\lame_enc.dll 2006-09-23 12:31 504,832 --a------ C:\WINDOWS\system32\hdx4_dshow.dll 2006-09-23 12:01 28,160 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2006-09-23 12:01 20,480 --a------ C:\WINDOWS\system32\hidserv.dll 2006-09-23 12:01 14,080 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2006-09-22 17:40 21,840 --a----t- C:\WINDOWS\system32\SIntfNT.dll 2006-09-22 17:40 17,212 --a----t- C:\WINDOWS\system32\SIntf32.dll 2006-09-22 17:40 12,067 --a----t- C:\WINDOWS\system32\SIntf16.dll 2006-09-19 20:13 0 --a------ C:\WINDOWS\system32\setup_56700.exe 2006-09-18 15:38 1,412 --a------ C:\WINDOWS\system32\setup_56332.exe 2006-09-15 20:04 0 --a------ C:\WINDOWS\system32\setup_34577.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2006-10-15 10:11 -------- d-------- C:\Programme\Mozilla Firefox 2006-10-15 10:00 -------- d-------- C:\Programme\CleanUp! 2006-10-14 22:35 -------- d-------- C:\Programme\Google 2006-10-14 21:10 -------- d-------- C:\Programme\aida32ee_393 2006-10-13 18:04 -------- d-------- C:\Programme\Internet Explorer 2006-10-12 14:40 -------- d--h----- C:\Programme\InstallShield Installation Information 2006-10-12 14:40 -------- d-------- C:\Programme\Rockstar Games 2006-10-11 19:27 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\InterVideo 2006-10-11 19:24 -------- d-------- C:\Programme\Dkill95 2006-10-11 19:06 -------- d-------- C:\Programme\Gemeinsame Dateien\InterVideo 2006-10-11 19:02 -------- d-------- C:\Programme\InterVideo 2006-10-11 19:02 -------- d-------- C:\Programme\Gemeinsame Dateien 2006-10-11 19:02 -------- d-------- C:\Programme\Creative 2006-10-10 11:41 -------- d-------- C:\Programme\Gemeinsame Dateien\InstallShield 2006-10-07 21:12 -------- d-------- C:\Programme\Windows Media Player 2006-10-07 19:26 -------- d-------- C:\Programme\audiograbber 2006-10-07 18:56 -------- d-------- C:\Programme\Movie Maker 2006-09-28 18:12 -------- d-------- C:\Programme\AntiVir PersonalEdition Classic 2006-09-28 14:52 -------- d-------- C:\Programme\VSToolbar 2006-09-28 14:52 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\SearchToolbarCorp 2006-09-26 14:30 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Macromedia 2006-09-23 16:43 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Sun 2006-09-23 12:46 -------- d-------- C:\Programme\Xilisoft 2006-09-23 12:34 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Jomigo 2006-09-23 12:31 -------- d-------- C:\Programme\HDX4 2006-09-23 11:52 -------- d-------- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard 2006-09-23 09:02 -------- d-------- C:\Programme\Java 2006-09-23 08:57 -------- d-------- C:\Programme\Gemeinsame Dateien\Java 2006-09-22 22:54 -------- d---s---- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Microsoft 2006-09-22 22:53 -------- d-------- C:\Programme\MSN Messenger 2006-09-22 20:06 -------- d-------- C:\Programme\Jap 2006-09-22 17:38 -------- d-------- C:\Programme\directx 2006-09-15 15:07 -------- d-------- C:\Programme\Gemeinsame Dateien\Logitech 2006-09-15 15:07 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\ArcSoft 2006-09-14 17:10 8864 --a------ C:\WINDOWS\system32\drivers\CDAC15BA.SYS 2006-09-14 17:01 -------- d-------- C:\Programme\ArcSoft 2006-09-10 18:47 -------- d-------- C:\Programme\NetMeeting 2006-09-09 10:52 -------- d-------- C:\Programme\SlySoft 2006-09-08 15:03 34064 --a------ C:\WINDOWS\system32\k.exe 2006-09-07 19:10 -------- d-------- C:\Programme\ASCOMP Software 2006-09-06 19:01 -------- d-------- C:\Programme\IrfanView 2006-09-04 11:56 62438 -r-hs---- C:\WINDOWS\aolsoftware.exe 2006-09-04 11:21 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Symantec 2006-09-04 11:08 -------- d-------- C:\Programme\Belkin 2006-09-04 08:25 -------- d-------- C:\Programme\Versatel 2006-09-01 00:00 1007616 --a------ C:\WINDOWS\system32\MediaReveal.dll 2006-08-31 00:00 1339392 --a------ C:\WINDOWS\system32\BCGCB650.dll 2006-08-28 19:29 8192 --ah----- C:\WINDOWS\system32\zdjfg.exe 2006-08-28 16:37 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Ulead Systems 2006-08-28 16:33 -------- d-------- C:\Programme\Ulead Systems 2006-08-27 19:33 0 --ah----- C:\WINDOWS\system32\haeost.exe 2006-08-27 12:43 336 --a------ C:\WINDOWS\nt24.dll 2006-08-27 09:22 -------- d-------- C:\Programme\Gemeinsame Dateien\Microsoft Shared 2006-08-27 09:22 -------- d-------- C:\Programme\Gemeinsame Dateien\DESIGNER 2006-08-27 09:21 -------- d-------- C:\Programme\Microsoft.NET 2006-08-27 09:21 -------- d-------- C:\Programme\Microsoft Office 2006-08-27 09:21 -------- d-------- C:\Programme\Gemeinsame Dateien\System 2006-08-26 23:19 -------- d-------- C:\Programme\pspvideo9 2006-08-26 23:19 -------- d-------- C:\Programme\AviSynth 2.5 2006-08-26 22:51 0 --ah----- C:\WINDOWS\system32\hngbb.exe 2006-08-26 22:10 -------- d-------- C:\Programme\TuneUp Utilities 2006 2006-08-26 22:10 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\TuneUp Software 2006-08-26 11:33 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Mozilla 2006-08-25 16:37 111616 --ah----- C:\WINDOWS\system32\fzxc.exe 2006-08-25 15:25 -------- d--h----- C:\Programme\WindowsUpdate 2006-08-24 21:43 7168 --ah----- C:\WINDOWS\system32\mgaagq.exe 2006-08-24 21:39 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Help 2006-08-24 21:13 -------- d-------- C:\Programme\Gemeinsame Dateien\Softwin 2006-08-23 19:53 62 --ahs---- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\desktop.ini 2006-08-23 19:53 -------- d-------- C:\Programme\Gemeinsame Dateien\SpeechEngines 2006-08-23 19:53 -------- d-------- C:\Programme\Gemeinsame Dateien\ODBC 2006-08-23 19:11 -------- d-------- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Identities 2006-08-23 19:10 -------- d--h----- C:\Programme\Uninstall Information 2006-08-23 19:05 0 -rahs---- C:\MSDOS.SYS 2006-08-23 19:05 0 -rahs---- C:\IO.SYS 2006-08-23 19:05 0 --a------ C:\CONFIG.SYS 2006-08-23 19:05 0 --a------ C:\AUTOEXEC.BAT 2006-08-23 19:05 -------- d-------- C:\Programme\xerox 2006-08-23 19:05 -------- d-------- C:\Programme\microsoft frontpage 2006-08-23 19:04 -------- d-------- C:\Programme\Online-Dienste 2006-08-23 19:03 -------- d-------- C:\Programme\Outlook Express 2006-08-23 19:03 -------- d-------- C:\Programme\Gemeinsame Dateien\MSSoap 2006-08-23 19:03 -------- d-------- C:\Programme\Gemeinsame Dateien\Dienste 2006-08-23 19:02 -------- d-------- C:\Programme\ComPlus Applications 2006-08-23 19:01 -------- d-------- C:\Programme\Windows NT 2006-08-23 19:01 -------- d-------- C:\Programme\Online Services 2006-08-23 19:01 -------- d-------- C:\Programme\MSN Gaming Zone 2006-08-23 19:01 -------- d-------- C:\Programme\MSN 2006-08-23 19:01 -------- d-------- C:\Programme\Messenger 2006-08-23 00:00 921600 --a------ C:\WINDOWS\system32\vorbisenc.dll 2006-08-23 00:00 45056 --a------ C:\WINDOWS\system32\ogg.dll 2006-08-23 00:00 237568 --a------ C:\WINDOWS\system32\OggDS.dll 2006-08-23 00:00 188416 --a------ C:\WINDOWS\system32\vorbis.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "ATIModeChange"="Ati2mdxx.exe" "LVCOMSX"="C:\\WINDOWS\\System32\\LVCOMSX.EXE" "SunJavaUpdateSched"="C:\\Programme\\Java\\jre1.5.0_06\\bin\\jusched.exe" "avgnt"="\"C:\\Programme\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min" "Spooler SubSystem App"="C:\\WINDOWS\\System32\\spoolsvc.exe" "ukv195d1"="RUNDLL32.EXE w05c0177.dll,n 005195cc0000000a05c0177" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components] "DeskHtmlVersion"=dword:00000110 "DeskHtmlMinorVersion"=dword:00000005 "Settings"=dword:00000001 "GeneralFlags"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Die derzeitige Homepage" "Flags"=dword:00000002 "Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,00,03,00,00,00,\ 00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00 "CurrentState"=hex:04,00,00,40 "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\ ff,ff,04,00,00,00 "RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\ 00,00,01,00,00,00 [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "MS Dynamic Host Configuration Protocol"="MSDHCP32.exe" "ALUAlert"="C:\\Programme\\Symantec\\LiveUpdate\\ALUNotify.exe" [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run] "CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE" "MS Dynamic Host Configuration Protocol"="MSDHCP32.exe" "ALUAlert"="C:\\Programme\\Symantec\\LiveUpdate\\ALUNotify.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"="" "{7D00738B-6974-4794-98D4-DE79A07ECD81}"="" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer] "NoDriveTypeAutoRun"=dword:00000091 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}" "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}" "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "HotKey"="C:\\WINDOWS\\Twain_32\\SlimU2\\HotKey.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk] "path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\BTTray.lnk" "backup"="C:\\WINDOWS\\pss\\BTTray.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Belkin\\BLUETO~1\\BTTray.exe " "item"="BTTray" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Ulead Kalendar Checker 4.0 SE.lnk] "path"="C:\\Dokumente und Einstellungen\\All Users\\Startmenü\\Programme\\Autostart\\Ulead Kalendar Checker 4.0 SE.lnk" "backup"="C:\\WINDOWS\\pss\\Ulead Kalendar Checker 4.0 SE.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\ULEADS~1\\ULEADP~1.0SE\\CalCheck.exe " "item"="Ulead Kalendar Checker 4.0 SE" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CloneCDTray" "hkey"="HKLM" "command"="\"C:\\Programme\\SlySoft\\CloneCD\\CloneCDTray.exe\" /s" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\defender] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dfndrff_e29" "hkey"="HKLM" "command"="C:\\\\dfndrff_e29.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msmsgs" "hkey"="HKCU" "command"="\"C:\\Programme\\Messenger\\msmsgs.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Programme\\MSN Messenger\\msnmsgr.exe\" /background" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\newname] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="nwnmff_e28" "hkey"="HKLM" "command"="C:\\\\nwnmff_e28.exe" "inimapping"="0" HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddccd HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcyaxv [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Klick-Wartung.job Completion time: 06-10-15 10:28:06.32 C:\ComboFix.txt ... 06-10-15 10:28 C:\ComboFix2.txt ... 06-10-15 10:25 schon einmal danke für deine hilfe __________ ------------- BigF |
|
|
|
|
|
|
15.10.2006, 12:39
Ehrenmitglied
Beiträge: 29434 |
#4
virustotal
Oben auf der Seite --> auf Durchsuchen klicken --> die Datei mit korrektem Pfad einkopieren) --> Doppelklick auf die zu prüfende Datei --> klick auf Submit... jetzt abwarten http://www.virustotal.com/flash/index_en.html C:\WINDOWS\aolsoftware.exe C:\WINDOWS\nt24.dll C:\WINDOWS\ecRecvr.exe C:\WINDOWS\evRecvr.exe C:\WINDOWS\system32\MediaReveal.dll poste die reporte _____________________________________________________ Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit 'Speichern unter' auf dem Desktop. Gebe bei Dateityp 'Alle Dateien' an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint Zitat cd\_____________________________________________________________ Avenger http://virus-protect.org/artikel/tools/avenger.html kopiere rein: Zitat registry keys to delete:Klicke die gruene Ampel das Script wird nun ausgeführt, dann wird der PC automatisch neustarten ** post hier das log vom avenger, was nach neustart erscheint ** Cleanup anwenden http://virus-protect.org/cleanup.html ** poste noch mal die 6 logs von datfindbat __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
15.10.2006, 18:42
Member
Themenstarter Beiträge: 22 |
||
|
|
|
|
|
15.10.2006, 19:38
Ehrenmitglied
Beiträge: 29434 |
#6
die verseuchung ist ziemlich gross... es ware hilfreich, wenn du alles abarbeiten und posten wuerdest, worum ich gebeten hatte, vor allem die listen.bat - und auch die genannten Dateien oben mit virustotal ueberpruefen koenntest.
(der Antivirus findet leider nicht alles, man muss bei so einer schweren Verseuchung konsequent sein...) Dazu gibt es noch Dienste, welche von den Viren erstellt wurden - und die ich noch suchen/loeschen lasse muss) ich habe schon mal begonnen, eine Seite zum Thema zu eroeffnen...nun wuerde ich es gern zu Ende bringen  http://virus-protect.org/artikel/spyware/config_virus.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
17.10.2006, 15:46
Member
Themenstarter Beiträge: 22 |
#7
virustotal:
Complete scanning result of "aolsoftware.exe", received in VirusTotal at 10.16.2006, 15:29:02 (CET). Antivirus Version Update Result AntiVir 7.2.0.30 10.16.2006 no virus found Authentium 4.93.8 10.13.2006 no virus found Avast 4.7.892.0 10.16.2006 Win32:Sdbot-3722 AVG 386 10.14.2006 no virus found BitDefender 7.2 10.16.2006 GenPack:Generic.Sdbot.640C666D CAT-QuickHeal 8.00 10.16.2006 (Suspicious) - DNAScan ClamAV devel-20060426 10.15.2006 no virus found DrWeb 4.33 10.16.2006 Win32.HLLW.MyBot eTrust-InoculateIT 23.73.22 10.13.2006 no virus found eTrust-Vet 30.3.3137 10.16.2006 no virus found Ewido 4.0 10.16.2006 Backdoor.SdBot.xd Fortinet 2.82.0.0 10.16.2006 suspicious F-Prot 3.16f 10.13.2006 no virus found F-Prot4 4.2.1.29 10.13.2006 generic Ikarus 0.2.65.0 10.16.2006 no virus found Kaspersky 4.0.2.24 10.16.2006 Packed.Win32.CryptExe McAfee 4873 10.13.2006 no virus found Microsoft 1.1603 10.16.2006 Backdoor:Win32/Rbot!C2F6 NOD32v2 1.1804 10.15.2006 a variant of IRC/SdBot Norman 5.80.02 10.16.2006 no virus found Panda 9.0.0.4 10.15.2006 Suspicious file Sophos 4.10.0 10.15.2006 no virus found TheHacker 6.0.1.099 10.16.2006 no virus found UNA 1.83 10.13.2006 no virus found VBA32 3.11.1 10.16.2006 Win32.HLLW.MyBot VirusBuster 4.3.7:9 10.15.2006 no virus found Complete scanning result of "nt24.dll", received in VirusTotal at 10.16.2006, 15:32:50 (CET). Antivirus Version Update Result AntiVir 7.2.0.30 10.16.2006 no virus found Authentium 4.93.8 10.13.2006 no virus found Avast 4.7.892.0 10.16.2006 no virus found AVG 386 10.14.2006 no virus found BitDefender 7.2 10.16.2006 no virus found CAT-QuickHeal 8.00 10.16.2006 no virus found ClamAV devel-20060426 10.15.2006 no virus found DrWeb 4.33 10.16.2006 no virus found eTrust-InoculateIT 23.73.22 10.13.2006 no virus found eTrust-Vet 30.3.3137 10.16.2006 no virus found Ewido 4.0 10.16.2006 no virus found Fortinet 2.82.0.0 10.16.2006 no virus found F-Prot 3.16f 10.13.2006 no virus found F-Prot4 4.2.1.29 10.13.2006 no virus found Ikarus 0.2.65.0 10.16.2006 no virus found Kaspersky 4.0.2.24 10.16.2006 no virus found McAfee 4873 10.13.2006 no virus found Microsoft 1.1603 10.16.2006 no virus found NOD32v2 1.1804 10.15.2006 no virus found Norman 5.80.02 10.16.2006 no virus found Panda 9.0.0.4 10.15.2006 no virus found Sophos 4.10.0 10.15.2006 no virus found TheHacker 6.0.1.099 10.16.2006 no virus found UNA 1.83 10.13.2006 no virus found VBA32 3.11.1 10.16.2006 no virus found VirusBuster 4.3.7:9 10.15.2006 no virus found Complete scanning result of "ecRecvr.exe", received in VirusTotal at 10.16.2006, 15:38:09 (CET). Antivirus Version Update Result AntiVir 7.2.0.30 10.16.2006 no virus found Authentium 4.93.8 10.13.2006 no virus found Avast 4.7.892.0 10.16.2006 no virus found AVG 386 10.14.2006 no virus found BitDefender 7.2 10.16.2006 no virus found CAT-QuickHeal 8.00 10.16.2006 no virus found ClamAV devel-20060426 10.15.2006 no virus found DrWeb 4.33 10.16.2006 no virus found eTrust-InoculateIT 23.73.22 10.13.2006 no virus found eTrust-Vet 30.3.3137 10.16.2006 no virus found Ewido 4.0 10.16.2006 no virus found Fortinet 2.82.0.0 10.16.2006 no virus found F-Prot 3.16f 10.13.2006 no virus found F-Prot4 4.2.1.29 10.13.2006 no virus found Ikarus 0.2.65.0 10.16.2006 no virus found Kaspersky 4.0.2.24 10.16.2006 no virus found McAfee 4873 10.13.2006 no virus found Microsoft 1.1603 10.16.2006 no virus found NOD32v2 1.1804 10.15.2006 no virus found Norman 5.80.02 10.16.2006 no virus found Panda 9.0.0.4 10.15.2006 no virus found Sophos 4.10.0 10.15.2006 no virus found TheHacker 6.0.1.099 10.16.2006 no virus found UNA 1.83 10.13.2006 no virus found VBA32 3.11.1 10.16.2006 no virus found VirusBuster 4.3.7:9 10.15.2006 no virus found Complete scanning result of "evRecvr.exe", received in VirusTotal at 10.16.2006, 15:45:00 (CET). Antivirus Version Update Result AntiVir 7.2.0.30 10.16.2006 no virus found Authentium 4.93.8 10.13.2006 no virus found Avast 4.7.892.0 10.16.2006 no virus found AVG 386 10.14.2006 no virus found BitDefender 7.2 10.16.2006 no virus found CAT-QuickHeal 8.00 10.16.2006 no virus found ClamAV devel-20060426 10.15.2006 no virus found DrWeb 4.33 10.16.2006 no virus found eTrust-InoculateIT 23.73.22 10.13.2006 no virus found eTrust-Vet 30.3.3137 10.16.2006 no virus found Ewido 4.0 10.16.2006 no virus found Fortinet 2.82.0.0 10.16.2006 no virus found F-Prot 3.16f 10.13.2006 no virus found F-Prot4 4.2.1.29 10.16.2006 no virus found Ikarus 0.2.65.0 10.16.2006 no virus found Kaspersky 4.0.2.24 10.16.2006 no virus found McAfee 4873 10.13.2006 no virus found Microsoft 1.1603 10.16.2006 no virus found NOD32v2 1.1804 10.15.2006 no virus found Norman 5.80.02 10.16.2006 no virus found Panda 9.0.0.4 10.15.2006 no virus found Sophos 4.10.0 10.15.2006 no virus found TheHacker 6.0.1.099 10.16.2006 no virus found UNA 1.83 10.13.2006 no virus found VBA32 3.11.1 10.16.2006 no virus found VirusBuster 4.3.7:9 10.15.2006 no virus found Complete scanning result of "MediaReveal.dll", received in VirusTotal at 10.16.2006, 15:47:13 (CET). Antivirus Version Update Result AntiVir 7.2.0.30 10.16.2006 no virus found Authentium 4.93.8 10.13.2006 no virus found Avast 4.7.892.0 10.16.2006 no virus found AVG 386 10.14.2006 no virus found BitDefender 7.2 10.16.2006 no virus found CAT-QuickHeal 8.00 10.16.2006 no virus found ClamAV devel-20060426 10.15.2006 no virus found DrWeb 4.33 10.16.2006 no virus found eTrust-InoculateIT 23.73.22 10.13.2006 no virus found eTrust-Vet 30.3.3137 10.16.2006 no virus found Ewido 4.0 10.16.2006 no virus found Fortinet 2.82.0.0 10.16.2006 no virus found F-Prot 3.16f 10.13.2006 no virus found F-Prot4 4.2.1.29 10.16.2006 no virus found Ikarus 0.2.65.0 10.16.2006 no virus found Kaspersky 4.0.2.24 10.16.2006 no virus found McAfee 4873 10.13.2006 no virus found Microsoft 1.1603 10.16.2006 no virus found NOD32v2 1.1804 10.15.2006 no virus found Norman 5.80.02 10.16.2006 no virus found Sophos 4.10.0 10.15.2006 no virus found TheHacker 6.0.1.099 10.16.2006 no virus found UNA 1.83 10.13.2006 no virus found VBA32 3.11.1 10.16.2006 no virus found VirusBuster 4.3.7:9 10.15.2006 no virus found listen.bat: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\Windows\System32\Com 15.10.2006 10:12 <DIR> . 15.10.2006 10:12 <DIR> .. 29.08.2002 14:00 186.880 comadmin.dll 29.08.2002 14:00 8.192 comrepl.exe 29.08.2002 14:00 5.120 comrereg.exe 28.09.2006 15:56 49.152 dreve.exe 12.07.2006 23:59 94 install.bat 29.08.2002 14:00 19.456 mtsadmin.tlb 6 Datei(en) 268.894 Bytes 2 Verzeichnis(se), 63.259.860.992 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\Windows\system32\config 15.10.2006 11:56 <DIR> . 15.10.2006 11:56 <DIR> .. 24.08.2006 21:24 65.536 Antiviru.evt 01.09.2006 14:26 65.536 Antivirus.Evt 15.10.2006 11:31 899.084 AppEvent.Evt 15.10.2006 12:42 786.432 default 23.08.2006 20:51 94.208 default.sav 26.08.2006 22:17 262.144 default_BAK_41043 01.09.2006 13:59 258.048 default_BAK_53358 11.10.2006 00:12 16.384 drpep.exe 22.09.2006 18:47 102 run.bat 15.10.2006 11:31 20.480 SAM 26.08.2006 22:17 262.144 SAM_BAK_35943 01.09.2006 13:59 262.144 SAM_BAK_70919 15.10.2006 11:31 524.288 SecEvent.Evt 15.10.2006 13:15 262.144 SECURITY 26.08.2006 22:17 262.144 SECURITY_BAK_11507 01.09.2006 13:59 262.144 SECURITY_BAK_94093 15.10.2006 11:31 18.087.936 software 23.08.2006 20:51 606.208 software.sav 26.08.2006 22:17 8.912.896 software_BAK_71639 01.09.2006 13:59 15.204.352 software_BAK_78117 15.10.2006 11:31 524.288 SysEvent.Evt 15.10.2006 13:23 3.670.016 system 23.08.2006 20:51 405.504 system.sav 04.09.2006 11:30 <DIR> systemprofile 26.08.2006 22:17 2.883.584 system_BAK_35363 01.09.2006 13:59 2.883.584 system_BAK_92856 23.08.2006 20:51 262.144 userdiff 26 Datei(en) 57.743.474 Bytes 3 Verzeichnis(se), 63.259.856.896 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\Programme 15.10.2006 12:40 <DIR> . 15.10.2006 12:40 <DIR> .. 14.10.2006 21:10 <DIR> aida32ee_393 28.09.2006 18:12 <DIR> AntiVir PersonalEdition Classic 14.09.2006 17:01 <DIR> ArcSoft 07.09.2006 19:10 <DIR> ASCOMP Software 07.10.2006 19:26 <DIR> audiograbber 26.08.2006 23:19 <DIR> AviSynth 2.5 04.09.2006 11:08 <DIR> Belkin 15.10.2006 10:00 <DIR> CleanUp! 23.08.2006 19:02 <DIR> ComPlus Applications 11.10.2006 19:02 <DIR> Creative 22.09.2006 17:38 <DIR> directx 11.10.2006 19:24 <DIR> Dkill95 11.10.2006 19:02 <DIR> Gemeinsame Dateien 14.10.2006 22:35 <DIR> Google 23.09.2006 12:31 <DIR> HDX4 13.10.2006 18:04 <DIR> Internet Explorer 11.10.2006 19:02 <DIR> InterVideo 06.09.2006 19:01 <DIR> IrfanView 22.09.2006 20:06 <DIR> Jap 23.09.2006 09:02 <DIR> Java 15.10.2006 11:59 <DIR> Lavasoft 23.08.2006 19:01 <DIR> Messenger 23.08.2006 19:05 <DIR> microsoft frontpage 27.08.2006 09:21 <DIR> Microsoft Office 27.08.2006 09:21 <DIR> Microsoft.NET 07.10.2006 18:56 <DIR> Movie Maker 15.10.2006 12:16 <DIR> Mozilla Firefox 23.08.2006 19:01 <DIR> MSN 23.08.2006 19:01 <DIR> MSN Gaming Zone 22.09.2006 22:53 <DIR> MSN Messenger 10.09.2006 18:47 <DIR> NetMeeting 23.08.2006 19:01 <DIR> Online Services 23.08.2006 19:04 <DIR> Online-Dienste 23.08.2006 19:03 <DIR> Outlook Express 26.08.2006 23:19 <DIR> pspvideo9 12.10.2006 14:40 <DIR> Rockstar Games 09.09.2006 10:52 <DIR> SlySoft 15.10.2006 12:18 <DIR> Spybot - Search & Destroy 26.08.2006 22:10 <DIR> TuneUp Utilities 2006 28.08.2006 16:33 <DIR> Ulead Systems 04.09.2006 08:25 <DIR> Versatel 07.10.2006 21:12 <DIR> Windows Media Player 23.08.2006 19:01 <DIR> Windows NT 23.08.2006 19:05 <DIR> xerox 23.09.2006 12:46 <DIR> Xilisoft 15.10.2006 12:00 <DIR> Zone Labs 0 Datei(en) 0 Bytes 48 Verzeichnis(se), 63.259.852.800 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Anwendungsdaten 11.10.2006 10:10 <DIR> ApplicationHistory 13.10.2006 21:02 24.064 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 26.08.2006 23:20 140 fusioncache.dat 04.09.2006 09:23 30.000 GDIPFONTCACHEV1.DAT 04.09.2006 11:13 <DIR> Help 25.08.2006 15:19 <DIR> Identities 07.10.2006 20:46 <DIR> Microsoft 26.08.2006 11:33 <DIR> Mozilla 07.10.2006 20:12 <DIR> WMTools Downloaded Files 3 Datei(en) 54.204 Bytes 6 Verzeichnis(se), 63.259.852.800 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\Dokumente und Einstellungen\Florian\Anwendungsdaten 15.09.2006 15:07 <DIR> ArcSoft 24.08.2006 21:39 <DIR> Help 23.08.2006 19:11 <DIR> Identities 11.10.2006 19:27 <DIR> InterVideo 23.09.2006 12:34 <DIR> Jomigo 15.10.2006 12:43 <DIR> Lavasoft 26.09.2006 14:30 <DIR> Macromedia 26.08.2006 11:33 <DIR> Mozilla 23.09.2006 16:43 <DIR> Sun 04.09.2006 11:21 <DIR> Symantec 26.08.2006 22:10 <DIR> TuneUp Software 28.08.2006 16:37 <DIR> Ulead Systems 0 Datei(en) 0 Bytes 12 Verzeichnis(se), 63.259.852.800 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten 28.09.2006 18:14 305 addr_file.html 15.10.2006 13:12 <DIR> AntiVir PersonalEdition Classic 15.10.2006 12:07 <DIR> Spybot - Search & Destroy 28.09.2006 16:35 <DIR> Symantec 13.10.2006 12:05 <DIR> TuneUp Software 28.08.2006 16:37 <DIR> Ulead Systems 1 Datei(en) 305 Bytes 5 Verzeichnis(se), 63.259.852.800 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\Programme\Gemeinsame Dateien 11.10.2006 19:02 <DIR> . 11.10.2006 19:02 <DIR> .. 27.08.2006 09:22 <DIR> DESIGNER 23.08.2006 19:03 <DIR> Dienste 10.10.2006 11:41 <DIR> InstallShield 11.10.2006 19:06 <DIR> InterVideo 23.09.2006 08:57 <DIR> Java 15.09.2006 15:07 <DIR> Logitech 27.08.2006 09:22 <DIR> Microsoft Shared 23.08.2006 19:03 <DIR> MSSoap 23.08.2006 19:53 <DIR> ODBC 24.08.2006 21:13 <DIR> Softwin 23.08.2006 19:53 <DIR> SpeechEngines 27.08.2006 09:21 <DIR> System 23.09.2006 11:52 <DIR> Wise Installation Wizard 0 Datei(en) 0 Bytes 15 Verzeichnis(se), 63.259.852.800 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\WINDOWS\Downloaded Program Files 14.10.1997 18:52 697 DirectAnimation Java Classes.osd 20.01.2000 15:25 1.162 Microsoft XML Parser for Java.osd 22.06.2006 11:41 5.032 swflash.inf 11.08.2004 02:22 3.036 wmv9dmo.inf 4 Datei(en) 9.927 Bytes 0 Verzeichnis(se), 63.259.848.704 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 CleanUp! started on 10/17/06 15:40:18. ... C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Mozilla\Firefox\Profiles\aewh7kha.default\history.dat - deleted C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Mozilla\Firefox\Profiles\aewh7kha.default\cookies.txt.old - deleted C:\Dokumente und Einstellungen\Florian\Recent\avenger.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\avenger2.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\aventger.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\dos befehle.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\jklh.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Lokaler Datenträger (C).lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Neu Textdokument (2).lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Neu Textdokument (3).lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Neu Textdokument.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Pict0001.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Pict0002.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\thread kennt sich einer gut mit trojanern aus.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Virenfrei.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\virus ttal.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\avenger.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\avenger2.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\aventger.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\dos befehle.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\jklh.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Lokaler Datenträger (C).lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Neu Textdokument (2).lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Neu Textdokument (3).lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Neu Textdokument.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Pict0001.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Pict0002.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\thread kennt sich einer gut mit trojanern aus.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\Virenfrei.lnk - deleted C:\Dokumente und Einstellungen\Florian\Recent\virus ttal.lnk - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\InstHelp.dll - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\jupdate1.5.0.xml - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\jusched.log - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\~DF4A54.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\~DF5333.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\~DFA973.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\BTN%Copy%1\BTN%Copy%2\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\BTN%Copy%1\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\isp8.tmp\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\NI.UWA6PU_0001_N91M2107\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\nsi29.tmp\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\Temporäres Verzeichnis 1 für avenger.zip\avenger.exe - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\Temporäres Verzeichnis 1 für Bobbahacks.zip\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\Temporäres Verzeichnis 2 für avenger.zip\avenger.exe - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\Temporäres Verzeichnis 2 für dkinst.zip\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\Temporäres Verzeichnis 3 für dkinst.zip\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\VSDF.tmp\dotnetfx\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\VSDF.tmp\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp.dir00\appcompat.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp.dir00\manifest.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp.dir00\svchost.exe.hdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp.dir00\svchost.exe.mdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER1B.tmp.dir00\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER1C.tmp.dir00\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER1F.tmp.dir00\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER38.tmp.dir00\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER39.tmp.dir00\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER3A.tmp.dir00\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp.dir00\appcompat.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp.dir00\manifest.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp.dir00\svchost.exe.hdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp.dir00\svchost.exe.mdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER7.tmp.dir00\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER8.tmp.dir01\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERC.tmp.dir00\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp.dir00\appcompat.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp.dir00\manifest.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp.dir00\svchost.exe.hdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp.dir00\svchost.exe.mdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WMC0000.tmp\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WMC0001.tmp\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\_isD\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\_isE\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\{98e8a2ef-4eae-43b8-a172-74842b764777}\ - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\InstHelp.dll - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\jupdate1.5.0.xml - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\jusched.log - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\~DF4A54.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\~DF5333.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\~DFA973.tmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\Temporäres Verzeichnis 1 für avenger.zip\avenger.exe - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\Temporäres Verzeichnis 2 für avenger.zip\avenger.exe - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp.dir00\appcompat.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp.dir00\manifest.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp.dir00\svchost.exe.hdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER15.tmp.dir00\svchost.exe.mdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp.dir00\appcompat.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp.dir00\manifest.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp.dir00\svchost.exe.hdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WER5.tmp.dir00\svchost.exe.mdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp.dir00\appcompat.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp.dir00\manifest.txt - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp.dir00\svchost.exe.hdmp - deleted C:\DOKUME~1\Florian\LOKALE~1\Temp\WERF.tmp.dir00\svchost.exe.mdmp - deleted C:\WINDOWS\SET3.tmp - deleted C:\WINDOWS\SETA.tmp - deleted C:\WINDOWS\temp\ZLT0139b.TMP - deleted C:\WINDOWS\temp\ZLT0139e.TMP - deleted C:\WINDOWS\temp\ZLT043ce.TMP - deleted C:\WINDOWS\temp\ZLT043d1.TMP - deleted C:\WINDOWS\temp\ZLT04795.TMP - deleted C:\WINDOWS\temp\ZLT04798.TMP - deleted C:\WINDOWS\temp\ZLT04b52.TMP - deleted C:\WINDOWS\temp\ZLT06103.TMP - deleted C:\WINDOWS\temp\ZLT06106.TMP - deleted C:\WINDOWS\temp\tmp00000011\ - deleted C:\WINDOWS\temp\tmp00000080\ - deleted C:\WINDOWS\temp\tmp000001b0\ - deleted C:\WINDOWS\temp\tmp000001d5\ - deleted C:\WINDOWS\temp\tmp00000215\ - deleted C:\WINDOWS\temp\tmp0000025f\ - deleted C:\WINDOWS\temp\tmp0000030b\ - deleted C:\WINDOWS\temp\tmp000003a5\ - deleted C:\WINDOWS\temp\tmp000003ef\ - deleted C:\WINDOWS\temp\tmp00000431\ - deleted C:\WINDOWS\temp\tmp00000471\ - deleted C:\WINDOWS\temp\tmp0000054b\ - deleted C:\WINDOWS\temp\tmp00000749\ - deleted C:\WINDOWS\temp\tmp000007c1\ - deleted C:\WINDOWS\temp\tmp00000824\ - deleted C:\WINDOWS\temp\tmp00000879\ - deleted C:\WINDOWS\temp\tmp000008dd\ - deleted C:\WINDOWS\temp\tmp00000936\ - deleted C:\WINDOWS\temp\tmp00000956\ - deleted C:\WINDOWS\temp\tmp000009a8\ - deleted C:\WINDOWS\temp\tmp00000a35\ - deleted C:\WINDOWS\temp\tmp00000b2c\ - deleted C:\WINDOWS\temp\tmp00000bcc\ - deleted C:\WINDOWS\temp\tmp00000c0a\ - deleted C:\WINDOWS\temp\tmp00000c61\ - deleted C:\WINDOWS\temp\tmp00000d2d\ - deleted C:\WINDOWS\temp\tmp00000dd0\ - deleted C:\WINDOWS\temp\tmp00000e2e\ - deleted C:\WINDOWS\temp\tmp00000ea5\ - deleted C:\WINDOWS\temp\tmp00000f05\ - deleted C:\WINDOWS\temp\tmp0000122f\ - deleted C:\WINDOWS\temp\tmp0000131b\ - deleted C:\WINDOWS\temp\tmp000013a1\ - deleted C:\WINDOWS\temp\tmp0000151e\ - deleted C:\WINDOWS\temp\tmp0000153a\ - deleted C:\WINDOWS\temp\tmp0000159c\ - deleted C:\WINDOWS\temp\tmp000016a3\ - deleted C:\WINDOWS\temp\tmp00001771\ - deleted C:\WINDOWS\temp\tmp00001828\ - deleted C:\WINDOWS\temp\tmp0000194c\ - deleted C:\WINDOWS\temp\tmp00001ad8\ - deleted C:\WINDOWS\temp\tmp00001b9b\ - deleted C:\WINDOWS\temp\tmp00001bb9\ - deleted C:\WINDOWS\temp\tmp00001be8\ - deleted C:\WINDOWS\temp\tmp00001d92\ - deleted C:\WINDOWS\temp\tmp00001dc6\ - deleted C:\WINDOWS\temp\tmp00001e6c\ - deleted C:\WINDOWS\temp\tmp00001ea2\ - deleted C:\WINDOWS\temp\tmp00001efc\ - deleted C:\WINDOWS\temp\tmp00002044\ - deleted C:\WINDOWS\temp\tmp00002063\ - deleted C:\WINDOWS\temp\tmp000020ec\ - deleted C:\WINDOWS\temp\tmp00002109\ - deleted C:\WINDOWS\temp\tmp00002159\ - deleted C:\WINDOWS\temp\tmp0000230b\ - deleted C:\WINDOWS\temp\tmp00002325\ - deleted C:\WINDOWS\temp\tmp00002500\ - deleted C:\WINDOWS\temp\tmp00002544\ - deleted C:\WINDOWS\temp\tmp00002549\ - deleted C:\WINDOWS\temp\tmp000025e6\ - deleted C:\WINDOWS\temp\tmp000025eb\ - deleted C:\WINDOWS\temp\tmp00002633\ - deleted C:\WINDOWS\temp\tmp00002637\ - deleted C:\WINDOWS\temp\tmp0000267f\ - deleted C:\WINDOWS\temp\tmp000027ad\ - deleted C:\WINDOWS\temp\tmp0000280e\ - deleted C:\WINDOWS\temp\tmp00002817\ - deleted C:\WINDOWS\temp\tmp00002888\ - deleted C:\WINDOWS\temp\tmp00002b1b\ - deleted C:\WINDOWS\temp\tmp00002c52\ - deleted C:\WINDOWS\temp\tmp00002c6d\ - deleted C:\WINDOWS\temp\tmp00002edd\ - deleted C:\WINDOWS\temp\tmp00003092\ - deleted C:\WINDOWS\temp\tmp0000313a\ - deleted C:\WINDOWS\temp\tmp0000316e\ - deleted C:\WINDOWS\temp\tmp00003183\ - deleted C:\WINDOWS\temp\tmp0000320a\ - deleted C:\WINDOWS\temp\tmp00003247\ - deleted C:\WINDOWS\temp\tmp000032ab\ - deleted C:\WINDOWS\temp\tmp0000330f\ - deleted C:\WINDOWS\temp\tmp0000332e\ - deleted C:\WINDOWS\temp\tmp00003343\ - deleted C:\WINDOWS\temp\tmp0000355b\ - deleted C:\WINDOWS\temp\tmp00003763\ - deleted C:\WINDOWS\temp\tmp00003789\ - deleted C:\WINDOWS\temp\tmp000038a4\ - deleted C:\WINDOWS\temp\tmp00003948\ - deleted C:\WINDOWS\temp\tmp00003949\ - deleted C:\WINDOWS\temp\tmp00003b49\ - deleted C:\WINDOWS\temp\tmp00003b4b\ - deleted C:\WINDOWS\temp\tmp00003bfa\ - deleted C:\WINDOWS\temp\tmp00003c3d\ - deleted C:\WINDOWS\temp\tmp00003c90\ - deleted C:\WINDOWS\temp\tmp00003dd5\ - deleted C:\WINDOWS\temp\tmp00003ed1\ - deleted C:\WINDOWS\temp\tmp00003f19\ - deleted C:\WINDOWS\temp\tmp000040bf\ - deleted C:\WINDOWS\temp\tmp00004120\ - deleted C:\WINDOWS\temp\tmp00004158\ - deleted C:\WINDOWS\temp\tmp00004207\ - deleted C:\WINDOWS\temp\tmp0000423d\ - deleted C:\WINDOWS\temp\tmp00004254\ - deleted C:\WINDOWS\temp\tmp00004296\ - deleted C:\WINDOWS\temp\tmp00004303\ - deleted C:\WINDOWS\temp\tmp0000430e\ - deleted C:\WINDOWS\temp\tmp000044ef\ - deleted C:\WINDOWS\temp\tmp000044f3\ - deleted C:\WINDOWS\temp\tmp0000460a\ - deleted C:\WINDOWS\temp\tmp00004636\ - deleted C:\WINDOWS\temp\tmp000046f9\ - deleted C:\WINDOWS\temp\tmp0000483c\ - deleted C:\WINDOWS\temp\tmp000048c1\ - deleted C:\WINDOWS\temp\tmp00004b3c\ - deleted C:\WINDOWS\temp\tmp00004b7c\ - deleted C:\WINDOWS\temp\tmp00004c48\ - deleted C:\WINDOWS\temp\tmp00004c6c\ - deleted C:\WINDOWS\temp\tmp00004d22\ - deleted C:\WINDOWS\temp\tmp00004f2a\ - deleted C:\WINDOWS\temp\tmp00004fdb\ - deleted C:\WINDOWS\temp\tmp00005060\ - deleted C:\WINDOWS\temp\tmp00005188\ - deleted C:\WINDOWS\temp\tmp000051ed\ - deleted C:\WINDOWS\temp\tmp00005260\ - deleted C:\WINDOWS\temp\tmp000052ea\ - deleted C:\WINDOWS\temp\tmp000053a4\ - deleted C:\WINDOWS\temp\tmp0000540b\ - deleted C:\WINDOWS\temp\tmp00005592\ - deleted C:\WINDOWS\temp\tmp000055ad\ - deleted C:\WINDOWS\temp\tmp0000567d\ - deleted C:\WINDOWS\temp\tmp000056d6\ - deleted C:\WINDOWS\temp\tmp0000578e\ - deleted C:\WINDOWS\temp\tmp000059c4\ - deleted C:\WINDOWS\temp\tmp00005a37\ - deleted C:\WINDOWS\temp\tmp00005a6e\ - deleted C:\WINDOWS\temp\tmp00005b34\ - deleted C:\WINDOWS\temp\tmp00005cdf\ - deleted C:\WINDOWS\temp\tmp00005d39\ - deleted C:\WINDOWS\temp\tmp00005e1f\ - deleted C:\WINDOWS\temp\tmp00005e8b\ - deleted C:\WINDOWS\temp\tmp00005e9b\ - deleted C:\WINDOWS\temp\tmp00005f0e\ - deleted C:\WINDOWS\temp\tmp00005f22\ - deleted C:\WINDOWS\temp\tmp00005f76\ - deleted C:\WINDOWS\temp\tmp00005fd5\ - deleted C:\WINDOWS\temp\tmp00006056\ - deleted C:\WINDOWS\temp\tmp0000608c\ - deleted C:\WINDOWS\temp\tmp00006091\ - deleted C:\WINDOWS\temp\tmp000060f0\ - deleted C:\WINDOWS\temp\tmp00006163\ - deleted C:\WINDOWS\temp\tmp00006165\ - deleted C:\WINDOWS\temp\tmp00006212\ - deleted C:\WINDOWS\temp\tmp00006280\ - deleted C:\WINDOWS\temp\tmp0000629b\ - deleted C:\WINDOWS\temp\tmp000062b7\ - deleted C:\WINDOWS\temp\tmp00006316\ - deleted C:\WINDOWS\temp\tmp00006354\ - deleted C:\WINDOWS\temp\tmp000063ed\ - deleted C:\WINDOWS\temp\tmp00006504\ - deleted C:\WINDOWS\temp\tmp00006513\ - deleted C:\WINDOWS\temp\tmp0000669f\ - deleted C:\WINDOWS\temp\tmp000066cf\ - deleted C:\WINDOWS\temp\tmp00006746\ - deleted C:\WINDOWS\temp\tmp00006901\ - deleted C:\WINDOWS\temp\tmp00006945\ - deleted C:\WINDOWS\temp\tmp0000699b\ - deleted C:\WINDOWS\temp\tmp0000699d\ - deleted C:\WINDOWS\temp\tmp00006a41\ - deleted C:\WINDOWS\temp\tmp00006a94\ - deleted C:\WINDOWS\temp\tmp00006add\ - deleted C:\WINDOWS\temp\tmp00006b12\ - deleted C:\WINDOWS\temp\tmp00006bac\ - deleted C:\WINDOWS\temp\tmp00006c12\ - deleted C:\WINDOWS\temp\tmp00006e10\ - deleted C:\WINDOWS\temp\tmp00006e15\ - deleted C:\WINDOWS\temp\tmp00006fd7\ - deleted C:\WINDOWS\temp\tmp0000703a\ - deleted C:\WINDOWS\temp\tmp000070a2\ - deleted C:\WINDOWS\temp\tmp000070d4\ - deleted C:\WINDOWS\temp\tmp000070f7\ - deleted C:\WINDOWS\temp\tmp000072e7\ - deleted C:\WINDOWS\temp\tmp00007373\ - deleted C:\WINDOWS\temp\tmp0000741a\ - deleted C:\WINDOWS\temp\tmp00007446\ - deleted C:\WINDOWS\temp\tmp000074e5\ - deleted C:\WINDOWS\temp\tmp000076c3\ - deleted C:\WINDOWS\temp\tmp00007725\ - deleted C:\WINDOWS\temp\tmp00007740\ - deleted C:\WINDOWS\temp\tmp0000785f\ - deleted C:\WINDOWS\temp\tmp00007947\ - deleted C:\WINDOWS\temp\tmp00007ac6\ - deleted C:\WINDOWS\temp\tmp00007c98\ - deleted C:\WINDOWS\temp\tmp00007cc3\ - deleted C:\WINDOWS\temp\tmp00007cda\ - deleted C:\WINDOWS\temp\tmp00007d14\ - deleted C:\WINDOWS\temp\tmp00007d2f\ - deleted C:\WINDOWS\temp\tmp00007d92\ - deleted C:\WINDOWS\temp\tmp00007e33\ - deleted C:\WINDOWS\temp\tmp00007e8e\ - deleted C:\WINDOWS\temp\tmp00007ee2\ - deleted C:\WINDOWS\temp\tmp00007f3a\ - deleted C:\WINDOWS\temp\WER2B.tmp.dir00\ - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\system@ads.adnet-plus[1].txt - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\system@autoaff3[1].txt - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\system@www.adnet-plus[2].txt - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\system@ads.adnet-plus[1].txt - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\system@autoaff3[1].txt - deleted C:\Dokumente und Einstellungen\LocalService\Cookies\system@www.adnet-plus[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@888[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ad.adition[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ad.yieldmanager[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ads.adnet-plus[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ads.gameforgeads[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@amazon[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@cassava[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@check[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@interactualdvd[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@interactual[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@matrix.mediavantage[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ogame[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@partygaming.122.2o7[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@partypoker[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@passul.t-online[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@portal[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@serviceswitching[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@survey[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@uni53.ogame[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@www.adnet-plus[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@www.avira[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@www.ogame[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@888[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ad.adition[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ad.yieldmanager[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ads.adnet-plus[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ads.gameforgeads[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@amazon[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@cassava[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@check[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@interactualdvd[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@interactual[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@matrix.mediavantage[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@ogame[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@partygaming.122.2o7[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@partypoker[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@passul.t-online[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@portal[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@serviceswitching[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@survey[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@uni53.ogame[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@www.adnet-plus[2].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@www.avira[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\florian@www.ogame[1].txt - deleted C:\Dokumente und Einstellungen\Florian\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\Default User\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\Default User\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\Administrator\Cookies\index.dat - deleted C:\Dokumente und Einstellungen\Administrator\Cookies\index.dat - deleted C:\WINDOWS\Prefetch\AC3_0010.EXE-2C22AF0F.pf - deleted C:\WINDOWS\Prefetch\ALGS.EXE-1F4DAC35.pf - deleted C:\WINDOWS\Prefetch\ALRS.EXE-2BF2D3B0.pf - deleted C:\WINDOWS\Prefetch\ATI2MDXX.EXE-00F23993.pf - deleted C:\WINDOWS\Prefetch\AVCENTER.EXE-37584419.pf - deleted C:\WINDOWS\Prefetch\AVGNT.EXE-36CA4640.pf - deleted C:\WINDOWS\Prefetch\AVGUARD.EXE-3490B18B.pf - deleted C:\WINDOWS\Prefetch\AVNOTIFY.EXE-22AE9451.pf - deleted C:\WINDOWS\Prefetch\AVSCAN.EXE-05AECC0E.pf - deleted C:\WINDOWS\Prefetch\BDNEWS.EXE-0E71E1C2.pf - deleted C:\WINDOWS\Prefetch\BDSS.EXE-11B98B2C.pf - deleted C:\WINDOWS\Prefetch\BTWDINS.EXE-299B5CFB.pf - deleted C:\WINDOWS\Prefetch\CB.EXE-2A89850D.pf - deleted C:\WINDOWS\Prefetch\CBS.EXE-05C70479.pf - deleted C:\WINDOWS\Prefetch\CLBAN.EXE-26D3E025.pf - deleted C:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf - deleted C:\WINDOWS\Prefetch\CMDINST.EXE-0C71A1C6.pf - deleted C:\WINDOWS\Prefetch\COMMAND.EXE-05B165CE.pf - deleted C:\WINDOWS\Prefetch\CSC.EXE-1113BFA6.pf - deleted C:\WINDOWS\Prefetch\CVTRES.EXE-13DEB540.pf - deleted C:\WINDOWS\Prefetch\DEMO32.EXE-0D453361.pf - deleted C:\WINDOWS\Prefetch\DESKBAR.EXE-38CDF805.pf - deleted C:\WINDOWS\Prefetch\DESKBAR_E26.EXE-143A6A98.pf - deleted C:\WINDOWS\Prefetch\DEX.EXE-091EC5C9.pf - deleted C:\WINDOWS\Prefetch\DFNDRFF_E26.EXE-19F89F34.pf - deleted C:\WINDOWS\Prefetch\DFNDRFF_E27.EXE-35063E7E.pf - deleted C:\WINDOWS\Prefetch\DISKCLEANER.EXE-015A6E3D.pf - deleted C:\WINDOWS\Prefetch\DKILL.EXE-395FCEE0.pf - deleted C:\WINDOWS\Prefetch\DOTNETCHK.EXE-295466EC.pf - deleted C:\WINDOWS\Prefetch\DOTNETFX.EXE-1B3BBE66.pf - deleted C:\WINDOWS\Prefetch\DREVE.EXE-0666DF36.pf - deleted C:\WINDOWS\Prefetch\DRPEP.EXE-08A0EE40.pf - deleted C:\WINDOWS\Prefetch\DRSMARTLOAD.EXE-113D05CC.pf - deleted C:\WINDOWS\Prefetch\DRSMARTLOAD45A45A45S.EXE-27ECCF4D.pf - deleted C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf - deleted C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf - deleted C:\WINDOWS\Prefetch\DXDLLREG.EXE-2C92F6EA.pf - deleted C:\WINDOWS\Prefetch\DXSETUP.EXE-3814788D.pf - deleted C:\WINDOWS\Prefetch\ECRECVR.EXE-036FD039.pf - deleted C:\WINDOWS\Prefetch\EIRECVR.EXE-2BCF7113.pf - deleted C:\WINDOWS\Prefetch\ERASEME_00041.EXE-141EAC0E.pf - deleted C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf - deleted C:\WINDOWS\Prefetch\FFMPEG.EXE-1B3CB241.pf - deleted C:\WINDOWS\Prefetch\FIREFOX.EXE-1D57670A.pf - deleted C:\WINDOWS\Prefetch\FTP.EXE-0FFFB5A3.pf - deleted C:\WINDOWS\Prefetch\G6362_V1[1].15C DRIVER.EXE-0B828240.pf - deleted C:\WINDOWS\Prefetch\GOOGLEVIDEOPLAYER.EXE-3127B875.pf - deleted C:\WINDOWS\Prefetch\GOOGLEVIDEOPLAYERSETUP.EXE-097E07D7.pf - deleted C:\WINDOWS\Prefetch\GTA_SA.EXE-32F0320A.pf - deleted C:\WINDOWS\Prefetch\GUARDGUI.EXE-1BD45C30.pf - deleted C:\WINDOWS\Prefetch\IDRIVER.EXE-01082F70.pf - deleted C:\WINDOWS\Prefetch\IEXPLORE.EXE-2CA9778D.pf - deleted C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf - deleted C:\WINDOWS\Prefetch\INSTALL.EXE-0EAC8F48.pf - deleted C:\WINDOWS\Prefetch\INSTALL.EXE-304A1687.pf - deleted C:\WINDOWS\Prefetch\IPCONFIG.EXE-2395F30B.pf - deleted C:\WINDOWS\Prefetch\IS-QH8CK.TMP-130975EB.pf - deleted C:\WINDOWS\Prefetch\ISIGNUP.EXE-2E22845F.pf - deleted C:\WINDOWS\Prefetch\KB754830.EXE-393E0BE8.pf - deleted C:\WINDOWS\Prefetch\KQ72.EXE-37D4D29C.pf - deleted C:\WINDOWS\Prefetch\KQ82.EXE-2143AD05.pf - deleted C:\WINDOWS\Prefetch\KYBRDFF_E26.EXE-2887FFF5.pf - deleted C:\WINDOWS\Prefetch\Layout.ini - deleted C:\WINDOWS\Prefetch\LOGON.SCR-151EFAEA.pf - deleted C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf - deleted C:\WINDOWS\Prefetch\MKBNVF.EXE-03E3ACB1.pf - deleted C:\WINDOWS\Prefetch\MMC.EXE-15688AA5.pf - deleted C:\WINDOWS\Prefetch\MOVIE MAKER.EXE-39E39899.pf - deleted C:\WINDOWS\Prefetch\MSCORSVW.EXE-1BF30400.pf - deleted C:\WINDOWS\Prefetch\MSIEXEC.EXE-2F8A8CAE.pf - deleted C:\WINDOWS\Prefetch\MTE3NDI6ODOXNGNEW.EXE-0CD90C43.pf - deleted C:\WINDOWS\Prefetch\MTE3NDI6ODOXNGV2.EXE-1F672E49.pf - deleted C:\WINDOWS\Prefetch\MXS.EXE-0111C0D6.pf - deleted C:\WINDOWS\Prefetch\NDETECT.EXE-38C3701D.pf - deleted C:\WINDOWS\Prefetch\NETMON.EXE-397BEF2D.pf - deleted C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf - deleted C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf - deleted C:\WINDOWS\Prefetch\NTVDM.EXE-1A10A423.pf - deleted C:\WINDOWS\Prefetch\NWNMFF_E26.EXE-1EE9151F.pf - deleted C:\WINDOWS\Prefetch\ONECLICKMAINTENANCE.EXE-1D493D41.pf - deleted C:\WINDOWS\Prefetch\PCL1D.TMP-074077F4.pf - deleted C:\WINDOWS\Prefetch\PREUPD.EXE-358AA1C1.pf - deleted C:\WINDOWS\Prefetch\PRO3_INSTALL.EXE-050C59B9.pf - deleted C:\WINDOWS\Prefetch\PSPVIDEO9.EXE-12FF9F09.pf - deleted C:\WINDOWS\Prefetch\QFUJCJSF.EXE-058EFC71.pf - deleted C:\WINDOWS\Prefetch\RASMED.EXE-1C1A4E7B.pf - deleted C:\WINDOWS\Prefetch\REGISTRYCLEANER.EXE-2ACFEEF7.pf - deleted C:\WINDOWS\Prefetch\RMSYRUP.EXE-1E44A798.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-1C5AF7EC.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-20E92A14.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-2841539D.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-2905B29C.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-445649BB.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-459D42A0.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-4A1389BE.pf - deleted C:\WINDOWS\Prefetch\RUNDLL32.EXE-4B6E5C7E.pf - deleted C:\WINDOWS\Prefetch\RUNONCE.EXE-2803F297.pf - deleted C:\WINDOWS\Prefetch\SCHED.EXE-236A886F.pf - deleted C:\WINDOWS\Prefetch\SERASER.EXE-13FE858A.pf - deleted C:\WINDOWS\Prefetch\SET4.TMP-00BE688C.pf - deleted C:\WINDOWS\Prefetch\SETUP.EXE-1E4FA1E7.pf - deleted C:\WINDOWS\Prefetch\SETUP.EXE-393E66AE.pf - deleted C:\WINDOWS\Prefetch\SETUP_11806.EXE-0768D48D.pf - deleted C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf - deleted C:\WINDOWS\Prefetch\SYSTEMOPTIMIZER.EXE-191231CF.pf - deleted C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf - deleted C:\WINDOWS\Prefetch\TFTP.EXE-2FB50BCA.pf - deleted C:\WINDOWS\Prefetch\UPDATE-PATCH.EXE-12967BB1.pf - deleted C:\WINDOWS\Prefetch\UPDATE.EXE-13D57D76.pf - deleted C:\WINDOWS\Prefetch\USB TO IDE BRIDGE(ANT 6390) G-3A7B4C38.pf - deleted C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf - deleted C:\WINDOWS\Prefetch\VERSATEL.EXE-3377629E.pf - deleted C:\WINDOWS\Prefetch\WACKY.EXE-0CE331EB.pf - deleted C:\WINDOWS\Prefetch\WACKY32.EXE-068F6E73.pf - deleted C:\WINDOWS\Prefetch\WDFMGR.EXE-2CF4013B.pf - deleted C:\WINDOWS\Prefetch\WINDVD.EXE-01AC55D2.pf - deleted C:\WINDOWS\Prefetch\WINHLP32.EXE-2C18E975.pf - deleted C:\WINDOWS\Prefetch\WINWORD.EXE-3395695A.pf - deleted C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf - deleted C:\WINDOWS\Prefetch\WMPLAYER.EXE-09969332.pf - deleted C:\WINDOWS\Prefetch\WMPLAYER.EXE-09969338.pf - deleted C:\WINDOWS\Prefetch\WMPLAYER.EXE-1D2F70DE.pf - deleted C:\WINDOWS\Prefetch\WMPLAYER.EXE-1D2F70E4.pf - deleted C:\WINDOWS\Prefetch\WMPLAYER.EXE-1D2F70E6.pf - deleted C:\WINDOWS\Prefetch\WSUPDATE.EXE-20C4AEA5.pf - deleted C:\WINDOWS\Prefetch\WU.EXE-053D8589.pf - deleted C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf - deleted C:\WINDOWS\Prefetch\XCOMMSVR.EXE-30670485.pf - deleted C:\WINDOWS\Prefetch\_INS0432._MP-2C5EC704.pf - deleted 'Run MRU' list - removed from the registry. 'Doc Find Spec MRU' list - removed from the registry. 'FindComputerMRU' list - removed from the registry. 'ComputerNameMRU' list - removed from the registry. 'ContainingTextMRU' list - removed from the registry. 'FilesNamedMRU' list - removed from the registry. Search Assistant MRU list - removed from the registry. Explorer Open/Save MRU list - removed from the registry. Explorer Last Visited MRU list - removed from the registry. Paint Recent File List - removed from the registry. WordPad Recent File List - removed from the registry. Telnet's MRU list - removed from the registry. Windows Media Player Recent File List - removed from the registry. WinZip Extract MRU list - removed from the registry. WinZip File MRU list - removed from the registry. CleanUp! 4.5.2 recovered 11.9 MB of disk space from 992 files. CleanUp! finished on 10/17/06 15:40:25. datfind.bat: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\WINDOWS 17.10.2006 15:21 0 0.log 17.10.2006 15:21 1.646.608 WindowsUpdate.log 17.10.2006 15:21 159 wiadebug.log 17.10.2006 15:21 50 wiaservc.log 17.10.2006 15:20 2.048 bootstat.dat 16.10.2006 20:39 32.568 SchedLgU.Txt 14.10.2006 22:39 792 win.ini 14.10.2006 22:39 227 system.ini 14.10.2006 22:14 186.956 setupact.log 14.10.2006 13:11 593.074 setupapi.log 13.10.2006 18:34 1.444 COM+.log 11.10.2006 18:47 38.773 wmsetup.log 11.10.2006 18:47 447 wmsetup10.log 11.10.2006 18:26 152.767 Directx.log 11.10.2006 09:57 80.384 eiRecvr.exe 07.10.2006 21:11 316.640 WMSysPr9.prx 07.10.2006 20:13 25 SIERRA.INI 07.10.2006 19:19 10.783 cdplayer.ini 28.09.2006 16:36 13.133 LUINSTALL.LOG 23.09.2006 09:02 3.121 mozver.dat 19.09.2006 13:33 6.092 ModemLog_Bluetooth-Modem.txt 10.09.2006 18:47 8.726 KB835732.log 10.09.2006 18:47 590 xpsp1hfm.log 10.09.2006 18:47 23.660 comsetup.log 10.09.2006 18:47 12.592 ntdtcsetup.log 10.09.2006 18:47 4.630 iis6.log 10.09.2006 18:47 17.777 tsoc.log 10.09.2006 18:47 1.374 imsins.log 10.09.2006 18:47 1.913 ocmsn.log 10.09.2006 18:47 27.798 ocgen.log 10.09.2006 18:47 2.098 msgsocm.log 10.09.2006 18:47 36.269 FaxSetup.log 04.09.2006 11:56 62.438 aolsoftware.exe 04.09.2006 08:37 7.066 KB899587.log 04.09.2006 08:37 7.440 KB885835.log 04.09.2006 08:21 31 wwwbatch.ini 04.09.2006 08:21 1.229 Versatel.log 27.08.2006 12:43 336 nt24.dll 27.08.2006 09:23 400 ODBC.INI 26.08.2006 23:09 1.671.144 setupapi.log.0.old 26.08.2006 11:33 0 nsreg.dat 24.08.2006 21:23 1.392 Windows Update.log 23.08.2006 19:55 0 Sti_Trace.log 23.08.2006 19:53 1.348 regopt.log 23.08.2006 19:52 0 setuperr.log 23.08.2006 19:11 829 OEWABLog.txt 23.08.2006 19:08 8.192 REGLOCS.OLD 23.08.2006 19:05 0 control.ini 23.08.2006 19:05 299.552 WMSysPrx.prx 23.08.2006 19:05 4.161 ODBCINST.INI 23.08.2006 19:04 749 WindowsShell.Manifest 23.08.2006 19:02 36 vb.ini 23.08.2006 19:02 37 vbaddin.ini 23.08.2006 19:02 128 DtcInstall.log 23.08.2006 19:02 1.060 sessmgr.setup.log 09.12.2005 15:35 245.824 Instexec.exe 21.06.2004 10:52 84.256 Init.wbc 23.03.2004 21:28 119.923 Versatel_UTIL.exe 13.01.2004 13 __________ ------------- BigF |
|
|
|
|
|
|
17.10.2006, 16:54
Ehrenmitglied
Beiträge: 29434 |
#8
1.
wende oben den Avenger an 2. dann wende dieses script an Avenger Zitat Files to delete:** poste noch mal die 6 logs von datfindbat ** Download vom Antivirus zulassen: ServiceFilter.zip http://virus-protect.org/artikel/tools/ServiceFilter.zip - entzippen - doppelklick auf die datei ServiceFilter.vbs - versions-nummer bestätigen - scannen - öffnen von wordpad oder editor erlauben - POST_THIS.TXT abkopieren __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
17.10.2006, 19:18
Member
Themenstarter Beiträge: 22 |
#9
hier ist das 1. log von avenger
Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\bffdhatk ******************* Script file located at: \??\C:\WINDOWS\System32\gcgfnejm.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETWORK_MONITOR\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETWORK_MONITOR\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_NETWORK_MONITOR\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Network Monitor not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Network Monitor failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Network Monitor Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NETWORK_MONITOR\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NETWORK_MONITOR\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NETWORK_MONITOR\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Network Monitor not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Network Monitor failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Network Monitor Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_NETWORK_MONITOR\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_NETWORK_MONITOR\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_NETWORK_MONITOR\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Network Monitor not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Network Monitor failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Network Monitor Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Network Monitor not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Network Monitor failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Network Monitor Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDSERVICE\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDSERVICE\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_CMDSERVICE\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdService not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdService failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdService Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CMDSERVICE\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CMDSERVICE\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_CMDSERVICE\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cmdService not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cmdService failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\cmdService Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CMDSERVICE\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CMDSERVICE\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_CMDSERVICE\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\cmdService not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\cmdService failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\cmdService Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_CMDSERVICE\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdService not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdService failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdService Status: 0xc0000034 File C:\Windows\system32\config\rmsyrup.exe not found! Deletion of file C:\Windows\system32\config\rmsyrup.exe failed! Could not process line: C:\Windows\system32\config\rmsyrup.exe Status: 0xc0000034 File C:\Windows\system32\is941.exe not found! Deletion of file C:\Windows\system32\is941.exe failed! Could not process line: C:\Windows\system32\is941.exe Status: 0xc0000034 File C:\kybrdff_e29.exe not found! Deletion of file C:\kybrdff_e29.exe failed! Could not process line: C:\kybrdff_e29.exe Status: 0xc0000034 File C:\kybrdff_e28.exe not found! Deletion of file C:\kybrdff_e28.exe failed! Could not process line: C:\kybrdff_e28.exe Status: 0xc0000034 File C:\MTE3NDI6ODoxNg.exe not found! Deletion of file C:\MTE3NDI6ODoxNg.exe failed! Could not process line: C:\MTE3NDI6ODoxNg.exe Status: 0xc0000034 File C:\deskbar_e29.exe not found! Deletion of file C:\deskbar_e29.exe failed! Could not process line: C:\deskbar_e29.exe Status: 0xc0000034 File C:\drsmartload.exe not found! Deletion of file C:\drsmartload.exe failed! Could not process line: C:\drsmartload.exe Status: 0xc0000034 File C:\pro3_install.exe not found! Deletion of file C:\pro3_install.exe failed! Could not process line: C:\pro3_install.exe Status: 0xc0000034 File C:\wacky32.exe not found! Deletion of file C:\wacky32.exe failed! Could not process line: C:\wacky32.exe Status: 0xc0000034 File C:\nwnmff_e28.exe not found! Deletion of file C:\nwnmff_e28.exe failed! Could not process line: C:\nwnmff_e28.exe Status: 0xc0000034 File C:\dfndrff_e29.exe not found! Deletion of file C:\dfndrff_e29.exe failed! Could not process line: C:\dfndrff_e29.exe Status: 0xc0000034 File C:\nwnmff_e27.exe not found! Deletion of file C:\nwnmff_e27.exe failed! Could not process line: C:\nwnmff_e27.exe Status: 0xc0000034 File C:\dfndrff_e27.exe not found! Deletion of file C:\dfndrff_e27.exe failed! Could not process line: C:\dfndrff_e27.exe Status: 0xc0000034 File C:\deskbar.exe not found! Deletion of file C:\deskbar.exe failed! Could not process line: C:\deskbar.exe Status: 0xc0000034 File C:\WINDOWS\Temp\removalfile.bat not found! Deletion of file C:\WINDOWS\Temp\removalfile.bat failed! Could not process line: C:\WINDOWS\Temp\removalfile.bat Status: 0xc0000034 File C:\WINDOWS\Temp\cmdinst.exe not found! Deletion of file C:\WINDOWS\Temp\cmdinst.exe failed! Could not process line: C:\WINDOWS\Temp\cmdinst.exe Status: 0xc0000034 File C:\WINDOWS\Temp\del.bat not found! Deletion of file C:\WINDOWS\Temp\del.bat failed! Could not process line: C:\WINDOWS\Temp\del.bat Status: 0xc0000034 File C:\WINDOWS\system32\dccdd.ini not found! Deletion of file C:\WINDOWS\system32\dccdd.ini failed! Could not process line: C:\WINDOWS\system32\dccdd.ini Status: 0xc0000034 File C:\WINDOWS\system32\rqrppmj.dll not found! Deletion of file C:\WINDOWS\system32\rqrppmj.dll failed! Could not process line: C:\WINDOWS\system32\rqrppmj.dll Status: 0xc0000034 File C:\WINDOWS\system32\cbxvurr.dll not found! Deletion of file C:\WINDOWS\system32\cbxvurr.dll failed! Could not process line: C:\WINDOWS\system32\cbxvurr.dll Status: 0xc0000034 File C:\WINDOWS\system32\ddcdbxy.dll not found! Deletion of file C:\WINDOWS\system32\ddcdbxy.dll failed! Could not process line: C:\WINDOWS\system32\ddcdbxy.dll Status: 0xc0000034 File C:\WINDOWS\system32\wu.exe not found! Deletion of file C:\WINDOWS\system32\wu.exe failed! Could not process line: C:\WINDOWS\system32\wu.exe Status: 0xc0000034 File C:\WINDOWS\system32\wlouzg.bat not found! Deletion of file C:\WINDOWS\system32\wlouzg.bat failed! Could not process line: C:\WINDOWS\system32\wlouzg.bat Status: 0xc0000034 File C:\WINDOWS\system32\iitz.exe not found! Deletion of file C:\WINDOWS\system32\iitz.exe failed! Could not process line: C:\WINDOWS\system32\iitz.exe Status: 0xc0000034 File C:\WINDOWS\system32\MSDHCP32.exe not found! Deletion of file C:\WINDOWS\system32\MSDHCP32.exe failed! Could not process line: C:\WINDOWS\system32\MSDHCP32.exe Status: 0xc0000034 File C:\WINDOWS\system32\aaa00000.sys not found! Deletion of file C:\WINDOWS\system32\aaa00000.sys failed! Could not process line: C:\WINDOWS\system32\aaa00000.sys Status: 0xc0000034 File C:\WINDOWS\system32\fjjzlop.bat not found! Deletion of file C:\WINDOWS\system32\fjjzlop.bat failed! Could not process line: C:\WINDOWS\system32\fjjzlop.bat Status: 0xc0000034 File C:\WINDOWS\system32\mkbnvf.exe not found! Deletion of file C:\WINDOWS\system32\mkbnvf.exe failed! Could not process line: C:\WINDOWS\system32\mkbnvf.exe Status: 0xc0000034 File C:\WINDOWS\system32\i not found! Deletion of file C:\WINDOWS\system32\i failed! Could not process line: C:\WINDOWS\system32\i Status: 0xc0000034 File C:\WINDOWS\system32\mxs.exe not found! Deletion of file C:\WINDOWS\system32\mxs.exe failed! Could not process line: C:\WINDOWS\system32\mxs.exe Status: 0xc0000034 File C:\WINDOWS\system32\ukv195d1.sys not found! Deletion of file C:\WINDOWS\system32\ukv195d1.sys failed! Could not process line: C:\WINDOWS\system32\ukv195d1.sys Status: 0xc0000034 File C:\WINDOWS\system32\TFTP6316 not found! Deletion of file C:\WINDOWS\system32\TFTP6316 failed! Could not process line: C:\WINDOWS\system32\TFTP6316 Status: 0xc0000034 File C:\WINDOWS\system32\amcompat.tlb not found! Deletion of file C:\WINDOWS\system32\amcompat.tlb failed! Could not process line: C:\WINDOWS\system32\amcompat.tlb Status: 0xc0000034 File C:\WINDOWS\system32\nscompat.tlb not found! Deletion of file C:\WINDOWS\system32\nscompat.tlb failed! Could not process line: C:\WINDOWS\system32\nscompat.tlb Status: 0xc0000034 File C:\WINDOWS\system32\setup_04871.exe not found! Deletion of file C:\WINDOWS\system32\setup_04871.exe failed! Could not process line: C:\WINDOWS\system32\setup_04871.exe Status: 0xc0000034 File C:\WINDOWS\system32\TFTP3088 not found! Deletion of file C:\WINDOWS\system32\TFTP3088 failed! Could not process line: C:\WINDOWS\system32\TFTP3088 Status: 0xc0000034 File C:\WINDOWS\system32\setup_06106.exe not found! Deletion of file C:\WINDOWS\system32\setup_06106.exe failed! Could not process line: C:\WINDOWS\system32\setup_06106.exe Status: 0xc0000034 File C:\WINDOWS\system32\dccdd.bak2 not found! Deletion of file C:\WINDOWS\system32\dccdd.bak2 failed! Could not process line: C:\WINDOWS\system32\dccdd.bak2 Status: 0xc0000034 File C:\WINDOWS\system32\setup_88852.exe not found! Deletion of file C:\WINDOWS\system32\setup_88852.exe failed! Could not process line: C:\WINDOWS\system32\setup_88852.exe Status: 0xc0000034 File C:\WINDOWS\system32\efcyaxv.dll not found! Deletion of file C:\WINDOWS\system32\efcyaxv.dll failed! Could not process line: C:\WINDOWS\system32\efcyaxv.dll Status: 0xc0000034 File C:\WINDOWS\system32\setup_65802.exe not found! Deletion of file C:\WINDOWS\system32\setup_65802.exe failed! Could not process line: C:\WINDOWS\system32\setup_65802.exe Status: 0xc0000034 File C:\WINDOWS\system32\idkuyfxm.exe not found! Deletion of file C:\WINDOWS\system32\idkuyfxm.exe failed! Could not process line: C:\WINDOWS\system32\idkuyfxm.exe Status: 0xc0000034 File C:\WINDOWS\system32\dccdd.bak1 not found! Deletion of file C:\WINDOWS\system32\dccdd.bak1 failed! Could not process line: C:\WINDOWS\system32\dccdd.bak1 Status: 0xc0000034 File C:\WINDOWS\system32\ddccd.dll not found! Deletion of file C:\WINDOWS\system32\ddccd.dll failed! Could not process line: C:\WINDOWS\system32\ddccd.dll Status: 0xc0000034 File C:\WINDOWS\system32\atmtd.dll not found! Deletion of file C:\WINDOWS\system32\atmtd.dll failed! Could not process line: C:\WINDOWS\system32\atmtd.dll Status: 0xc0000034 File C:\WINDOWS\system32\atmtd.dll._ not found! Deletion of file C:\WINDOWS\system32\atmtd.dll._ failed! Could not process line: C:\WINDOWS\system32\atmtd.dll._ Status: 0xc0000034 File C:\WINDOWS\system32\printsvc.inf not found! Deletion of file C:\WINDOWS\system32\printsvc.inf failed! Could not process line: C:\WINDOWS\system32\printsvc.inf Status: 0xc0000034 File C:\WINDOWS\system32\bmjrfxy.bat not found! Deletion of file C:\WINDOWS\system32\bmjrfxy.bat failed! Could not process line: C:\WINDOWS\system32\bmjrfxy.bat Status: 0xc0000034 File C:\WINDOWS\system32\kqiqedfp.exe not found! Deletion of file C:\WINDOWS\system32\kqiqedfp.exe failed! Could not process line: C:\WINDOWS\system32\kqiqedfp.exe Status: 0xc0000034 File C:\WINDOWS\system32\TFTP4768 not found! Deletion of file C:\WINDOWS\system32\TFTP4768 failed! Could not process line: C:\WINDOWS\system32\TFTP4768 Status: 0xc0000034 File C:\WINDOWS\system32\TFTP4812 not found! Deletion of file C:\WINDOWS\system32\TFTP4812 failed! Could not process line: C:\WINDOWS\system32\TFTP4812 Status: 0xc0000034 File C:\WINDOWS\system32\setup_56700.exe not found! Deletion of file C:\WINDOWS\system32\setup_56700.exe failed! Could not process line: C:\WINDOWS\system32\setup_56700.exe Status: 0xc0000034 File C:\WINDOWS\system32\setup_56332.exe not found! Deletion of file C:\WINDOWS\system32\setup_56332.exe failed! Could not process line: C:\WINDOWS\system32\setup_56332.exe Status: 0xc0000034 File C:\WINDOWS\system32\TFTP5148 not found! Deletion of file C:\WINDOWS\system32\TFTP5148 failed! Could not process line: C:\WINDOWS\system32\TFTP5148 Status: 0xc0000034 File C:\WINDOWS\system32\TFTP3892 not found! Deletion of file C:\WINDOWS\system32\TFTP3892 failed! Could not process line: C:\WINDOWS\system32\TFTP3892 Status: 0xc0000034 File C:\WINDOWS\system32\setup_34577.exe not found! Deletion of file C:\WINDOWS\system32\setup_34577.exe failed! Could not process line: C:\WINDOWS\system32\setup_34577.exe Status: 0xc0000034 File C:\WINDOWS\system32\TFTP3840 not found! Deletion of file C:\WINDOWS\system32\TFTP3840 failed! Could not process line: C:\WINDOWS\system32\TFTP3840 Status: 0xc0000034 File C:\WINDOWS\system32\TFTP5368 not found! Deletion of file C:\WINDOWS\system32\TFTP5368 failed! Could not process line: C:\WINDOWS\system32\TFTP5368 Status: 0xc0000034 File C:\WINDOWS\system32\TFTP2304 not found! Deletion of file C:\WINDOWS\system32\TFTP2304 failed! Could not process line: C:\WINDOWS\system32\TFTP2304 Status: 0xc0000034 File C:\WINDOWS\system32\TFTP2760 not found! Deletion of file C:\WINDOWS\system32\TFTP2760 failed! Could not process line: C:\WINDOWS\system32\TFTP2760 Status: 0xc0000034 File C:\WINDOWS\system32\k.exe not found! Deletion of file C:\WINDOWS\system32\k.exe failed! Could not process line: C:\WINDOWS\system32\k.exe Status: 0xc0000034 File C:\WINDOWS\system32\TFTP1360 not found! Deletion of file C:\WINDOWS\system32\TFTP1360 failed! Could not process line: C:\WINDOWS\system32\TFTP1360 Status: 0xc0000034 File C:\WINDOWS\system32\MediaReveal.dll not found! Deletion of file C:\WINDOWS\system32\MediaReveal.dll failed! Could not process line: C:\WINDOWS\system32\MediaReveal.dll Status: 0xc0000034 File C:\WINDOWS\system32\zdjfg.exe not found! Deletion of file C:\WINDOWS\system32\zdjfg.exe failed! Could not process line: C:\WINDOWS\system32\zdjfg.exe Status: 0xc0000034 File C:\WINDOWS\system32\haeost.exe not found! Deletion of file C:\WINDOWS\system32\haeost.exe failed! Could not process line: C:\WINDOWS\system32\haeost.exe Status: 0xc0000034 File C:\WINDOWS\system32\TFTP232 not found! Deletion of file C:\WINDOWS\system32\TFTP232 failed! Could not process line: C:\WINDOWS\system32\TFTP232 Status: 0xc0000034 File C:\WINDOWS\system32\hngbb.exe not found! Deletion of file C:\WINDOWS\system32\hngbb.exe failed! Could not process line: C:\WINDOWS\system32\hngbb.exe Status: 0xc0000034 File C:\WINDOWS\system32\fzxc.exe not found! Deletion of file C:\WINDOWS\system32\fzxc.exe failed! Could not process line: C:\WINDOWS\system32\fzxc.exe Status: 0xc0000034 File C:\WINDOWS\system32\mgaagq.exe not found! Deletion of file C:\WINDOWS\system32\mgaagq.exe failed! Could not process line: C:\WINDOWS\system32\mgaagq.exe Status: 0xc0000034 File C:\WINDOWS\keyboard1.dat not found! Deletion of file C:\WINDOWS\keyboard1.dat failed! Could not process line: C:\WINDOWS\keyboard1.dat Status: 0xc0000034 File C:\WINDOWS\algs.exe not found! Deletion of file C:\WINDOWS\algs.exe failed! Could not process line: C:\WINDOWS\algs.exe Status: 0xc0000034 File C:\WINDOWS\ecRecvr.exe not found! Deletion of file C:\WINDOWS\ecRecvr.exe failed! Could not process line: C:\WINDOWS\ecRecvr.exe Status: 0xc0000034 File C:\WINDOWS\evRecvr.exe not found! Deletion of file C:\WINDOWS\evRecvr.exe failed! Could not process line: C:\WINDOWS\evRecvr.exe Status: 0xc0000034 File C:\WINDOWS\eiRecvr.exe deleted successfully. File C:\WINDOWS\alrs.exe not found! Deletion of file C:\WINDOWS\alrs.exe failed! Could not process line: C:\WINDOWS\alrs.exe Status: 0xc0000034 File C:\WINDOWS\drsmartload2.dat not found! Deletion of file C:\WINDOWS\drsmartload2.dat failed! Could not process line: C:\WINDOWS\drsmartload2.dat Status: 0xc0000034 File C:\WINDOWS\newname.dat not found! Deletion of file C:\WINDOWS\newname.dat failed! Could not process line: C:\WINDOWS\newname.dat Status: 0xc0000034 File C:\WINDOWS\spoolsv.exe not found! Deletion of file C:\WINDOWS\spoolsv.exe failed! Could not process line: C:\WINDOWS\spoolsv.exe Status: 0xc0000034 File C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temp\ginstall.dll not found! Deletion of file C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temp\ginstall.dll failed! Could not process line: C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temp\ginstall.dll Status: 0xc0000034 File C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temp\_uninsep.bat not found! Deletion of file C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temp\_uninsep.bat failed! Could not process line: C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temp\_uninsep.bat Status: 0xc0000034 File C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temp\~DF6170.tmp not found! Deletion of file C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temp\~DF6170.tmp failed! Could not process line: C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temp\~DF6170.tmp Status: 0xc0000034 Folder C:\WINDOWS\Rmxvcmlhbg not found! Deletion of folder C:\WINDOWS\Rmxvcmlhbg failed! Could not process line: C:\WINDOWS\Rmxvcmlhbg Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Temporary Internet Files\Content.IE5\WTQ7KLM7 deleted successfully. Folder C:\Programme\Deskbar not found! Deletion of folder C:\Programme\Deskbar failed! Could not process line: C:\Programme\Deskbar Status: 0xc0000034 Folder C:\Programme\network monitor not found! Deletion of folder C:\Programme\network monitor failed! Could not process line: C:\Programme\network monitor Status: 0xc0000034 Folder C:\Programme\VSToolbar not found! Deletion of folder C:\Programme\VSToolbar failed! Could not process line: C:\Programme\VSToolbar Status: 0xc0000034 Folder C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\SearchToolbarCorp not found! Deletion of folder C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\SearchToolbarCorp failed! Could not process line: C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\SearchToolbarCorp Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920} not found! Deletion of registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920} failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddccd not found! Deletion of registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddccd failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcyaxv not found! Deletion of registry key HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcyaxv failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\newname not found! Deletion of registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\newname failed! Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\defender not found! Deletion of registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\defender failed! Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate. das 2.log von avenger: Logfile of The Avenger version 1, by Swandog46 Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\enkxojnj ******************* Script file located at: \??\C:\WINDOWS\System32\hukeftjn.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: File C:\Windows\system32\config\drpep.exe not found! Deletion of file C:\Windows\system32\config\drpep.exe failed! Could not process line: C:\Windows\system32\config\drpep.exe Status: 0xc0000034 File C:\Windows\System32\Com\install.bat deleted successfully. File C:\Windows\System32\Com\dreve.exe not found! Deletion of file C:\Windows\System32\Com\dreve.exe failed! Could not process line: C:\Windows\System32\Com\dreve.exe Status: 0xc0000034 File C:\WINDOWS\system32\MediaReveal.dll not found! Deletion of file C:\WINDOWS\system32\MediaReveal.dll failed! Could not process line: C:\WINDOWS\system32\MediaReveal.dll Status: 0xc0000034 File C:\WINDOWS\system32\BCGCB650.dll deleted successfully. File C:\WINDOWS\system32\zdjfg.exe not found! Deletion of file C:\WINDOWS\system32\zdjfg.exe failed! Could not process line: C:\WINDOWS\system32\zdjfg.exe Status: 0xc0000034 File C:\WINDOWS\eiRecvr.exe not found! Deletion of file C:\WINDOWS\eiRecvr.exe failed! Could not process line: C:\WINDOWS\eiRecvr.exe Status: 0xc0000034 File C:\WINDOWS\aolsoftware.exe deleted successfully. File C:\WINDOWS\nt24.dll deleted successfully. Folder C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Jomigo deleted successfully. Completed script processing. ******************* Finished! Terminate. das lag von servicefilter: The script did not recognize the services listed below. This does not mean that they are a problem. To copy the entire contents of this document for posting: At the top of this window click "Edit" then "Select All" Next click "Edit" again then "Copy" Now right click in the forum post box then click "Paste" ######################################## ServiceFilter 1.1 by rand1038 Microsoft Windows XP Home Edition Version: 5.1.2600 Service Pack 1 Okt 17, 2006 18:35:45 ---> Begin Service Listing <--- Unknown Service # 1 Service Name: AntiVirScheduler Display Name: AntiVir PersonalEdition Classic Planer Start Mode: Auto Start Name: LocalSystem Description: Dienst zur Steuerung von AntiVir Prüfaufträgen und ... Service Type: Own Process Path: c:\programme\antivir personaledition classic\sched.exe State: Running Process ID: 1672 Started: Wahr Exit Code: 0 Accept Pause: Wahr Accept Stop: Wahr Unknown Service # 2 Service Name: AntiVirService Display Name: AntiVir PersonalEdition Classic Guard Start Mode: Auto Start Name: LocalSystem Description: Bietet permanenten Schutz vor Viren und Malware mit der AntiVir ... Service Type: Own Process Path: c:\programme\antivir personaledition classic\avguard.exe State: Running Process ID: 152 Started: Wahr Exit Code: 0 Accept Pause: Falsch Accept Stop: Wahr Unknown Service #3 Service Name: aspnet_state Display Name: ASP.NET State Service Start Mode: Manual Start Name: NT AUTHORITY\NetworkService Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, ... Service Type: Own Process Path: c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 1077 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 4 Service Name: btwdins Display Name: Bluetooth Service Start Mode: Auto Start Name: LocalSystem Description: Dient zum Installieren und Entfernen von ... Service Type: Own Process Path: c:\programme\belkin\bluetooth software\bin\btwdins.exe State: Running Process ID: 132 Started: Wahr Exit Code: 0 Accept Pause: Falsch Accept Stop: Wahr Unknown Service # 5 Service Name: ipv7 Display Name: ipv7 Start Mode: Auto Start Name: LocalSystem Description: ipv7... Service Type: Own Process Path: "c:\windows\ipv7.exe" State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 6 Service Name: kq82 Display Name: kq82 Start Mode: Auto Start Name: LocalSystem Description: kq82... Service Type: Own Process Path: "c:\windows\kq82.exe" State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 7 Service Name: LVPrcSrv Display Name: Logitech Process Monitor Start Mode: Auto Start Name: LocalSystem Description: Webcam Effects ... Service Type: Own Process Path: c:\programme\gemeinsame dateien\logitech\lvmvfm\lvprcsrv.exe State: Running Process ID: 1748 Started: Wahr Exit Code: 0 Accept Pause: Falsch Accept Stop: Wahr Unknown Service # 8 Service Name: Microsoft Windows Scheduled Tasker Display Name: Windows Windows Sheduler Start Mode: Auto Start Name: LocalSystem Description: Windows Scheduled ... Service Type: Own Process Path: "c:\windows\eirecvr.exe" State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 9 Service Name: MXS Display Name: MXS(mxs) Start Mode: Auto Start Name: LocalSystem Description: Microsoft system security monitor. If this service is stopped, any service that explicitly depends ... Service Type: Own Process Path: "c:\windows\system32\mxs.exe" State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 10 Service Name: net32b Display Name: Microsoft Windows Internet Connections Manager Start Mode: Auto Start Name: LocalSystem Description: Service in charge of managing your conection between your local area network and your ISP. ... Service Type: Own Process Path: c:\windows\system32\net32b.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch Unknown Service #11 Service Name: ose Display Name: Office Source Engine Start Mode: Manual Start Name: LocalSystem Description: Speichert Installationsdateien, die für Updates und Reparieren verwendet werden, und ist für den ... Service Type: Own Process Path: c:\programme\gemeinsame dateien\microsoft shared\source engine\ose.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 1077 Accept Pause: Falsch Accept Stop: Falsch Unknown Service #12 Service Name: SwPrv Display Name: MS Software Shadow Copy Provider Start Mode: Manual Start Name: LocalSystem Description: Verwaltet Software-basierte Schattenkopien des Volumeschattenkopie-Dienstes. Software-basierte ... Service Type: Own Process Path: c:\windows\system32\dllhost.exe /processid:{d2b9da88-632c-4def-ad3b-ae5e5386a5d6} State: Stopped Process ID: 0 Started: Falsch Exit Code: 1077 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 13 Service Name: TUWinStylerThemeSvc Display Name: TuneUp WinStyler Theme Service Start Mode: Manual Start Name: LocalSystem Description: ... Service Type: Own Process Path: c:\programme\tuneup utilities 2006\winstylerthemesvc.exe State: Stopped Process ID: 0 Started: Falsch Exit Code: 1077 Accept Pause: Falsch Accept Stop: Falsch Unknown Service # 14 Service Name: Windows Als Service Display Name: Microsoft Windows Als Service Start Mode: Auto Start Name: LocalSystem Description: Microsoft Windows Als ... Service Type: Own Process Path: "c:\windows\alrs.exe" State: Stopped Process ID: 0 Started: Falsch Exit Code: 0 Accept Pause: Falsch Accept Stop: Falsch ---> End Service Listing <--- There are 89 Win32 services on this machine. 14 were unrecognized. Script Execution Time: 1,390625 seconds. und von datfind: Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\WINDOWS\Downloaded Program Files 23.08.2006 19:04 65 desktop.ini 22.06.2006 11:41 5.032 swflash.inf 11.08.2004 02:22 3.036 wmv9dmo.inf 20.01.2000 15:25 1.162 Microsoft XML Parser for Java.osd 14.10.1997 18:52 697 DirectAnimation Java Classes.osd 5 Datei(en) 9.992 Bytes 0 Verzeichnis(se), 65.063.460.864 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\ 17.10.2006 18:37 0 sys.txt 17.10.2006 18:37 535 down.txt 17.10.2006 18:37 777 tmp.txt 17.10.2006 18:37 7.500 system.txt 17.10.2006 18:37 635 systemtemp.txt 17.10.2006 18:37 93.105 system32.txt 17.10.2006 18:32 805.306.368 pagefile.sys 14.10.2006 22:39 194 boot.ini 14.10.2006 13:22 233.719 Pict0002.JPG 14.10.2006 13:22 229.976 Pict0001.JPG 23.08.2006 19:05 0 IO.SYS 23.08.2006 19:05 0 AUTOEXEC.BAT 23.08.2006 19:05 0 CONFIG.SYS 23.08.2006 19:05 0 MSDOS.SYS 29.08.2002 14:00 4.952 bootfont.bin 29.08.2002 14:00 235.296 ntldr 29.08.2002 14:00 47.580 NTDETECT.COM 17 Datei(en) 806.160.637 Bytes 0 Verzeichnis(se), 65.063.456.768 Bytes frei Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\WINDOWS 17.10.2006 18:33 0 0.log 17.10.2006 18:33 1.652.614 WindowsUpdate.log 17.10.2006 18:33 159 wiadebug.log 17.10.2006 18:33 50 wiaservc.log 17.10.2006 18:32 2.048 bootstat.dat 17.10.2006 18:31 32.568 SchedLgU.Txt 14.10.2006 22:39 227 system.ini 14.10.2006 22:39 792 win.ini 14.10.2006 22:14 186.956 setupact.log 14.10.2006 13:11 593.074 setupapi.log 13.10.2006 18:34 1.444 COM+.log 11.10.2006 18:47 38.773 wmsetup.log 11.10.2006 18:47 447 wmsetup10.log 11.10.2006 18:26 152.767 Directx.log 07.10.2006 21:11 316.640 WMSysPr9.prx 07.10.2006 20:13 25 SIERRA.INI 07.10.2006 19:19 10.783 cdplayer.ini 28.09.2006 16:36 13.133 LUINSTALL.LOG 23.09.2006 09:02 3.121 mozver.dat 19.09.2006 13:33 6.092 ModemLog_Bluetooth-Modem.txt 10.09.2006 18:47 8.726 KB835732.log 10.09.2006 18:47 590 xpsp1hfm.log 10.09.2006 18:47 23.660 comsetup.log 10.09.2006 18:47 12.592 ntdtcsetup.log 10.09.2006 18:47 4.630 iis6.log 10.09.2006 18:47 1.374 imsins.log 10.09.2006 18:47 17.777 tsoc.log 10.09.2006 18:47 1.913 ocmsn.log 10.09.2006 18:47 27.798 ocgen.log 10.09.2006 18:47 2.098 msgsocm.log 10.09.2006 18:47 36.269 FaxSetup.log Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\WINDOWS\system32 17.10.2006 18:32 54.112 vsconfig.xml 15.10.2006 12:07 4.212 zllictbl.dat 15.10.2006 11:24 5.648 xmrb.exe 15.10.2006 10:39 80.384 setup_26662.exe 11.10.2006 17:54 397.374 perfh009.dat 11.10.2006 17:54 411.168 perfh007.dat 11.10.2006 17:54 60.366 perfc009.dat 11.10.2006 17:54 73.018 perfc007.dat 11.10.2006 17:54 914.316 PerfStringBackup.INI 09.10.2006 21:50 552 d3d8caps.dat 09.10.2006 19:53 2.206 wpa.dbl 07.10.2006 19:24 6.582 lvcoinst.log 23.09.2006 12:34 319.488 lame_enc.dll 23.09.2006 09:02 6.977 jupdate-1.5.0_06-b05.log 22.09.2006 17:41 21.840 SIntfNT.dll 22.09.2006 17:41 17.212 SIntf32.dll 22.09.2006 17:41 12.067 SIntf16.dll 07.09.2006 12:54 57.384 avsda.dll 04.09.2006 11:30 2.953 CONFIG.NT 01.09.2006 00:00 155.648 HDX4AACDecoder.ax 01.09.2006 00:00 237.568 HDX4mp4Source.ax 01.09.2006 00:00 73.728 EmAcmMp3Wrapper.ax 01.09.2006 00:00 151.552 HDX4AMRDecoder.ax 31.08.2006 20:51 135.664 FNTCACHE.DAT 31.08.2006 00:00 504.832 hdx4_dshow.dll 24.08.2006 21:23 0 x_dtrace_log 23.08.2006 23:38 42.920 vsutil_loc0407.dll 23.08.2006 23:38 392.824 vsdatant.sys 23.08.2006 23:38 71.672 zlcommdb.dll 23.08.2006 23:38 83.960 zlcomm.dll 23.08.2006 23:38 100.344 vsxml.dll 23.08.2006 23:38 440.312 vsutil.dll 23.08.2006 23:38 59.384 vswmi.dll 23.08.2006 23:38 268.280 vspubapi.dll 23.08.2006 23:38 71.672 vsregexp.dll 23.08.2006 23:38 157.688 vsinit.dll 23.08.2006 23:38 104.440 vsmonapi.dll 23.08.2006 23:37 83.960 vsdata.dll 23.08.2006 23:37 796.584 libeay32_0.9.6l.dll 23.08.2006 19:59 0 h323log.txt 23.08.2006 19:11 25.065 wmpscheme.xml 23.08.2006 19:08 237 $winnt$.inf 23.08.2006 19:04 488 logonui.exe.manifest __________ ------------- BigF |
|
|
|
|
|
|
18.10.2006, 00:37
Ehrenmitglied
Beiträge: 29434 |
#10
Avenger
Zitat registry keys to delete:____________________ 1. klick Start -> Ausführen>> schreibe rein: Services.msc und Klick OK! "Eigenschaften" >> klick "Stop" >> Starttyp "deaktiviert" ++ Service Name: Windows Als Service Display Name: Microsoft Windows Als Service ++ Service Name: net32b Display Name: Microsoft Windows Internet Connections Manager ++ Service Name: MXS Display Name: MXS(mxs) ++ Service Name: Microsoft Windows Scheduled Tasker Display Name: Windows Windows Sheduler ++ Service Name: kq82 Display Name: kq82 ++ Service Name: ipv7 Display Name: ipv7 ----------------------------------------------------------------- 2. Start --> Ausführen --> reinkopieren (wenn eine Fehlermeldung kommt...ignorieren) --> klicke nach jedem O.K. sc delete ipv7 sc delete kq82 sc delete Windows Als Service sc delete Microsoft Windows Scheduled Tasker sc delete MXS sc delete net32b sc delete Windows Als Service ________________________________________________________ 3. Download Registry Search by Bobbi Flekman http://virus-protect.org/artikel/tools/regsearch.html und doppelklicken, um zu starten. in: "Enter search strings" (reinschreiben oder reinkopieren) ipv7 in edit und klicke "Ok". Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) kq82 in edit und klicke "Ok". Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) Microsoft Windows Scheduled Tasker in edit und klicke "Ok". Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) net32b in edit und klicke "Ok". Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) Windows Als Service in edit und klicke "Ok". Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn. in: "Enter search strings" (reinschreiben oder reinkopieren) MXS in edit und klicke "Ok". Notepad wird sich oeffnen -- kopiere den Text ab und poste ihn. __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
18.10.2006, 14:44
Member
Themenstarter Beiträge: 22 |
#11
REGEDIT4
; Registry Search 2.0 by Bobbi Flekman © 2005 ; Version: 2.0.1.0 ; Results at 18.10.2006 14:42:04 for strings: ; 'ipv7' ; 'kq82' ; 'microsoft windows scheduled tasker' ; 'net32b' ; 'windows als service' ; 'mxs' ; Strings excluded from search: ; (None) ; Search in: ; Registry Keys Registry Values Registry Data ; HKEY_LOCAL_MACHINE HKEY_USERS [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FA4BB38C-FAF9-4CCA-9302-D1DD0FE520DB}] @="IMXSchemaDeclHandler" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Slim USB2 Scanner] "UninstallString"="C:\\WINDOWS\\RunUnDrv.exe C:\\WINDOWS\\Twain_32\\SlimU2\\PmxScan.INF DefaultUnInstall.USB.NTX86" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MICROSOFT_WINDOWS_SCHEDULED_TASKER\0000] "Service"="Microsoft Windows Scheduled Tasker" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDOWS_ALS_SERVICE\0000] "Service"="Windows Als Service" "DeviceDesc"="Microsoft Windows Als Service" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Microsoft Windows Scheduled Tasker] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Microsoft Windows Scheduled Tasker\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Microsoft Windows Scheduled Tasker\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Als Service] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Als Service] "DisplayName"="Microsoft Windows Als Service" "Description"="Microsoft Windows Als Service" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Als Service\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Als Service\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_IPV7] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_IPV7\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_IPV7\0000] "Service"="ipv7" "DeviceDesc"="ipv7" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KQ82] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KQ82\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KQ82\0000] "Service"="kq82" "DeviceDesc"="kq82" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_MICROSOFT_WINDOWS_SCHEDULED_TASKER\0000] "Service"="Microsoft Windows Scheduled Tasker" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_MXS] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_MXS\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_MXS\0000] "Service"="MXS" "DeviceDesc"="MXS(mxs)" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NET32B] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NET32B\0000] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NET32B\0000] "Service"="net32b" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINDOWS_ALS_SERVICE\0000] "Service"="Windows Als Service" "DeviceDesc"="Microsoft Windows Als Service" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ipv7] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ipv7] ; Contents of value: ; "c:\windows\ipv7.exe" "ImagePath"=hex(2):22,43,3a,5c,57,49,4e,44,4f,57,53,5c,69,70,76,37,2e,65,78,65,\ 22,00 "DisplayName"="ipv7" "Description"="ipv7" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ipv7\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\kq82] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\kq82] ; Contents of value: ; "c:\windows\kq82.exe" "ImagePath"=hex(2):22,43,3a,5c,57,49,4e,44,4f,57,53,5c,6b,71,38,32,2e,65,78,65,\ 22,00 "DisplayName"="kq82" "Description"="kq82" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\kq82\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Microsoft Windows Scheduled Tasker] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Microsoft Windows Scheduled Tasker\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MXS] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MXS] ; Contents of value: ; "c:\windows\system32\mxs.exe" "ImagePath"=hex(2):22,43,3a,5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,65,6d,33,32,\ 5c,6d,78,73,2e,65,78,65,22,00 "DisplayName"="MXS(mxs)" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MXS\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\net32b] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\net32b] ; Contents of value: ; c:\windows\system32\net32b.exe "ImagePath"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,53,79,73,74,65,6d,33,32,5c,\ 6e,65,74,33,32,62,2e,65,78,65,00 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\net32b\Security] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Windows Als Service] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Windows Als Service] "DisplayName"="Microsoft Windows Als Service" "Description"="Microsoft Windows Als Service" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Windows Als Service\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MICROSOFT_WINDOWS_SCHEDULED_TASKER\0000] "Service"="Microsoft Windows Scheduled Tasker" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_ALS_SERVICE\0000] "Service"="Windows Als Service" "DeviceDesc"="Microsoft Windows Als Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft Windows Scheduled Tasker] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft Windows Scheduled Tasker\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft Windows Scheduled Tasker\Enum] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Als Service] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Als Service] "DisplayName"="Microsoft Windows Als Service" "Description"="Microsoft Windows Als Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Als Service\Security] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Als Service\Enum] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws\www] [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws] [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws\www] [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws] [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws\www] [HKEY_USERS\S-1-5-21-2052111302-1770027372-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "b"="sc delete ipv7\\1" "c"="sc delete kq82\\1" "d"="sc delete Windows Als Service\\1" "e"="sc delete Microsoft Windows Scheduled Tasker\\1" "f"="sc delete MXS\\1" "g"="sc delete net32b\\1" [HKEY_USERS\S-1-5-21-2052111302-1770027372-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws] [HKEY_USERS\S-1-5-21-2052111302-1770027372-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws\www] [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws] [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\streamxs.ws\www] ; End Of The Log... __________ ------------- BigF |
|
|
|
|
|
|
18.10.2006, 15:01
Ehrenmitglied
Beiträge: 29434 |
#12
Zitat registry keys to delete:poste den report vom avenger, nach neustart __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
18.10.2006, 15:36
Member
Themenstarter Beiträge: 22 |
#13
Logfile of The Avenger version 1, by Swandog46
Running from registry key: \Registry\Machine\System\CurrentControlSet\Services\yxlwuplk ******************* Script file located at: \??\C:\Program Files\ulmkjxqj.txt Script file opened successfully. Script file read successfully Backups directory opened successfully at C:\Avenger ******************* Beginning to process script file: Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_MICROSOFT_WINDOWS_SCHEDULED_TASKER\0000 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WINDOWS_ALS_SERVICE\0000 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Microsoft Windows Scheduled Tasker deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Windows Als Service deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_IPV7 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_IPV7\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_IPV7\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_IPV7\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_KQ82 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_MICROSOFT_WINDOWS_SCHEDULED_TASKER\0000 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_MXS deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_NET32B deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WINDOWS_ALS_SERVICE\0000 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ipv7 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\kq82 deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Microsoft Windows Scheduled Tasker deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MXS deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\net32b deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Windows Als Service deleted successfully. Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MICROSOFT_WINDOWS_SCHEDULED_TASKER\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MICROSOFT_WINDOWS_SCHEDULED_TASKER\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MICROSOFT_WINDOWS_SCHEDULED_TASKER\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_ALS_SERVICE\0000 not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_ALS_SERVICE\0000 failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WINDOWS_ALS_SERVICE\0000 Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft Windows Scheduled Tasker not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft Windows Scheduled Tasker failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Microsoft Windows Scheduled Tasker Status: 0xc0000034 Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Als Service not found! Deletion of registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Als Service failed! Could not process line: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Windows Als Service Status: 0xc0000034 File C:\WINDOWS\alrs.exe not found! Deletion of file C:\WINDOWS\alrs.exe failed! Could not process line: C:\WINDOWS\alrs.exe Status: 0xc0000034 File C:\WINDOWS\system32\xmrb.exe deleted successfully. File C:\WINDOWS\system32\setup_26662.exe deleted successfully. File C:\WINDOWS\system32\net32b.exe not found! Deletion of file C:\WINDOWS\system32\net32b.exe failed! Could not process line: C:\WINDOWS\system32\net32b.exe Status: 0xc0000034 File C:\WINDOWS\system32\mxs.exe not found! Deletion of file C:\WINDOWS\system32\mxs.exe failed! Could not process line: C:\WINDOWS\system32\mxs.exe Status: 0xc0000034 File C:\WINDOWS\eirecvr.exe not found! Deletion of file C:\WINDOWS\eirecvr.exe failed! Could not process line: C:\WINDOWS\eirecvr.exe Status: 0xc0000034 File C:\WINDOWS\kq82.exe not found! Deletion of file C:\WINDOWS\kq82.exe failed! Could not process line: C:\WINDOWS\kq82.exe Status: 0xc0000034 File C:\WINDOWS\ipv7.exe not found! Deletion of file C:\WINDOWS\ipv7.exe failed! Could not process line: C:\WINDOWS\ipv7.exe Status: 0xc0000034 Completed script processing. ******************* Finished! Terminate. __________ ------------- BigF |
|
|
|
|
|
|
18.10.2006, 15:52
Ehrenmitglied
Beiträge: 29434 |
#14
poste noch mal die 6 logs von datfindbat (3 Monate von jedem...dem Datum nach)
+ arbeite das ab und poste den report (option 1 ) http://virus-protect.org/artikel/tools/adfix.html __________ MfG Sabina rund um die PC-Sicherheit |
|
|
|
|
|
|
18.10.2006, 19:31
Member
Themenstarter Beiträge: 22 |
#15
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: B091-D506 Verzeichnis von C:\WINDOWS 18.10.2006 19:15 0 0.log 18.10.2006 19:14 1.658.620 WindowsUpdate.log 18.10.2006 19:14 50 wiaservc.log 18.10.2006 19:14 157 wiadebug.log 18.10.2006 19:13 2.048 bootstat.dat 18.10.2006 15:49 32.568 SchedLgU.Txt 14.10.2006 22:39 227 system.ini 14.10.2006 22:39 792 win.ini 14.10.2006 22:14 186.956 setupact.log 14.10.2006 13:11 593.074 setupapi.log 13.10.2006 18:34 1.444 COM+.log 11.10.2006 18:47 38.773 wmsetup.log 11.10.2006 18:47 447 wmsetup10.log 11.10.2006 18:26 152.767 Directx.log 07.10.2006 21:11 316.640 WMSysPr9.prx 07.10.2006 20:13 25 SIERRA.INI 07.10.2006 19:19 10.783 cdplayer.ini 28.09.2006 16:36 13.133 LUINSTALL.LOG 23.09.2006 09:02 3.121 mozver.dat 19.09.2006 13:33 6.092 ModemLog_Bluetooth-Modem.txt 10.09.2006 18:47 8.726 KB835732.log 10.09.2006 18:47 590 xpsp1hfm.log 10.09.2006 18:47 23.660 comsetup.log 10.09.2006 18:47 12.592 ntdtcsetup.log 10.09.2006 18:47 4.630 iis6.log 10.09.2006 18:47 1.374 imsins.log 10.09.2006 18:47 17.777 tsoc.log 10.09.2006 18:47 1.913 ocmsn.log 10.09.2006 18:47 27.798 ocgen.log Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\WINDOWS\Downloaded Program Files 23.08.2006 19:04 65 desktop.ini 22.06.2006 11:41 5.032 swflash.inf Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\ 18.10.2006 19:19 0 sys.txt 18.10.2006 19:19 535 down.txt 18.10.2006 19:19 877 tmp.txt 18.10.2006 19:19 7.500 system.txt 18.10.2006 19:19 788 systemtemp.txt 18.10.2006 19:19 93.006 system32.txt 18.10.2006 19:13 805.306.368 pagefile.sys 18.10.2006 15:30 10.258 avenger.txt 14.10.2006 22:39 194 boot.ini 14.10.2006 13:22 233.719 Pict0002.JPG 14.10.2006 13:22 229.976 Pict0001.JPG 23.08.2006 19:05 0 IO.SYS 23.08.2006 19:05 0 AUTOEXEC.BAT 23.08.2006 19:05 0 CONFIG.SYS 23.08.2006 19:05 0 MSDOS.SYS Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\DOKUME~1\Florian\LOKALE~1\Temp 18.10.2006 19:17 32.768 ~DF2552.tmp 18.10.2006 15:40 3.321 jusched.log 18.10.2006 15:06 832 java_install_reg.log 18.10.2006 14:51 34.304 AAXF.tmp 15.10.2006 19:06 939 jupdate1.5.0.xml 15.10.2006 12:16 32.768 ~DF5333.tmp 15.10.2006 12:07 32.768 ~DF4A54.tmp 15.10.2006 11:50 0 WERF.tmp 15.10.2006 11:34 0 WER5.tmp 15.10.2006 11:19 0 WER15.tmp Volume in Laufwerk C: hat keine Bezeichnung. Volumeseriennummer: B091-D506 Verzeichnis von C:\WINDOWS\Temp 18.10.2006 19:13 256 ZLT04b5b.TMP 18.10.2006 19:13 256 ZLT04479.TMP 18.10.2006 15:30 256 ZLT019bb.TMP 18.10.2006 15:30 256 ZLT019b8.TMP 17.10.2006 15:20 256 ZLT043d1.TMP 17.10.2006 15:20 256 ZLT043ce.TMP 16.10.2006 20:27 256 ZLT06106.TMP 16.10.2006 20:27 256 ZLT06103.TMP 16.10.2006 14:25 256 ZLT04b52.TMP 15.10.2006 16:02 256 ZLT04798.TMP 15.10.2006 16:02 256 ZLT04795.TMP 15.10.2006 12:07 256 ZLT0139e.TMP 15.10.2006 12:07 256 ZLT0139b.TMP 13 Datei(en) 3.328 Bytes 0 Verzeichnis(se), 65.040.502.784 Bytes frei Ad-Fix v0.93e by gchris OPTION 1 (Scan) : »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Démarré à : 19:28:58,09 18.10.2006 Executé depuis : C:\Dokumente und Einstellungen\Florian\Desktop Os : Microsoft Windows XP [Version 5.1.2600] »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Recherche de fichier manquant Process.exe Manquant ! -- Téléchargez de nouveau Ad-Fix.zip __________ ------------- BigF |
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ich habe ein paar trojaner auf meinem computer und habe
u.a. schon
antivir,
avast,
bitdefender und
norten antivirus
ausprobiert und keines kann die vieren löschen!
die sind hier:
C:/Windows/system32/
is941.exe
efcgaxv.dll
ddccd.dll
------------------------------------------------------
was das für viren sind weiß ich nicht!
C:/
dfndrff_29
dfndrff_27
drsmartload
nwnmff_27
nwnmff_28
wacky32
C:/Windows/system32/config/rmsyrup.exe
hoffe auf hilfe, danke im vorraus
bigf
PS: gehört zwar nich hier her aber vllt. weiß ja einer ne seite mit treibern für eine externe festplatte bei windows xp
__________
-------------
BigF