Home » Viren, Trojaner & Malware Forum » Instant Access: wie löschen? » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1 2 3 4

Antworten

Instant Access: wie löschen?

01.06.2008, 17:11

Sabina

Ehrenmitglied

Beiträge: 29434

#16 Hallo Merdo00

1.
lösche mit cleaner die temporären Dateien
http://www.ccleaner.de/?protecus.de

2.
mit dem HijackThis löschen ("fixen")
Klicke: "Do a system scan only"
Setze ein Häckchen in das Kästchen vor den genannten Eintrag
und wähle fix checked

Zitat

O2 - BHO: 209789 helper - {5C78E2DB-5AFC-4A3B-9B9F-6AF136562E6F} - C:\WINDOWS\system32\209789\209789.dll (file missing)

O2 - BHO: (no name) - {7C109800-A5D5-438F-9640-18D17E168B88} - C:\Programme\NetProject\sbmdl.dll (file missing)

O4 - HKLM\..\Run: [uwa6pcw] "C:\Programme\Gemeinsame Dateien\WinAntiVirus Pro 2006\uwa6pcw.exe" -c

O4 - HKLM\..\Run: [SDR6U_Check] "C:\Programme\Gemeinsame Dateien\DriveCleaner 2006 Free\sdrmon.exe"

O4 - HKLM\..\Run: [SM_IAN] C:\Programme\AdvancedCleaner Free\ian_monitor.exe

O4 - HKCU\..\Run: [AntiSpywareShield] C:\Program Files\AntiSpywareShield\AntiSpywareShield.exe

O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res

O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Programme\NetProject\scit.exe

O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Dokumente und Einstellungen\Mert\Eigene Dateien\Titan Poker\casino.exe (file missing)

O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Dokumente und Einstellungen\Mert\Eigene Dateien\Titan Poker\casino.exe (file missing)

O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)

O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.iefixgate.com/redirect.php (file missing)

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programme\PartyGaming\PartyPoker\RunApp.exe (file missing)

O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Dokumente und Einstellungen\Mert\Startmenü\Programme\IMVU\Run IMVU.lnk (file missing)

O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://es6-scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab

O22 - SharedTaskScheduler: enviva - {f43bfc6c-47cc-4798-8798-a0721b8ed7ab} - (no file)

3.
PC neustarten

4.
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit "Speichern unter" auf dem Desktop. Gebe bei Dateityp "Alle Dateien" an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint

Zitat

cd\
dir "C:\Dokumente und Einstellungen\Mert\Eigene Dateien" >>files.txt
dir "C:\Dokumente und Einstellungen\All Users\Desktop" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Desktop" >>files.txt
dir "C:\Dokumente und Einstellungen\Mert\Startmenü\Programme" >>files.txt
dir "C:\WINDOWS\Downloaded Program Files" >>files.txt
dir "C:\Programme\Common Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%" >>files.txt
dir "C:\Program Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Temporary Internet Files\Content.IE5" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Temp" >>files.txt
dir "C:\WINDOWS\Temp" >>files.txt
dir "C:\Temp" >>files.txt
dir "C:\Programme" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten" >>files.txt
dir "C:\Programme\Gemeinsame Dateien" >>files.txt
dir "C:\Windows\tasks" >>files.txt
notepad files.txt

5.
wende Windowsscan an + poste den report
http://virus-protect.org/artikel/tools/windowsscan.html

6.
wende Combofix an, klicke die Warnmeldung weg + poste hier den report
http://virus-protect.org/artikel/tools/combofix.html
__________
MfG Sabina

rund um die PC-Sicherheit

01.06.2008, 19:30

Sabina

Ehrenmitglied

Beiträge: 29434

#17 Hallo Merdo00
warum hast du dein Log vom HijackThis zum zweiten mal gepostet?
ich habe dir schon geantwortet...siehe oben - ist fuer dich
__________
MfG Sabina

rund um die PC-Sicherheit

03.06.2008, 01:35

Kawin

...neu hier

Beiträge: 10

#18 Hallo,
Ich bitte um hilfe habe Instant Access
und kann sich nicht löchen
hier ist mein Hijack This Logfie:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:23:33, on 03.06.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programme\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Programme\Ahead\InCD\InCD.exe
C:\Programme\lg_fwupdate\fwupdate.exe
C:\Programme\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\vsnp2std.exe
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\Programme\QuickTime\QTTask.exe
C:\Programme\Microsoft IntelliType Pro\type32.exe
C:\Programme\Microsoft IntelliPoint\point32.exe
C:\Programme\HP\hpcoretech\hpcmpmgr.exe
C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\dokumente und einstellungen\anka & karim\lokale einstellungen\anwendungsdaten\uuuucjji.exe
C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programme\Microsoft Office\Office\OSA.EXE
C:\Programme\HP\Digital Imaging\bin\hpqgalry.exe
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Hijack This\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alice-dsl.de
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alice-dsl.de
R3 - URLSearchHook: Yahoo! Toolbar mit Pop-Up-Blocker - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 81.169.180.144 www.google.de
O1 - Hosts: 81.169.180.144 google.de
O2 - BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Programme\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LGODDFU] C:\Programme\lg_fwupdate\fwupdate.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [type32] "C:\Programme\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programme\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\lnaccess.exe /res
O4 - HKCU\..\Run: [uuuucjji] c:\dokumente und einstellungen\anka & karim\lokale einstellungen\anwendungsdaten\uuuucjji.exe uuuucjji
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft-Indexerstellung.lnk = C:\Programme\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O15 - Trusted Zone: *.windowsupdate.com
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://es6-scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC3E1754-8E87-4C09-B500-56EF3E138402}: NameServer = 213.191.92.87 62.109.123.6
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Programme\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Programme\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7119 bytes

Danke

03.06.2008, 02:33

Sabina

Ehrenmitglied

Beiträge: 29434

#19 Hallo, Kawin

1.
lösche mit cleaner die temporären Dateien
http://www.ccleaner.de/?protecus.de

2.
http://virus-protect.org/artikel/tools/otmoveIt.html
öffne: OTMoveIt.exe
OTMoveIt Kopiere rein: im linken Fenster ,wo steht: Paste List of Files/Folders to Move

Zitat

C:\dokumente und einstellungen\anka & karim\lokale einstellungen\anwendungsdaten\uuuucjji.exe
C:\WINDOWS\system32\lnaccess.exe

Klicke auf den Roten MoveIt!

3.
mit dem HijackThis löschen ("fixen")
Klicke: "Do a system scan only"
Setze ein Häckchen in das Kästchen vor den genannten Eintrag
und wähle fix checked

Zitat

O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\lnaccess.exe /res

O4 - HKCU\..\Run: [uuuucjji] c:\dokumente und einstellungen\anka & karim\lokale einstellungen\anwendungsdaten\uuuucjji.exe uuuucjji

O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - /es6-scripts.dlv4./binaries/egaccess4/egaccess4_1073_em_XP.cab

4.
PC neustarten

5.
Den folgenden Text in den Editor (Start - Zubehör - Editor) kopieren und als listen.bat mit "Speichern unter" auf dem Desktop. Gebe bei Dateityp "Alle Dateien" an. Du solltest jetzt auf dem Desktop diese Datei finden. --> die listen.bat doppelt klicken--> kopiere den Text, der erscheint

Zitat

cd\
dir "C:\WINDOWS\Downloaded Program Files" >>files.txt
dir "C:\Programme\Common Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%" >>files.txt
dir "C:\Program Files" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Temporary Internet Files\Content.IE5" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Temp" >>files.txt
dir "C:\WINDOWS\Temp" >>files.txt
dir "C:\Temp" >>files.txt
dir "C:\Programme" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Lokale Einstellungen\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\%UserName%\Anwendungsdaten" >>files.txt
dir "C:\Dokumente und Einstellungen\All Users\Anwendungsdaten" >>files.txt
dir "C:\Programme\Gemeinsame Dateien" >>files.txt
dir "C:\Windows\tasks" >>files.txt
notepad files.txt

6.
wende Combofix an, klicke die Warnmeldung weg + poste hier den report
http://virus-protect.org/artikel/tools/combofix.html
__________
MfG Sabina

rund um die PC-Sicherheit

03.06.2008, 03:57

Kawin

...neu hier

Beiträge: 10

#20 Hallo Sabina,

Erstmal vielen dank
alles ha geklappt,
hier sind dir Ergibnisse:

Files-Editor:

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\WINDOWS\Downloaded Program Files

16.05.2007 08:22 399 gp.inf
1 Datei(en) 399 Bytes
0 Verzeichnis(se), 14.468.403.200 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Programme

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Dokumente und Einstellungen\Anka & Karim

03.06.2008 02:47 <DIR> .
03.06.2008 02:47 <DIR> ..
21.03.2008 19:48 <DIR> .DownloadManager
03.06.2008 03:32 <DIR> Desktop
02.06.2008 20:55 <DIR> Eigene Dateien
02.06.2008 00:31 <DIR> Favoriten
23.10.2007 23:10 <DIR> Incomplete
19.01.2008 14:41 <DIR> LimeWire Store Purchased
03.06.2008 03:12 6.815.744 ntuser.dat
20.10.2007 00:13 404.040 ProductContext2350.log
03.06.2008 00:56 <DIR> Startmen
14.10.2007 17:43 <DIR> WINDOWS
2 Datei(en) 7.219.784 Bytes
10 Verzeichnis(se), 14.468.399.104 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temporary Internet Files\Content.IE5

Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp

03.06.2008 03:16 <DIR> .
03.06.2008 03:16 <DIR> ..
27.05.2008 22:30 55.808 1034ce.mst
14.10.2007 02:09 71.168 172402.mst
21.03.2008 16:09 73 2C595FF3.TMP
01.04.2008 14:35 100.203 3eananrp.exe
24.03.2008 11:27 14.484 43da_appcompat.txt
09.01.2008 18:35 105.889 516B23.dmp
30.01.2008 15:21 <DIR> 5614406
09.01.2008 18:35 36.654 58eb_appcompat.txt
27.03.2008 21:28 5.268 70cc_appcompat.txt
11.01.2008 22:07 12.756 94af_appcompat.txt
18.12.2007 14:36 71.432 ac00_appcompat.txt
09.01.2008 15:45 36.654 c9f0_appcompat.txt
30.03.2008 11:13 224 ccc3_appcompat.txt
23.12.2007 14:46 <DIR> Cddb
03.02.2008 15:27 1.923.290 cdex_151.zip
21.11.2001 15:57 24.576 closedbgout.exe
11.04.2008 11:44 <DIR> Div10.tmp
02.06.2008 14:52 0 dotneterrorlog11.txt
02.06.2008 14:52 8.243 dotneteventlog11.txt
28.03.2008 20:23 492.314 DPE.DUS
07.01.2008 18:57 6.222.376 DWPUpgradeInstaller.exe
09.01.2008 15:45 102.196 EBEFB8.dmp
17.10.2002 11:19 28.672 enableirsocketutil.exe - http://www.k700-forum.de/thread.php?threadid=14004 - Sony Ericsson\Mobile
27.04.2008 11:15 10.191.260 flaA9.tmp
27.04.2008 12:12 92.600 flaAA.tmp
21.05.2008 13:49 137.568 font1.ttf
21.05.2008 13:49 129.676 font1b.ttf
26.05.2008 22:11 <DIR> GGS18.tmp
03.02.2008 21:49 1.000.034 hpodvd09.log
23.11.2007 20:49 <DIR> IXP000.TMP
14.05.2008 15:35 1.124 java_install_reg.log
14.05.2008 15:33 1.034 java_install_sp.log
14.05.2008 15:32 8.265 jinstall.cfg
01.04.2008 14:38 100.203 joexqqzk.exe
03.06.2008 03:19 103.125 jusched.log
27.05.2008 00:36 34 mod15.tmp
20.01.2008 20:38 3.512 tmp.xpi
12.12.2007 15:14 7.067 tmp6.tmp
09.12.2007 04:05 198.190 tmp73.tmp.exe
10.05.2008 15:08 306 tmp79.tmp
10.05.2008 15:08 102 tmp7A.tmp
10.05.2008 15:08 102 tmp7B.tmp
10.05.2008 15:08 102 tmp7C.tmp
10.05.2008 15:08 204 tmp7F.tmp
10.05.2008 15:08 204 tmp82.tmp
10.05.2008 15:09 204 tmp85.tmp
10.05.2008 15:09 204 tmp86.tmp
10.05.2008 15:09 102 tmp87.tmp
10.05.2008 15:09 102 tmp8A.tmp
10.05.2008 15:09 102 tmp8B.tmp
14.03.2008 13:11 184 tunein.gif
27.05.2008 22:44 1.037 TWAIN.LOG
27.05.2008 22:44 3 Twain001.Mtx
27.05.2008 22:44 156 Twunk001.MTX
22.04.2008 13:42 554.110 upd5.tmp.exe
06.12.2005 16:50 36.864 urlcaller.exe
02.06.2008 14:51 <DIR> usmt
28.03.2008 20:24 <DIR> VBE
19.12.2007 20:10 57 wcx13.tmp
18.12.2007 16:01 2.368 wcx23.tmp
21.12.2007 14:40 2.313 wcxC.tmp
18.12.2007 15:57 66 wcxD.tmp
22.12.2007 11:48 3.463 wcxF.tmp
19.12.2007 16:43 <DIR> WER775e.dir00
19.12.2007 17:24 <DIR> WERa59c.dir00
09.01.2008 16:21 <DIR> WERb0fd.dir00
09.01.2008 17:03 <DIR> WLZ14C0.tmp
18.01.2008 13:59 <DIR> WLZ3AB7.tmp
30.05.2008 12:23 4.748 wmplog00.sqm
30.05.2008 12:36 3.012 wmplog01.sqm
30.05.2008 12:38 2.016 wmplog02.sqm
30.05.2008 12:49 1.724 wmplog03.sqm
30.05.2008 12:58 1.680 wmplog04.sqm
30.05.2008 13:04 1.468 wmplog05.sqm
30.05.2008 13:07 1.720 wmplog06.sqm
31.05.2008 02:02 1.996 wmplog07.sqm
03.06.2008 03:14 <DIR> WPDNSE
18.01.2008 13:59 367.112 WT3C.tmp
26.11.2007 22:32 367.112 WT4.tmp
07.04.2008 19:48 367.112 WT56.tmp
25.03.2008 13:23 367.112 WT5F.tmp
27.03.2008 17:14 367.112 WT8.tmp
30.03.2008 11:14 367.112 WTC.tmp
30.03.2008 11:14 367.112 WTD.tmp
09.01.2007 16:09 1.636.376 ycomp_setup.exe
27.05.2008 22:30 <DIR> _is16
31.12.2007 17:41 456.416 _is19.exe
24.05.2006 19:10 455.600 _is3.exe
27.05.2008 22:39 <DIR> _is41
21.03.2008 20:34 <DIR> _PASFX122
29.10.2007 02:53 294.912 _unps.exe
31.12.2007 17:54 <DIR> {1780D9C9-BE48-456C-809B-9CDCA64DABBE}
03.06.2008 02:45 <DIR> {42B5C58C-927E-4883-A8E5-0BCA9846DCFD}
24.03.2008 13:43 1.751 {A8DF8593-F619-47DE-AD27-BCABF233433A}.mif
26.12.2007 15:06 <DIR> {ABDF4C74-C92A-4C8D-9058-37596E26EEEF}
09.02.2008 13:25 817 {AC76BA86-7AD7-1031-7B44-A81000000003}.ini
09.02.2008 13:28 591 {AC76BA86-7AD7-1031-7B44-A81200000003}.ini
31.12.2007 17:43 <DIR> {D5EBECD3-EA9E-48E0-B39D-E8A946F9DCBF}
10.01.2008 01:30 16.384 ~DFFFE8.tmp
27.03.2008 20:43 16.384 ~DFFFF3.tmp
20.01.2008 20:53 <DIR> ~rnsetup
791 Datei(en) 260.947.687 Bytes
32 Verzeichnis(se), 14.468.337.664 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\WINDOWS\Temp

03.06.2008 03:14 <DIR> .
03.06.2008 03:14 <DIR> ..
26.03.2008 15:31 772 DefaultMediaExt.bat
02.06.2008 23:34 <DIR> DefaultPictureExt
02.06.2008 23:34 <DIR> DefaultVideoExt
07.05.2007 22:31 89 devicePathFix.bat
07.05.2007 22:31 474 devicePathFix.reg
23.05.2008 00:51 596 hpzcoi00.log
23.05.2008 00:51 596 hpzcoi01.log
02.06.2008 23:50 596 hpzcoi02.log
02.06.2008 23:50 596 hpzcoi03.log
02.06.2008 01:09 130.580 IMT26.tmp
13.12.2007 13:28 <DIR> LG_FW_Update
21.05.2008 13:49 8 msksetup.log
31.03.2008 15:21 16.384 Perflib_Perfdata_848.dat
03.08.2004 22:58 53.248 reg.exe
02.06.2008 00:34 704 servic000.log
02.06.2008 00:34 704 servic001.log
29.11.2005 23:07 1.414 thrustedSites.reg
30.04.2008 20:56 3.299 WinUpdRestore.bat
15.07.2005 23:37 568 wpaEvents.reg
08.05.2007 08:58 443 wpaRestore.bat
07.11.2007 20:30 256 ZLT000cd.TMP
05.04.2008 07:48 256 ZLT00124.TMP
05.04.2008 07:48 256 ZLT00127.TMP
26.02.2008 12:50 256 ZLT00143.TMP
12.03.2008 17:56 256 ZLT07f2e.TMP
08.11.2007 15:37 <DIR> ~BW1362.TMP
713 Datei(en) 389.247 Bytes
6 Verzeichnis(se), 14.468.321.280 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Temp

08.01.2008 16:31 <DIR> .
08.01.2008 16:31 <DIR> ..
0 Datei(en) 0 Bytes
2 Verzeichnis(se), 14.468.321.280 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Programme

03.06.2008 03:06 <DIR> .
03.06.2008 03:06 <DIR> ..
27.05.2008 22:38 <DIR> 2.0
09.02.2008 13:28 <DIR> Adobe
14.10.2007 00:56 <DIR> Ahead
31.12.2007 17:10 <DIR> AmoK
26.12.2007 16:43 <DIR> AntiTwin
31.12.2007 18:32 <DIR> Ascentive
01.03.1999 00:57 <DIR> Avira
10.01.2008 00:49 <DIR> Camfrog
25.03.2008 14:03 <DIR> CDex_150
01.03.1999 00:18 <DIR> ComPlus Applications
14.10.2007 00:50 <DIR> CyberLink
14.10.2007 00:53 <DIR> CyberLink DVD Solution
22.11.2007 19:05 <DIR> directx
14.10.2007 02:09 <DIR> Disc2Phone
11.04.2008 11:45 <DIR> DivX
24.03.2008 12:21 <DIR> DVDVideoSoft
21.04.2008 14:49 <DIR> FBrowserAdvisor
22.04.2008 13:55 <DIR> FBrowsingAdvisor
24.03.2008 12:29 <DIR> FLV to AVI Converter
14.10.2007 02:25 <DIR> Freudenreich
05.04.2008 14:17 <DIR> Gemeinsame Dateien
26.05.2008 20:40 <DIR> Google
13.11.2007 14:42 <DIR> Hewlett-Packard
03.06.2008 02:35 <DIR> Hijack This
13.12.2007 12:40 396.288 HijackThis.exe
13.11.2007 14:58 <DIR> HP
13.11.2007 02:47 <DIR> Instant Access
03.06.2008 01:09 <DIR> Internet Explorer
14.05.2008 15:35 <DIR> Java
03.06.2008 03:25 <DIR> lg_fwupdate
22.05.2008 15:38 <DIR> LimeWire
22.03.2008 14:58 <DIR> MediaCoder
23.05.2008 01:44 <DIR> Messenger
01.03.1999 00:22 <DIR> microsoft frontpage
07.11.2007 18:05 <DIR> Microsoft IntelliPoint
07.11.2007 18:03 <DIR> Microsoft IntelliType Pro
14.10.2007 01:23 <DIR> Microsoft Office
03.06.2008 00:41 <DIR> Movie Maker
03.06.2008 03:15 <DIR> Mozilla Firefox
22.03.2008 15:06 <DIR> MP3 WAV Converter
01.03.1999 00:16 <DIR> MSN
01.03.1999 00:17 <DIR> MSN Gaming Zone
14.10.2007 11:58 <DIR> MSXML 4.0
03.06.2008 00:36 <DIR> NetMeeting
01.03.1999 00:17 <DIR> Online Services
01.03.1999 00:20 <DIR> Online-Dienste
03.06.2008 00:36 <DIR> Outlook Express
30.05.2008 15:37 <DIR> PCSleek
26.12.2007 15:05 <DIR> Philips
05.04.2008 14:20 <DIR> PokerStars.NET
05.04.2008 14:19 <DIR> QuickMediaConverter
06.11.2007 23:20 <DIR> QuickTime
22.03.2008 14:59 <DIR> Rc-MP3
20.01.2008 20:50 <DIR> Real
14.10.2007 20:15 774.144 RngInterstitial.dll
14.10.2007 00:36 <DIR> Skype
27.05.2008 22:32 <DIR> Sony Ericsson
14.05.2008 15:36 <DIR> Sun
03.06.2008 03:06 <DIR> Trend Micro
14.10.2007 17:50 <DIR> Trust
05.04.2008 14:16 <DIR> TVgenial
01.10.2004 15:00 40.960 Uninstall_CDS.exe
31.12.2007 18:36 <DIR> Unlocker
03.06.2008 01:02 <DIR> Winamp
23.10.2007 15:23 <DIR> Windows Media Connect 2
03.06.2008 00:50 <DIR> Windows Media Player
14.10.2007 01:20 <DIR> Windows Messaging
03.06.2008 00:36 <DIR> Windows NT
16.10.2007 21:51 <DIR> WinRAR
01.03.1999 00:22 <DIR> xerox
23.10.2007 22:16 <DIR> xp-AntiSpy
22.12.2007 15:11 <DIR> Yahoo!
13.10.2007 19:01 <DIR> Zone Labs
3 Datei(en) 1.211.392 Bytes
72 Verzeichnis(se), 14.468.317.184 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten

24.10.2007 15:27 <DIR> Adobe
15.10.2007 03:26 <DIR> Ahead
16.10.2007 23:57 <DIR> Apple
06.11.2007 23:22 <DIR> Apple Computer
03.06.2008 03:14 <DIR> ApplicationHistory
31.05.2008 02:27 59.392 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
14.10.2007 02:31 145 fusioncache.dat
27.05.2008 23:08 20.504 GDIPFONTCACHEV1.DAT
15.10.2007 21:09 <DIR> Google
16.10.2007 00:47 <DIR> Help
14.10.2007 02:31 <DIR> HP
14.10.2007 02:31 <DIR> IsolatedStorage
07.04.2008 20:09 <DIR> Microsoft
13.10.2007 21:10 <DIR> Mozilla
30.05.2008 15:22 <DIR> Promosoft Corporation
27.05.2008 23:05 <DIR> Sony Ericsson
03.06.2008 03:11 7.854 uuuucjji.dat
21.05.2008 13:49 335.872 uuuucjji.exe
29.05.2008 13:13 435.102 uuuucjji_nav.dat
03.06.2008 03:11 2.374 uuuucjji_navps.dat
03.01.2008 14:42 5.940 wdxfrkt.dat
14.12.2007 13:21 362.173 wdxfrkt_nav.dat
03.01.2008 14:43 2.222 wdxfrkt_navps.dat
23.05.2008 14:07 <DIR> WMTools Downloaded Files
10 Datei(en) 1.231.578 Bytes
14 Verzeichnis(se), 14.468.317.184 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Dokumente und Einstellungen\Anka & Karim\Anwendungsdaten

27.05.2008 22:40 <DIR> Adobe
06.11.2007 23:22 <DIR> Apple Computer
09.01.2008 21:42 <DIR> Camfrog
22.10.2007 03:17 <DIR> Chessmaster Challenge
13.11.2007 03:52 <DIR> CyberLink
19.10.2007 00:05 <DIR> DivX
26.03.2008 02:29 <DIR> FDRLab
15.10.2007 21:09 <DIR> Google
16.10.2007 00:47 <DIR> Help
01.03.1999 00:36 <DIR> Identities
26.12.2007 15:05 <DIR> InstallShield
27.05.2008 22:41 <DIR> Leadertech
22.05.2008 02:51 <DIR> LimeWire
01.03.1999 00:42 <DIR> Macromedia
07.02.2008 18:43 <DIR> Move Networks
13.10.2007 21:10 <DIR> Mozilla
20.01.2008 20:55 <DIR> Real
02.06.2008 20:30 <DIR> Samsung
30.05.2008 21:52 <DIR> Skype
24.03.2008 11:49 <DIR> STOIK
29.05.2008 16:22 <DIR> streamripper
03.11.2007 03:18 <DIR> Sun
13.10.2007 21:11 <DIR> Talkback
14.10.2007 14:26 <DIR> TuneUp Software
26.03.2008 02:18 <DIR> TVU networks
05.04.2008 09:50 <DIR> Wildfire
16.10.2007 21:52 <DIR> WinRAR
0 Datei(en) 0 Bytes
27 Verzeichnis(se), 14.468.317.184 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Dokumente und Einstellungen\All Users\Anwendungsdaten

13.10.2007 19:01 305 addr_file.html
27.05.2008 22:38 <DIR> Adobe
06.11.2007 23:21 <DIR> Apple Computer
01.03.1999 00:57 <DIR> Avira
13.11.2007 03:52 <DIR> CyberLink
13.10.2007 21:12 <DIR> Google
13.11.2007 14:42 <DIR> Hewlett-Packard
13.11.2007 15:07 6.653 hpzinstall.log
31.05.2008 13:59 0 LauncherAccess.dt
13.10.2007 19:02 <DIR> MailFrontier
19.10.2007 00:08 1.767 QTSBandwidthCache
14.10.2007 00:36 <DIR> Skype
27.05.2008 22:32 <DIR> Sony Ericsson
30.05.2008 20:25 <DIR> TEMP
26.03.2008 02:17 <DIR> TVU networks
13.10.2007 22:26 <DIR> Windows Genuine Advantage
4 Datei(en) 8.725 Bytes
12 Verzeichnis(se), 14.468.313.088 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Programme\Gemeinsame Dateien

05.04.2008 14:17 <DIR> .
05.04.2008 14:17 <DIR> ..
09.02.2008 13:28 <DIR> Adobe
14.10.2007 00:55 <DIR> Ahead
01.03.1999 00:19 <DIR> Dienste
14.10.2007 00:31 <DIR> Hewlett-Packard
14.10.2007 01:54 <DIR> HP
14.10.2007 02:18 <DIR> InstallShield
16.10.2007 23:14 <DIR> Java
15.10.2007 01:32 <DIR> LightScribe
14.10.2007 01:23 <DIR> Microsoft Shared
01.03.1999 00:19 <DIR> MSSoap
18.10.2007 23:40 <DIR> NSV
01.03.1999 00:04 <DIR> ODBC
20.01.2008 20:51 <DIR> Real
14.10.2007 00:36 <DIR> Skype
01.03.1999 00:04 <DIR> SpeechEngines
03.06.2008 00:36 <DIR> System
27.05.2008 22:32 <DIR> Teleca Shared
23.11.2007 12:14 <DIR> Vbox
20.01.2008 20:51 <DIR> xing shared
0 Datei(en) 0 Bytes
21 Verzeichnis(se), 14.468.313.088 Bytes frei
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7CE6-4879

Verzeichnis von C:\Windows\tasks

21.03.2008 18:15 410 1-Klick-Wartung.job
03.06.2008 00:00 354 HPpromotions psc 2350 series.job
2 Datei(en) 764 Bytes
0 Verzeichnis(se), 14.468.313.088 Bytes frei

Log - Editor:

ComboFix 08-06-01.6 - Anka & Karim 2008-06-03 3:39:21.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1031.18.187 [GMT 2:00]
ausgeführt von:: C:\Dokumente und Einstellungen\Anka & Karim\Desktop\ComboFix.exe
* Neuer Wiederherstellungspunkt wurde erstellt

[color=red]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/color]
.
Error: Cfiles.dat
Error: Cfolders.dat

(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji.exe
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji_nav.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji_navps.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\wdxfrkt.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\wdxfrkt_nav.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\wdxfrkt_navps.dat

.
((((((((((((((((((((((( Dateien erstellt von 2008-05-03 bis 2008-06-03 ))))))))))))))))))))))))))))))
.

2008-06-03 03:06 . 2008-06-03 03:06 <DIR> d-------- C:\Programme\Trend Micro
2008-06-03 02:59 . 2008-06-03 02:59 <DIR> d-------- C:\_OTMoveIt
2008-06-03 01:23 . 2008-06-03 02:35 <DIR> d-------- C:\Programme\Hijack This
2008-06-03 00:57 . 2008-03-01 14:53 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-06-03 00:57 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-06-03 00:57 . 2007-03-08 07:09 1,040,384 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-06-03 00:57 . 2008-03-01 14:53 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-06-03 00:57 . 2008-03-01 14:53 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-06-03 00:57 . 2008-03-01 14:53 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-06-03 00:57 . 2008-03-01 14:53 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-06-03 00:57 . 2008-03-01 14:53 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-06-03 00:57 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-03 00:13 . 2008-04-14 04:22 1,306,624 -----c--- C:\WINDOWS\system32\dllcache\msxml6.dll
2008-06-03 00:12 . 2006-02-28 14:00 381,425 -----c--- C:\WINDOWS\system32\dllcache\copycd.wmv
2008-06-02 20:30 . 2008-06-03 00:58 <DIR> d-------- C:\Dokumente und Einstellungen\Anka & Karim\Anwendungsdaten\Samsung
2008-06-02 00:23 . 2008-04-14 04:21 571,392 --a--c--- C:\WINDOWS\system32\dllcache\tintlgnt.ime
2008-06-02 00:22 . 2006-02-28 14:00 1,875,968 --a--c--- C:\WINDOWS\system32\dllcache\msir3jp.lex
2008-06-02 00:21 . 2008-04-14 04:20 13,463,552 --a--c--- C:\WINDOWS\system32\dllcache\hwxjpn.dll
2008-06-02 00:20 . 2006-02-28 14:00 1,677,824 --a--c--- C:\WINDOWS\system32\dllcache\chsbrkr.dll
2008-06-02 00:19 . 2006-02-28 14:00 195,618 --a--c--- C:\WINDOWS\system32\dllcache\c_10002.nls
2008-06-02 00:18 . 2003-03-24 16:52 217,088 --a--c--- C:\WINDOWS\system32\dllcache\fpmmcsat.dll
2008-06-02 00:16 . 2006-02-28 14:00 16,384 --a--c--- C:\WINDOWS\system32\dllcache\isignup.exe
2008-06-02 00:16 . 2008-06-02 00:16 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-06-02 00:16 . 2008-06-02 00:16 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-06-02 00:16 . 2008-06-02 00:16 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-06-02 00:16 . 2008-06-02 00:16 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-06-02 00:16 . 2008-06-02 00:16 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-06-01 23:43 . 2006-02-28 14:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-06-01 23:43 . 2006-02-28 14:00 24,661 --a--c--- C:\WINDOWS\system32\dllcache\spxcoins.dll
2008-06-01 23:43 . 2006-02-28 14:00 13,824 --a------ C:\WINDOWS\system32\irclass.dll
2008-06-01 23:43 . 2006-02-28 14:00 13,824 --a--c--- C:\WINDOWS\system32\dllcache\irclass.dll
2008-06-01 23:42 . 2006-02-28 14:00 1,086,058 -ra------ C:\WINDOWS\SET57.tmp
2008-06-01 23:42 . 2006-02-28 14:00 1,014,663 -ra------ C:\WINDOWS\SET55.tmp
2008-06-01 23:42 . 2006-02-28 14:00 817,199 --a--c--- C:\WINDOWS\system32\dllcache\NT5IIS.CAT
2008-06-01 23:42 . 2006-02-28 14:00 399,645 --a--c--- C:\WINDOWS\system32\dllcache\MAPIMIG.CAT
2008-06-01 23:42 . 2006-02-28 14:00 41,270 --a--c--- C:\WINDOWS\system32\dllcache\MW770.CAT
2008-06-01 23:42 . 2006-02-28 14:00 14,573 -ra------ C:\WINDOWS\SET88.tmp
2008-06-01 23:42 . 2006-02-28 14:00 14,043 -ra------ C:\WINDOWS\SET5F.tmp
2008-06-01 23:42 . 2006-02-28 14:00 13,472 --a--c--- C:\WINDOWS\system32\dllcache\HPCRDP.CAT
2008-06-01 23:42 . 2006-02-28 14:00 8,574 --a--c--- C:\WINDOWS\system32\dllcache\IASNT4.CAT
2008-06-01 23:42 . 2006-02-28 14:00 7,382 --a--c--- C:\WINDOWS\system32\dllcache\OEMBIOS.CAT
2008-05-31 13:44 . 2006-05-03 22:53 174,592 --a------ C:\WINDOWS\system32\framedyn.dll
2008-05-31 13:43 . 2008-05-31 13:43 <DIR> d-------- C:\WINDOWS\system32\Samsung_USB_Drivers
2008-05-31 13:43 . 2005-12-22 12:24 137,884 --a------ C:\WINDOWS\system32\drivers\sscdmdm.sys
2008-05-31 13:43 . 2005-12-22 12:24 80,272 --a------ C:\WINDOWS\system32\drivers\sscdbus.sys
2008-05-31 13:43 . 2005-12-22 12:24 11,877 --a------ C:\WINDOWS\system32\drivers\sscdcmnt.sys
2008-05-31 13:43 . 2005-12-22 12:24 11,877 --a------ C:\WINDOWS\system32\drivers\sscdcm.sys
2008-05-31 13:43 . 2005-12-22 12:24 11,188 --a------ C:\WINDOWS\system32\drivers\sscdwhnt.sys
2008-05-31 13:43 . 2005-12-22 12:24 11,188 --a------ C:\WINDOWS\system32\drivers\sscdwh.sys
2008-05-31 13:43 . 2005-12-22 12:24 10,864 --a------ C:\WINDOWS\system32\drivers\sscdmdfl.sys
2008-05-31 13:43 . 2005-08-28 20:51 766 --a------ C:\WINDOWS\system32\Uninstall.ico
2008-05-31 13:42 . 2008-05-31 13:56 5,632 --a------ C:\WINDOWS\system32\drivers\StarOpen.sys
2008-05-30 15:51 . 2008-05-30 15:51 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-05-30 15:51 . 2008-05-30 15:51 1,409 --a------ C:\WINDOWS\QTFont.for
2008-05-30 15:37 . 2008-05-30 15:37 <DIR> d-------- C:\Programme\PCSleek
2008-05-30 15:22 . 2008-05-30 20:25 <DIR> d-a------ C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
2008-05-29 16:22 . 2008-05-29 16:22 <DIR> d-------- C:\Dokumente und Einstellungen\Anka & Karim\Anwendungsdaten\streamripper
2008-05-27 23:07 . 2008-05-27 23:07 0 --a------ C:\WINDOWS\mngui.INI
2008-05-27 22:41 . 2008-05-27 22:41 <DIR> d-------- C:\Dokumente und Einstellungen\Anka & Karim\Anwendungsdaten\Leadertech
2008-05-27 22:38 . 2008-05-27 22:38 <DIR> d-------- C:\Programme\2.0
2008-05-27 22:32 . 2008-05-27 22:32 <DIR> d-------- C:\Programme\Sony Ericsson
2008-05-27 22:32 . 2008-05-27 22:32 <DIR> d-------- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sony Ericsson
2008-05-23 01:44 . 2008-05-23 01:44 <DIR> d-------- C:\WINDOWS\system32\de
2008-05-23 01:44 . 2008-05-23 01:44 <DIR> d-------- C:\WINDOWS\system32\bits
2008-05-23 01:44 . 2008-05-23 01:44 <DIR> d-------- C:\WINDOWS\l2schemas
2008-05-23 01:39 . 2008-05-23 01:44 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-05-23 01:30 . 2008-06-03 00:26 <DIR> d-------- C:\WINDOWS\EHome
2008-05-23 01:06 . 2004-08-03 22:41 1,041,536 --a------ C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-05-23 01:06 . 2004-08-03 22:41 685,056 --a------ C:\WINDOWS\system32\drivers\hsfcxts2.sys
2008-05-23 01:06 . 2004-08-03 22:41 220,032 --a------ C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2008-05-23 01:06 . 2004-07-17 22:55 129,045 --a------ C:\WINDOWS\system32\drivers\cxthsfs2.cty
2008-05-14 15:36 . 2008-05-14 15:36 <DIR> d-------- C:\Programme\Sun
2008-05-09 13:27 . 2008-05-09 13:27 <DIR> d-------- C:\WINDOWS\MSREMOTE.SFS

.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-03 01:44 36,694,048 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-03 01:36 --------- d-----w C:\Programme\lg_fwupdate
2008-06-02 23:51 433,712 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-02 23:02 --------- d-----w C:\Programme\Winamp
2008-06-02 22:58 --------- d--h--w C:\Programme\InstallShield Installation Information
2008-06-02 19:42 2,054,144 ----a-w C:\WINDOWS\Internet Logs\xDB11.tmp
2008-05-30 19:52 --------- d-----w C:\Dokumente und Einstellungen\Anka & Karim\Anwendungsdaten\Skype
2008-05-27 20:32 --------- d-----w C:\Programme\Gemeinsame Dateien\Teleca Shared
2008-05-26 18:40 --------- d-----w C:\Programme\Google
2008-05-25 07:42 3,024,896 ----a-w C:\WINDOWS\Internet Logs\xDB10.tmp
2008-05-22 13:38 --------- d-----w C:\Programme\LimeWire
2008-05-22 00:51 --------- d-----w C:\Dokumente und Einstellungen\Anka & Karim\Anwendungsdaten\LimeWire
2008-05-14 13:35 --------- d-----w C:\Programme\Java
2008-05-08 11:50 1,798,656 ----a-w C:\WINDOWS\Internet Logs\xDBF.tmp
2008-04-22 11:55 --------- d-----w C:\Programme\FBrowsingAdvisor
2008-04-21 12:49 --------- d-----w C:\Programme\FBrowserAdvisor
2008-04-14 05:53 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 05:52 989,696 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 05:52 425,472 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-14 02:36 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 02:25 333,312 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 02:22 99,840 ----a-w C:\WINDOWS\system32\scardsvr.exe
2008-04-14 02:21 762,368 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-14 02:21 731,648 ----a-w C:\WINDOWS\system32\ntdll.dll
2008-04-14 02:21 57,375 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 02:21 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-14 02:02 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-14 02:02 73,472 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-14 02:02 68,224 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-14 02:02 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-14 02:02 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-14 02:00 2,191,360 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-14 02:00 2,068,224 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-14 01:59 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-14 01:58 800,384 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-14 01:58 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-14 01:58 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-14 01:58 154,112 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-14 01:58 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-14 01:57 93,184 ----a-w C:\WINDOWS\system32\msxml6r.dll
2008-04-14 01:57 40,448 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-14 01:56 81,408 ----a-w C:\WINDOWS\system32\msshavmsg.dll
2008-04-14 01:56 51,712 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-14 01:56 40,832 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-14 01:56 2,973,696 ----a-w C:\WINDOWS\system32\wmploc.dll
2008-04-14 01:55 572,928 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-14 01:55 52,992 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-14 01:54 65,536 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-14 01:54 25,856 ----a-w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-14 01:54 202,752 ----a-w C:\WINDOWS\system32\wmerror.dll
2008-04-14 01:54 10,752 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-14 01:53 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-14 01:52 68,096 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-14 01:52 57,728 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-14 01:52 53,760 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-14 01:52 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-14 01:52 273,920 ----a-w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-14 01:51 39,936 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-14 01:50 9,216 ----a-w C:\WINDOWS\system32\asferror.dll
2008-04-14 01:50 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-14 01:50 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-14 01:50 103,424 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-14 01:49 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-14 01:49 23,552 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-14 01:49 188,800 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
.

(((((((((((((((((((((((((((( Autostart Punkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Hinweis* leere Eintrage & legitime Standardeintrage werden nicht angezeigt.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 04:22 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="C:\Programme\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-18 11:08 262401]
"ZoneAlarm Client"="C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54 919016]
"RemoteControl"="C:\Programme\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 20:24 32768]
"InCD"="C:\Programme\Ahead\InCD\InCD.exe" [2006-11-02 08:55 1397760]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"LGODDFU"="C:\Programme\lg_fwupdate\fwupdate.exe" [2005-04-12 10:11 229376]
"HP Software Update"="C:\Programme\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 13:38 49152]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2005-11-16 16:14 344064]
"SunJavaUpdateSched"="C:\Programme\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"QuickTime Task"="C:\Programme\QuickTime\QTTask.exe" [2007-10-19 21:16 286720]
"type32"="C:\Programme\Microsoft IntelliType Pro\type32.exe" [2005-06-10 11:24 196608]
"IntelliPoint"="C:\Programme\Microsoft IntelliPoint\point32.exe" [2005-06-10 11:21 217088]
"HP Component Manager"="C:\Programme\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 16:18 241664]
"TkBellExe"="C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe" [2008-01-20 20:50 185896]
"Adobe Reader Speed Launcher"="C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"SoundMan"="SOUNDMAN.EXE" [2004-06-18 10:31 67584 C:\WINDOWS\SOUNDMAN.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 04:22 15360]

C:\Dokumente und Einstellungen\All Users\Startmen\Programme\Autostart\
HP Digital Imaging Monitor.lnk - C:\Programme\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 22:31:38 241664]
HP Image Zone Schnellstart.lnk - C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe [2004-05-28 23:06:36 53248]
Microsoft-Indexerstellung.lnk - C:\Programme\Microsoft Office\Office\FINDFAST.EXE [1997-09-04 111376]
Office-Start.lnk - C:\Programme\Microsoft Office\Office\OSA.EXE [1997-09-04 51984]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoBandCustomize"= 0 (0x0)
"NoMovingBands"= 0 (0x0)
"NoCloseDragDropBands"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programme\\Skype\\Phone\\Skype.exe"=

R0 PDDSLHND;PDDSLHND;C:\WINDOWS\system32\drivers\PDDSLHND.sys [2005-10-09 16:13]
R3 PDDSLADP;ProDyne DSL Adapter;C:\WINDOWS\system32\DRIVERS\PDDSLADP.SYS [2005-10-09 16:13]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-11-18 18:29]

*Newly Created Service* - CATCHME
.
Inhalt des "geplante Tasks" Ordners
"2008-03-21 16:15:00 C:\WINDOWS\Tasks\1-Klick-Wartung.job"
- C:\Programme\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-06-02 22:00:03 C:\WINDOWS\Tasks\HPpromotions psc 2350 series.job"
- C:\Programme\HP\Digital Imaging\bin\HP Promotions\AiOMVC\HPpromo.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-03 03:44:52
Windows 5.1.2600 Service Pack 3 NTFS

Scanne versteckte Prozesse...

Scanne versteckte Autostart Einträge...

Scanne versteckte Dateien...

Scan erfolgreich abgeschlossen
versteckte Dateien: 0

**************************************************************************
.
Zeit der Fertigstellung: 2008-06-03 3:47:40
ComboFix-quarantined-files.txt 2008-06-03 01:47:32

12 Verzeichnis(se), 14,389,456,896 Bytes frei
15 Verzeichnis(se), 14,735,106,048 Bytes frei

267 --- E O F --- 2008-06-02 23:13:14

03.06.2008, 11:52

Sabina

Ehrenmitglied

Beiträge: 29434

#21 Kawin
««

Start - Ausführen - reinkopieren: %temp%

kopiere die Dateien:

closedbgout.exe
enableirsocketutil.exe

IN diesen Ordner

C:\Programme\Sony Ericsson

siehe :
http://www.k700-forum.de/thread.php?threadid=14004

---------------------------------------------------------------

1.
http://virus-protect.org/artikel/tools/otmoveIt.html
öffne: OTMoveIt.exe
OTMoveIt Kopiere rein: im linken Fenster ,wo steht: Paste List of Files/Folders to Move

Zitat

C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\upd5.tmp.exe
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\urlcaller.exe
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\3eananrp.exe
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\joexqqzk.exe
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tem53.tmp.exe
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp6.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp73.tmp.exe
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp79.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp7A.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp7B.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp7C.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp7F.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp82.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp85.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp86.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp87.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp8A.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp8B.tmp
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji.exe
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji_nav.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji_navps.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\wdxfrkt.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\wdxfrkt_nav.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\wdxfrkt_navps.dat
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\Promosoft Corporation
C:\Programme\Instant Access

Klicke auf den Roten MoveIt!

Text im rechten Fenster / Results
Mit rechtem Mausklick abkopieren und im Forenbeitrag mit rechtem Mausklick "einfügen"

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann

-------------

2.
es ist wichtig, dass du die temporären Dateien alle löschst.
http://www.ccleaner.de/?protecus.de

3.
Start - Ausführen - schreibe rein: cleanmgr

Start - Programme - Zubehör - Systemprogramme - Datenträgerbereinigung
- Click:Temporäre Internet Files/Temporäre Internet Dateien, o.k.
- Click:Temporäre Dateien, o.k

4.
wende navilog an - Option 1, dann Option 2 - poste hier den Report von Option2
http://virus-protect.org/artikel/tools/navilog.html
__________
MfG Sabina

rund um die PC-Sicherheit

04.06.2008, 19:44

Kawin

...neu hier

Beiträge: 10

#22 Hallo Sabina,

File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\upd5.tmp.exe not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\urlcaller.exe not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\3eananrp.exe not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\joexqqzk.exe not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tem53.tmp.exe not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp6.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp73.tmp.exe not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp79.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp7A.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp7B.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp7C.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp7F.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp82.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp85.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp86.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp87.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp8A.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Temp\tmp8B.tmp not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji.dat not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji.exe not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji_nav.dat not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\uuuucjji_navps.dat not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\wdxfrkt.dat not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\wdxfrkt_nav.dat not found.
File/Folder C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\wdxfrkt_navps.dat not found.
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\Promosoft Corporation\Free Registry Fix\files moved successfully.
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\Promosoft Corporation\Free Registry Fix moved successfully.
C:\Dokumente und Einstellungen\Anka & Karim\Lokale Einstellungen\Anwendungsdaten\Promosoft Corporation moved successfully.
C:\Programme\Instant Access\Dialer\994298094\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\994298094\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\994298094\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\994298094\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\994298094\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\994298094\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\994298094\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\994298094\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\994298094 moved successfully.
C:\Programme\Instant Access\Dialer\990565896\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\990565896\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\990565896\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\990565896\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\990565896\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\990565896\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\990565896\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\990565896\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\990565896 moved successfully.
C:\Programme\Instant Access\Dialer\910405701\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\910405701\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\910405701\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\910405701\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\910405701\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\910405701\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\910405701\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\910405701 moved successfully.
C:\Programme\Instant Access\Dialer\879792991\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\879792991\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\879792991\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\879792991\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\879792991\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\879792991\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\879792991\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\879792991\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\879792991 moved successfully.
C:\Programme\Instant Access\Dialer\854779307\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\854779307\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\854779307\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\854779307\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\854779307\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\854779307\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\854779307\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\854779307\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\854779307 moved successfully.
C:\Programme\Instant Access\Dialer\851188686\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\851188686\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\851188686\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\851188686\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\851188686\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\851188686\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\851188686\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\851188686\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\851188686 moved successfully.
C:\Programme\Instant Access\Dialer\846671227\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\846671227\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\846671227\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\846671227\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\846671227\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\846671227\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\846671227\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\846671227\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\846671227 moved successfully.
C:\Programme\Instant Access\Dialer\845126405\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\845126405\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\845126405\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\845126405\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\845126405\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\845126405\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\845126405\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\845126405\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\845126405 moved successfully.
C:\Programme\Instant Access\Dialer\841718183\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\841718183\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\841718183\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\841718183\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\841718183\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\841718183\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\841718183\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\841718183 moved successfully.
C:\Programme\Instant Access\Dialer\798621642\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\798621642\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\798621642\fp.pc-on-internet.com\50240\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\798621642\fp.pc-on-internet.com\50240\images moved successfully.
C:\Programme\Instant Access\Dialer\798621642\fp.pc-on-internet.com\50240 moved successfully.
C:\Programme\Instant Access\Dialer\798621642\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\798621642\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\798621642\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\798621642\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\798621642\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\798621642\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\798621642\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\798621642\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\798621642 moved successfully.
C:\Programme\Instant Access\Dialer\781320733\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\781320733\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\781320733\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\781320733\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\781320733\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\781320733\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\781320733\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\781320733\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\781320733 moved successfully.
C:\Programme\Instant Access\Dialer\769702517\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\769702517\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\769702517\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\769702517\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\769702517\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\769702517\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\769702517\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\769702517\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\769702517 moved successfully.
C:\Programme\Instant Access\Dialer\752980580\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\752980580\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\752980580\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\752980580\fp.pc-on-internet.com\50300\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\752980580\fp.pc-on-internet.com\50300\images moved successfully.
C:\Programme\Instant Access\Dialer\752980580\fp.pc-on-internet.com\50300 moved successfully.
C:\Programme\Instant Access\Dialer\752980580\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\752980580\es6-www.0texkax7c6hzuidk.com\custom\4242\EN moved successfully.
C:\Programme\Instant Access\Dialer\752980580\es6-www.0texkax7c6hzuidk.com\custom\4242 moved successfully.
C:\Programme\Instant Access\Dialer\752980580\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\752980580\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\752980580\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\752980580\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\752980580\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\752980580 moved successfully.
C:\Programme\Instant Access\Dialer\735555330\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\735555330\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\735555330\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\735555330\fp.pc-on-internet.com\50329\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\735555330\fp.pc-on-internet.com\50329\images moved successfully.
C:\Programme\Instant Access\Dialer\735555330\fp.pc-on-internet.com\50329 moved successfully.
C:\Programme\Instant Access\Dialer\735555330\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\735555330\es6-www.0texkax7c6hzuidk.com\custom\4242\EN moved successfully.
C:\Programme\Instant Access\Dialer\735555330\es6-www.0texkax7c6hzuidk.com\custom\4242 moved successfully.
C:\Programme\Instant Access\Dialer\735555330\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\735555330\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\735555330\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\735555330\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\735555330\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\735555330 moved successfully.
C:\Programme\Instant Access\Dialer\726805704\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\726805704\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\726805704\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\726805704\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\726805704\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\726805704\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\726805704\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\726805704 moved successfully.
C:\Programme\Instant Access\Dialer\658068826\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\658068826\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\658068826\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\658068826\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\658068826\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\658068826\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\658068826\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\658068826\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\658068826 moved successfully.
C:\Programme\Instant Access\Dialer\647967195\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\647967195\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\647967195\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\647967195\fp.pc-on-internet.com\50329\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\647967195\fp.pc-on-internet.com\50329\images moved successfully.
C:\Programme\Instant Access\Dialer\647967195\fp.pc-on-internet.com\50329 moved successfully.
C:\Programme\Instant Access\Dialer\647967195\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\647967195\es6-www.0texkax7c6hzuidk.com\custom\4242\EN moved successfully.
C:\Programme\Instant Access\Dialer\647967195\es6-www.0texkax7c6hzuidk.com\custom\4242 moved successfully.
C:\Programme\Instant Access\Dialer\647967195\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\647967195\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\647967195\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\647967195\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\647967195\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\647967195 moved successfully.
C:\Programme\Instant Access\Dialer\629145690\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\629145690\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\629145690\fp.gad-network.com\50252\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\629145690\fp.gad-network.com\50252\images moved successfully.
C:\Programme\Instant Access\Dialer\629145690\fp.gad-network.com\50252 moved successfully.
C:\Programme\Instant Access\Dialer\629145690\fp.gad-network.com moved successfully.
C:\Programme\Instant Access\Dialer\629145690\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\629145690\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\629145690\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\629145690\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\629145690\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\629145690\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\629145690\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\629145690 moved successfully.
C:\Programme\Instant Access\Dialer\628569446\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\628569446\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\628569446\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\628569446\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\628569446\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\628569446\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\628569446\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\628569446\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\628569446 moved successfully.
C:\Programme\Instant Access\Dialer\610104664\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\610104664\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\610104664\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\610104664\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\610104664\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\610104664\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\610104664\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\610104664 moved successfully.
C:\Programme\Instant Access\Dialer\604402322\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\604402322\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\604402322\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\604402322\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\604402322\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\604402322\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\604402322\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\604402322\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\604402322 moved successfully.
C:\Programme\Instant Access\Dialer\600373777\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\600373777\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\600373777\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\600373777\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\600373777\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\600373777\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\600373777\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\600373777\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\600373777 moved successfully.
C:\Programme\Instant Access\Dialer\595597132\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\595597132\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\595597132\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\595597132\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\595597132\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\595597132\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\595597132\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\595597132\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\595597132 moved successfully.
C:\Programme\Instant Access\Dialer\572205602\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\572205602\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\572205602\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\572205602\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\572205602\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\572205602\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\572205602\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\572205602 moved successfully.
C:\Programme\Instant Access\Dialer\569592420\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\569592420\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\569592420\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\569592420\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\569592420\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\569592420\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\569592420\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\569592420 moved successfully.
C:\Programme\Instant Access\Dialer\527088846\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\527088846\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\527088846\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\527088846\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\527088846\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\527088846\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\527088846\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\527088846 moved successfully.
C:\Programme\Instant Access\Dialer\519444567\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\519444567\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\519444567\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\519444567\fp.pc-on-internet.com\3041\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\519444567\fp.pc-on-internet.com\3041\images moved successfully.
C:\Programme\Instant Access\Dialer\519444567\fp.pc-on-internet.com\3041 moved successfully.
C:\Programme\Instant Access\Dialer\519444567\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\519444567\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\519444567\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\519444567\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\519444567\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\519444567\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\519444567\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\519444567\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\519444567 moved successfully.
C:\Programme\Instant Access\Dialer\495781905\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\495781905\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\495781905\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\495781905\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\495781905\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\495781905\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\495781905\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\495781905\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\495781905 moved successfully.
C:\Programme\Instant Access\Dialer\484202460\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\484202460\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\484202460\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\484202460\fp.pc-on-internet.com\50321\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\484202460\fp.pc-on-internet.com\50321\images moved successfully.
C:\Programme\Instant Access\Dialer\484202460\fp.pc-on-internet.com\50321 moved successfully.
C:\Programme\Instant Access\Dialer\484202460\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\484202460\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\484202460\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\484202460\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\484202460\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\484202460\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\484202460\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\484202460\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\484202460 moved successfully.
C:\Programme\Instant Access\Dialer\4549167\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\4549167\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\4549167\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\4549167\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\4549167\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\4549167\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\4549167\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\4549167 moved successfully.
C:\Programme\Instant Access\Dialer\396302726\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\396302726\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\396302726\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\396302726\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\396302726\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\396302726\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\396302726\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\396302726 moved successfully.
C:\Programme\Instant Access\Dialer\352280827\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\352280827\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\352280827\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\352280827\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\352280827\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\352280827\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\352280827\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\352280827\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\352280827 moved successfully.
C:\Programme\Instant Access\Dialer\351015533\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\351015533\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\351015533\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\351015533\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\351015533\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\351015533\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\351015533\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\351015533 moved successfully.
C:\Programme\Instant Access\Dialer\346754368\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\346754368\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\346754368\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\346754368\fp.pc-on-internet.com\50285\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\346754368\fp.pc-on-internet.com\50285\images moved successfully.
C:\Programme\Instant Access\Dialer\346754368\fp.pc-on-internet.com\50285 moved successfully.
C:\Programme\Instant Access\Dialer\346754368\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\346754368\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\346754368\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\346754368\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\346754368\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\346754368\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\346754368\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\346754368\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\346754368 moved successfully.
C:\Programme\Instant Access\Dialer\305974397\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\305974397\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\305974397\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\305974397\fp.pc-on-internet.com\50297\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\305974397\fp.pc-on-internet.com\50297\images moved successfully.
C:\Programme\Instant Access\Dialer\305974397\fp.pc-on-internet.com\50297 moved successfully.
C:\Programme\Instant Access\Dialer\305974397\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\305974397\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\305974397\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\305974397\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\305974397\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\305974397\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\305974397\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\305974397\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\305974397 moved successfully.
C:\Programme\Instant Access\Dialer\272340598\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\272340598\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\272340598\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\272340598\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\272340598\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\272340598\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\272340598\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\272340598\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\272340598 moved successfully.
C:\Programme\Instant Access\Dialer\270418778\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\270418778\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\270418778\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\270418778\fp.pc-on-internet.com\50310\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\270418778\fp.pc-on-internet.com\50310\images moved successfully.
C:\Programme\Instant Access\Dialer\270418778\fp.pc-on-internet.com\50310 moved successfully.
C:\Programme\Instant Access\Dialer\270418778\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\270418778\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\270418778\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\270418778\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\270418778\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\270418778\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\270418778\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\270418778\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\270418778 moved successfully.
C:\Programme\Instant Access\Dialer\262967265\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\262967265\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\262967265\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\262967265\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\262967265\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\262967265\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\262967265\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\262967265\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\262967265 moved successfully.
C:\Programme\Instant Access\Dialer\219461534\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\219461534\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\219461534\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\219461534\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\219461534\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\219461534\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\219461534\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\219461534\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\219461534 moved successfully.
C:\Programme\Instant Access\Dialer\16770002\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\16770002\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\16770002\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\16770002\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\16770002\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\16770002\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\16770002\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\16770002\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\16770002 moved successfully.
C:\Programme\Instant Access\Dialer\126176594\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\126176594\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\126176594\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\126176594\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\126176594\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\126176594\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\126176594\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\126176594\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\126176594 moved successfully.
C:\Programme\Instant Access\Dialer\1162989254\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\1162989254\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\1162989254\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\1162989254\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\1162989254\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\1162989254\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\1162989254\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\1162989254\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\1162989254 moved successfully.
C:\Programme\Instant Access\Dialer\1079464222\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\1079464222\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\1079464222\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\1079464222\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\1079464222\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\1079464222\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\1079464222\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\1079464222\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\1079464222 moved successfully.
C:\Programme\Instant Access\Dialer\1077926283\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\1077926283\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\1077926283\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\1077926283\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\1077926283\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\1077926283\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\1077926283\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\1077926283\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\1077926283 moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\fp.pc-on-internet.com\50253\images\EN moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\fp.pc-on-internet.com\50253\images moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\fp.pc-on-internet.com\50253 moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\fp.pc-on-internet.com moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\es6-www.0texkax7c6hzuidk.com\custom\4239\EN moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\es6-www.0texkax7c6hzuidk.com\custom\4239 moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\1067141681\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\1067141681 moved successfully.
C:\Programme\Instant Access\Dialer\1053174071\www.rapid-pass.net moved successfully.
C:\Programme\Instant Access\Dialer\1053174071\es6-www.0texkax7c6hzuidk.com\custom\4160\EN moved successfully.
C:\Programme\Instant Access\Dialer\1053174071\es6-www.0texkax7c6hzuidk.com\custom\4160 moved successfully.
C:\Programme\Instant Access\Dialer\1053174071\es6-www.0texkax7c6hzuidk.com\custom moved successfully.
C:\Programme\Instant Access\Dialer\1053174071\es6-www.0texkax7c6hzuidk.com\Common moved successfully.
C:\Programme\Instant Access\Dialer\1053174071\es6-www.0texkax7c6hzuidk.com moved successfully.
C:\Programme\Instant Access\Dialer\1053174071\es6-external-api.dlv4.com\js moved successfully.
C:\Programme\Instant Access\Dialer\1053174071\es6-external-api.dlv4.com moved successfully.
C:\Programme\Instant Access\Dialer\1053174071 moved successfully.
C:\Programme\Instant Access\Dialer moved successfully.
C:\Programme\Instant Access\Center moved successfully.
C:\Programme\Instant Access moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06042008_192510

MfG
Kawin

04.06.2008, 23:59

Sabina

Ehrenmitglied

Beiträge: 29434

#23 Kawin

««
OTMoveIt
klicken: CleanUp! button
cleanup.txt wird vom Internet geladen (von Firewall zulassen!)
Begin cleanup process? klicke: Yes. - "Do you want to reboot?" klicke Yes

««
wende navilog an - Option 1, dann Option 2 - poste hier den Report von Option2
http://virus-protect.org/artikel/tools/navilog.html

««
scanne mit Malwarebytes, lasse alles gefundene entfernen + poste den report
http://virus-protect.org/artikel/tools/malwarebytes.html
__________
MfG Sabina

rund um die PC-Sicherheit

05.06.2008, 03:27

Kawin

...neu hier

Beiträge: 10

#24 Hallo Sabina,

Fixnavi txt Opt. 1

Search Navipromo version 3.5.7 began on 05.06.2008 at 3:03:24,85

!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Programme\navilog1
Actual User Account : "Anka & Karim"

Updated on 11.05.2008 at 18h00 by IL-MAFIOSO

Microsoft Windows XP [Version 5.1.2600]
Version Internet Explorer : 7.0.5730.13
Filesystem type : NTFS

Search done in normal mode

*** Search folders in "C:\WINDOWS" ***

*** Search folders in "C:\Programme" ***

*** Search folders in "c:\dokume~1\alluse~1\anwend~1" ***

*** Search folders in "c:\dokume~1\alluse~1\startm~1\progra~1" ***

*** Search folders in "C:\Dokumente und Einstellungen\Anka & Karim\anwend~1" ***

*** Search folders in "C:\Dokumente und Einstellungen\Anka & Karim\lokale~1\anwend~1" ***

*** Search folders in "C:\Dokumente und Einstellungen\Anka & Karim\startm~1\progra~1" ***

*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net

No file found

*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!

* Scan in "C:\WINDOWS\system32" *

* Scan in "C:\Dokumente und Einstellungen\Anka & Karim\lokale~1\anwend~1" *

*** Search files ***

C:\WINDOWS\system32\nvs2.inf found !

*** Search specific Registry keys ***

*** Complementary Search ***
(Search specific files)

1)Search new Instant Access files :

C:\WINDOWS\system32\lnaccess.exe found !

2)Heuristic Search :

* In "C:\WINDOWS\system32" :

lnaccess.exe found !

* In "C:\Dokumente und Einstellungen\Anka & Karim\lokale~1\anwend~1" :

3)Certificates Search :

Egroup certificate not found !
Electronic-Group certificate found !
OOO-Favorit certificate found !
Sunny-Day-Design-Ltd certificate not found !

4)Search known files :

*** Search completed on 05.06.2008 at 3:10:09,07 ***

Fixnavi txt 2

Navipromo Removal version 3.5.7 started on 05.06.2008 at 3:16:36,76

Fix running from C:\Programme\navilog1
Actual User Account : "Anka & Karim"

Updated on 11.05.2008 at 18h00 by IL-MAFIOSO

Microsoft Windows XP [Version 5.1.2600]
Internet Explorer : 7.0.5730.13
Filesystem type : NTFS

Automatic removal
with Catchme and GNS results

Cleanning stage done on Reboot

*** fsbl1.txt not found ***
(Check that Catchme found nothing in Search Mode)

*** Deleting with Backups GenericNaviSearch results ***

* Deletion in "C:\WINDOWS\System32" *

* Deletion in "C:\Dokumente und Einstellungen\Anka & Karim\lokale~1\anwend~1" *

*** Deleting folders in "C:\WINDOWS" ***

*** Deleting folders in "C:\Programme" ***

*** Deleting folders in "c:\dokume~1\alluse~1\anwend~1" ***

*** Deleting folders in "c:\dokume~1\alluse~1\startm~1\progra~1" ***

*** Deleting folders in "C:\Dokumente und Einstellungen\Anka & Karim\anwend~1" ***

*** Deleting folders in "C:\Dokumente und Einstellungen\Anka & Karim\lokale~1\anwend~1" ***

*** Deleting folders in "C:\Dokumente und Einstellungen\Anka & Karim\startm~1\progra~1" ***

*** Deleting files ***

C:\WINDOWS\system32\nvs2.inf deleted !

*** Deleting temporary files ***

Cleaning of C:\WINDOWS\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

C:\WINDOWS\system32\lnaccess.exe found !
Fail Copy C:\WINDOWS\system32\lnaccess.exe to Backupnavi folder
C:\WINDOWS\system32\lnaccess.exe no deleted !

2)Heuristic search and deletion with backups :

* In "C:\WINDOWS\system32" *

lnaccess.exe found !
Fail Copy lnaccess.exe to Backupnavi folder
lnaccess.exe no deleted !

* In "C:\Dokumente und Einstellungen\Anka & Karim\lokale~1\anwend~1" *

*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned

*** Certificates ***

Egroup Certificate not found !
Electronic-Group Certificate deleted !
OOO-Favorit Certificate deleted !
Sunny-Day-Design-Ltd Certificate not found !

*** Cleaning stage complete on 05.06.2008 at 3:21:50,18 ***

Danke
Kawin

05.06.2008, 09:51

Sabina

Ehrenmitglied

Beiträge: 29434

#25 Hallo Kawin

neu laden:
http://virus-protect.org/artikel/tools/otmoveIt.html
öffne: OTMoveIt.exe

OTMoveIt Kopiere rein: im linken Fenster ,wo steht: Paste List of Files/Folders to Move

Zitat

C:\WINDOWS\system32\lnaccess.exe
C:\Programme\FBrowsingAdvisor

Klicke auf den Roten MoveIt!

«
Text im rechten Fenster / Results
Mit rechtem Mausklick abkopieren und HIER mit rechtem Mausklick "einfügen"

-------------

««
scanne mit Malwarebytes, lasse alles gefundene entfernen + poste den report
http://virus-protect.org/artikel/tools/malwarebytes.html
__________
MfG Sabina

rund um die PC-Sicherheit

05.06.2008, 13:16

Kawin

...neu hier

Beiträge: 10

#26 Hallo Sabine,

Malwarebytes' Anti-Malware 1.14
Datenbank Version: 826

04:01:43 05.06.2008
mbam-log-6-5-2008 (04-01-43).txt

Scan Art: Komplett Scan (C:\|D:\|)
Objekte gescannt: 88773
Scan Dauer: 29 minute(s), 35 second(s)

Infizierte Speicher Prozesse: 0
Infizierte Speicher Module: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 0
Infizierte Datei Objekte der Registrierung: 0
Infizierte Verzeichnisse: 2
Infizierte Dateien: 7

Infizierte Speicher Prozesse:
(Keine Malware Objekte gefunden)

Infizierte Speicher Module:
(Keine Malware Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\Software\Microsoft\AdvRemoteDbg (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine Malware Objekte gefunden)

Infizierte Datei Objekte der Registrierung:
(Keine Malware Objekte gefunden)

Infizierte Verzeichnisse:
C:\Programme\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

Infizierte Dateien:
C:\Programme\FBrowsingAdvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Programme\FBrowsingAdvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

MfG
Kawin

05.06.2008, 13:29

Sabina

Ehrenmitglied

Beiträge: 29434

#27 Hallo Kawin

neu laden:
http://virus-protect.org/artikel/tools/otmoveIt.html
öffne: OTMoveIt.exe

OTMoveIt Kopiere rein: im linken Fenster ,wo steht: Paste List of Files/Folders to Move

Zitat

C:\WINDOWS\system32\lnaccess.exe
C:\Programme\FBrowsingAdvisor

Klicke auf den Roten MoveIt!

«
Text im rechten Fenster / Results
Mit rechtem Mausklick abkopieren und HIER mit rechtem Mausklick "einfügen"
__________
MfG Sabina

rund um die PC-Sicherheit

05.06.2008, 13:40

Kawin

...neu hier

Beiträge: 10

#28 Hi Sabine,

1-

C:\WINDOWS\system32\lnaccess.exe moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06052008_131921

2-

File/Folder C:\WINDOWS\system32\lnaccess.exe not found.
File/Folder C:\Programme\FBrowsingAdvisor not found.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 06052008_133428

Ich habe ein neue problem

BAD_POOL_CALLER
STOP: 0x00000c2
(0x00000007,0x00000cd4, 0x02300007, 0x81E66450)

05.06.2008, 13:50

Sabina

Ehrenmitglied

Beiträge: 29434

#29 ja, das nennt man Pech

hier ist von Windows 2000 die Rede...
http://support.microsoft.com/default.aspx?scid=kb%3Bde%3BD44542

versuche es mal, die Windowsupdates fuer XP zu machen und berichte, ob die fehlermeldung weg ist.

---------
oder:
besagt die Fehlermeldung, dass versucht wurde
einen Speicher-Bereich (Memory-Pool) freizugeben, welcher aber
bereits freigegeben wurde.

Die Fehlermeldung weist auf ein Treiberproblem hin.
Entweder hat der Treiber einen Bug oder es gibt ein Problem
mit einem Interrupt.

Schau mal im Geräte-Manager nach , ob es eine gelbe Warnmeldung gibt.
__________
MfG Sabina

rund um die PC-Sicherheit

10.06.2008, 23:06

Schlitz

...neu hier

Beiträge: 5

#30 OKay ich weiß des wird nervig mit der zeit aber ich blick da bei den sachen nich so ganz durch ich hab mir ma dieses hijack dingsbums da geholt und hier der logfile
P.s.: Fehler auch mit diesem Instant acces Schei...!
aba bitte für mich ganz langsam ich blick net so ganz durch!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:48:55, on 10.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AVPersonal\AVGUARD.EXE
C:\Programme\AVPersonal\AVWUPSRV.EXE
D:\Tobit ClipInc\Server\ClipInc-Server.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Tobit ClipInc\Player\ClipIncTray.exe
C:\dokumente und einstellungen\schlitz\lokale einstellungen\anwendungsdaten\gqugqmyqs.exe
C:\WINDOWS\system32\wuauclt.exe
D:\T-Online_Software_5\Basis-Software\Basis2\kernel.exe
D:\T-Online_Software_5\Basis-Software\Basis2\sc_watch.exe
D:\T-ONLI~1\BASIS-~1\Basis2\PROFIL~1.EXE
C:\Programme\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ende.de/
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Mein Zeuch\ICQToolbar\toolbaru.dll (file missing)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - D:\Mein Zeuch\ICQToolbar\toolbaru.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - D:\Mein Zeuch\ICQToolbar\toolbaru.dll (file missing)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVGCtrl] C:\Programme\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [Anti-Blaxx Manager] D:\mehr games\battlefield2\Anti-Blaxx 1.18\Anti-Blaxx.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Adobe\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programme\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ClipIncSrvTray] "D:\Tobit ClipInc\Player\ClipIncTray.exe"
O4 - HKCU\..\Run: [Instant Access] C:\WINDOWS\system32\nsinet.exe /res
O4 - HKCU\..\Run: [gqugqmyqs] c:\dokumente und einstellungen\schlitz\lokale einstellungen\anwendungsdaten\gqugqmyqs.exe gqugqmyqs
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://D:\office\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\office\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Mein Zeuch\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - D:\Mein Zeuch\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {DF1C8E21-4045-4D67-B528-335F1A4F0DE9} - http://es6-scripts.dlv4.com/binaries/egaccess4/egaccess4_1073_em_XP.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D5F1BF14-DFDF-4B33-A2F4-C9DC8D68AAC2}: NameServer = 217.237.150.188 217.237.151.142
O20 - AppInit_DLLs:
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Programme\AVPersonal\AVGUARD.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programme\AVPersonal\AVWUPSRV.EXE
O23 - Service: ClipInc 001 (ClipInc001) - Unknown owner - D:\Tobit ClipInc\Server\ClipInc-Server.exe

--
End of file - 5093 bytes

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

»
»
»
» Instant Access etc....
» "Instant Access" auf dem PC Was ist das und wie geht das weg?

Seite(n): 1 2 3 4