Home » Viren, Trojaner & Malware Forum » Generic Trojan + Trj/CI.A und eventuell Rootkit,wie entfernen+säubern? » Themenansicht

Firefox Tipp: Instantfox - Quick Search Add-On!

Seite(n): 1 2 3 4 5

Antworten

Generic Trojan + Trj/CI.A und eventuell Rootkit,wie entfernen+säubern?

24.05.2010, 14:14

virenfinder

Member

Beiträge: 3716

#16 keine sorge, ich lass mich nicht antreiben :d
Systemscan mit OTL
download otl:
http://oldtimer.geekstogo.com/OTL.exe
Doppelklick auf die OTL.exe
(user von Windows 7 und Vista: Rechtsklick als Administrator ausführen)
1. Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
2. Hake an "scan all users"
3. Unter "Extra Registry wähle:
"Use Safelist" "LOP Check" "Purity Check"
6. Kopiere in die Textbox:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
7. Klicke "run Scan"
8. 2 reporte werden erstellt:
OTL.Txt
Extras.Txt
poste beide, evtl. musst du auf 2 posts aufteilen.

24.05.2010, 14:43

Robi

Member

Themenstarter

Beiträge: 56

#17 OTL.txt
-------------

OTL logfile created on: 24.05.2010 14:35:16 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1.022,00 Mb Total Physical Memory | 664,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 278,55 Gb Total Space | 179,31 Gb Free Space | 64,37% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 10,03 Gb Free Space | 51,38% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 931,51 Gb Total Space | 599,94 Gb Free Space | 64,41% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HIM
Current User Name: ''SeRa-SuN''
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft)
PRC - C:\Programme\Virtual CD v9\System\vc9secs.exe (H+H Software GmbH)
PRC - C:\Programme\RocketDock\RocketDock.exe ()
PRC - C:\WINDOWS\system32\HPZipm12.exe (HP)
PRC - C:\Programme\Nero\Nero 7\Nero 7\InCD\InCDsrv.exe (Nero AG)
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

[color=#E56717]========== Modules (SafeList) ==========[/color]

MOD - C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Programme\RocketDock\RocketDock.dll ()

[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV - (KLBLMain) -- File not found
SRV - (avast! Web Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Mail Scanner) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (avast! Antivirus) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe (ALWIL Software)
SRV - (getPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (UxTuneUp) -- C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
SRV - (ACDaemon) -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft)
SRV - (VC9SecS) -- C:\Programme\Virtual CD v9\System\vc9secs.exe (H+H Software GmbH)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (TuneUp.Defrag) -- C:\WINDOWS\system32\TuneUpDefragService.exe (TuneUp Software GmbH)
SRV - (TVESched) TVEnhance Task Scheduler (TTS)) -- C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe ()
SRV - (TVECapSvc) TVEnhance Background Capture Service (TBCS) -- C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe ()
SRV - (InCDsrv) -- C:\Programme\Nero\Nero 7\Nero 7\InCD\InCDsrv.exe (Nero AG)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10)

[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)
DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)
DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)
DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)
DRV - (atksgt) -- C:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (xfilt) -- C:\WINDOWS\system32\DRIVERS\xfilt.sys (VIA Technologies,Inc)
DRV - (videX32) -- C:\WINDOWS\system32\DRIVERS\videX32.sys (VIA Technologies, Inc.)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\mpe.sys (Microsoft Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\WINDOWS\system32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (ArcSoftKsUFilter) -- C:\WINDOWS\system32\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.)
DRV - (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM) -- C:\WINDOWS\system32\drivers\s115mgmt.sys (MCCI Corporation)
DRV - (s115obex) -- C:\WINDOWS\system32\drivers\s115obex.sys (MCCI Corporation)
DRV - (s115mdm) -- C:\WINDOWS\system32\drivers\s115mdm.sys (MCCI Corporation)
DRV - (s115mdfl) -- C:\WINDOWS\system32\drivers\s115mdfl.sys (MCCI Corporation)
DRV - (s115bus) Sony Ericsson Device 115 driver (WDM) -- C:\WINDOWS\system32\drivers\s115bus.sys (MCCI Corporation)
DRV - (ElbyCDFL) -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys (SlySoft, Inc.)
DRV - (sptd) -- C:\WINDOWS\system32\drivers\sptd.sys.19416321 (Duplex Secure Ltd.)
DRV - (vaxscsi) -- C:\WINDOWS\System32\Drivers\vaxscsi.sys (Alcohol Soft Co., Ltd.)
DRV - (Afc) -- C:\WINDOWS\system32\drivers\afc.sys (Arcsoft, Inc.)
DRV - (3xHybrid) -- C:\WINDOWS\system32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.)
DRV - (HH9Help.sys) -- C:\WINDOWS\system32\drivers\HH9Help.sys (H+H Software GmbH)
DRV - (RT73) -- C:\WINDOWS\system32\drivers\rt73.sys (Ralink Technology, Corp.)
DRV - (incdrm) -- C:\WINDOWS\system32\drivers\InCDRm.sys (Nero AG)
DRV - (InCDPass) -- C:\WINDOWS\system32\drivers\InCDPass.sys (Nero AG)
DRV - (InCDfs) -- C:\WINDOWS\system32\drivers\InCDfs.sys (Nero AG)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- C:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology (StarForce))
DRV - (sfsync04) StarForce Protection Synchronization Driver (version 4.x) -- C:\WINDOWS\System32\drivers\sfsync04.sys (Protection Technology (StarForce))
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- C:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.)
DRV - (ElbyDelay) -- C:\WINDOWS\system32\drivers\ElbyDelay.sys (Elaborate Bytes AG)

[color=#E56717]========== Standard Registry (SafeList) ==========[/color]

[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2264717200-4286914280-695082641-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-2264717200-4286914280-695082641-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2264717200-4286914280-695082641-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2264717200-4286914280-695082641-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5A 68 31 5B 86 11 CC 01 [binary data]
IE - HKU\S-1-5-21-2264717200-4286914280-695082641-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.de/ig?hl=de"
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.60
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}:5.0.13
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.05.22 08:57:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.05.22 08:57:41 | 000,000,000 | ---D | M]

[2008.12.13 00:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Mozilla\Extensions
[2010.05.15 13:26:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Mozilla\Firefox\Profiles\9odyv07b.default\extensions
[2010.04.28 17:08:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Mozilla\Firefox\Profiles\9odyv07b.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.03 08:59:13 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Mozilla\Firefox\Profiles\9odyv07b.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.02.15 18:00:41 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Mozilla\Firefox\Profiles\9odyv07b.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.04.28 20:41:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Mozilla\Firefox\Profiles\9odyv07b.default\extensions\firefox@tvunetworks.com
[2009.03.16 13:11:13 | 000,003,915 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Mozilla\Firefox\Profiles\9odyv07b.default\searchplugins\sweetim.xml
[2010.05.22 09:28:30 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2006.12.03 16:47:01 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007.11.16 09:20:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}
[2010.05.22 09:28:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2006.12.10 14:07:31 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\realplayer@partners.mozilla.com
[2007.09.06 13:53:00 | 000,400,384 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\npagent.dll
[2010.05.22 09:28:16 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2009.12.18 02:31:54 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Programme\Mozilla Firefox\plugins\npwachk.dll
[2010.03.12 11:30:18 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.03.12 11:30:18 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.12 11:30:18 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.03.12 11:30:18 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.03.12 11:30:18 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.05.23 21:52:49 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Veoh Browser Plug-in) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Programme\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll (Veoh Networks Inc)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-2264717200-4286914280-695082641-1008..\Run: [RocketDock] C:\Programme\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2264717200-4286914280-695082641-1008\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2264717200-4286914280-695082641-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-2264717200-4286914280-695082641-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-2264717200-4286914280-695082641-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Programme\ICQ6.5\ICQ.exe (ICQ, LLC.)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://fpdownload.macromedia.com/get/shockwave/cabs/authorware/awswaxd.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160402350437 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161001832152 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_13-windows-i586.cab (Java Plug-in 1.5.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.29 13:36:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2006.09.29 15:18:05 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software GmbH)
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "TVESched"
MsConfig - Services: "TVECapSvc"
MsConfig - Services: "Lavasoft Ad-Aware Service"
MsConfig - Services: "KLBLMain"
MsConfig - Services: "ehSched"
MsConfig - Services: "ehRecvr"
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1BC46932-21B2-4130-86E0-B4EB4F7A7A7B} - Microsoft .NET Framework 1.0 Hotfix (KB887998)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.1.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.1.4
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {B508B3F1-A24A-32C0-B310-85786919EF28} - .NET Framework
ActiveX: {BDE0FA43-6952-4BA8-8C58-09AF690F88E1} - Microsoft .NET Framework 1.0 Hotfix (KB930494)
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
ActiveX: Microsoft Base Smart Card Crypto Provider Package -

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.siren - C:\WINDOWS\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Programme\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MP42 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MP43 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: VIDC.MPG4 - C:\WINDOWS\System32\mpg4c32.dll (Microsoft Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902109354000384)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2011.05.14 16:59:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\VDLL.DLL
[2011.05.14 16:59:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\runouce.exe
[2011.05.14 16:59:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\RUNDL132.EXE
[2011.05.14 16:59:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo_1.exe
[2011.05.14 16:54:54 | 000,632,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2011.05.14 16:54:53 | 000,554,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2011.05.14 16:54:52 | 000,034,048 | ---- | C] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2011.05.14 16:54:50 | 000,153,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\R.COM
[2011.05.14 16:54:50 | 000,140,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\T.COM
[2011.05.14 16:54:48 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MicroWorld
[2011.05.14 16:54:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MicroWorld
[2011.05.14 16:50:08 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2011.05.13 11:57:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Microsoft
[2011.05.12 21:07:38 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Designer
[2010.05.24 11:59:59 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Recent
[2010.05.24 11:51:42 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.05.23 21:53:01 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010.05.23 21:38:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010.05.23 19:57:58 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010.05.23 19:56:17 | 000,000,000 | ---D | C] -- C:\Test
[2010.05.23 19:56:11 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010.05.22 23:36:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.05.22 23:36:44 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.05.22 09:28:29 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.22 09:28:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.22 09:28:29 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.22 09:28:29 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.22 08:57:31 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2010.05.22 08:57:26 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2010.05.22 08:57:26 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2010.05.22 08:57:16 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\xing shared
[2010.05.22 08:56:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real
[2010.05.21 21:06:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\gothic3
[2010.05.21 18:33:13 | 000,000,000 | ---D | C] -- C:\Programme\Winamp Detect
[2010.05.21 18:23:51 | 000,000,000 | ---D | C] -- C:\Programme\StartUpManager
[2010.05.21 00:00:16 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010.05.20 23:59:40 | 000,000,000 | ---D | C] -- C:\Programme\Panda Security
[2010.05.20 21:33:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\SUPERAntiSpyware.com
[2010.05.20 21:33:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SUPERAntiSpyware.com
[2010.05.19 22:47:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010.05.19 22:47:12 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010.05.19 22:47:12 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010.05.19 20:31:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sunbelt
[2010.05.19 00:05:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\rundll16.exe
[2010.05.19 00:05:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\logo1_.exe
[2010.05.18 18:04:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Malwarebytes
[2010.05.18 18:02:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.05.18 18:02:25 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.05.16 23:54:48 | 000,019,024 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.05.16 23:54:47 | 000,164,048 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.05.16 23:54:47 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.05.16 23:54:47 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.05.16 23:54:45 | 000,100,432 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.05.16 23:54:45 | 000,094,800 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.05.16 23:54:45 | 000,028,880 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.05.16 23:54:36 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.05.16 23:54:36 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010.05.16 23:54:32 | 000,000,000 | ---D | C] -- C:\Programme\Alwil Software
[2010.05.16 23:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2010.05.16 18:15:14 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010.05.15 13:19:47 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.05.15 13:12:33 | 000,000,000 | ---D | C] -- C:\Programme\JRE
[2010.05.15 13:11:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010.05.11 23:00:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Media Player Classic
[2010.05.11 22:59:48 | 000,000,000 | ---D | C] -- C:\Programme\Combined Community Codec Pack
[2010.05.11 22:44:31 | 000,000,000 | ---D | C] -- C:\Programme\LD-Anime
[2010.04.28 20:41:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TVU Networks
[2010.04.27 10:51:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2010.04.25 20:23:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\Broken Sword - The Angel of Death
[2009.05.14 21:38:04 | 000,155,648 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll
[2009.05.14 21:38:04 | 000,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2009.05.14 21:38:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[2009.05.14 21:38:04 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\csnpstd3.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2011.05.14 16:54:53 | 000,632,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcr80.dll
[2011.05.14 16:54:52 | 000,554,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msvcp80.dll
[2011.05.14 16:54:51 | 000,034,048 | ---- | M] (MicroWorld Technologies Inc.) -- C:\WINDOWS\System32\eEmpty.exe
[2011.05.12 21:08:32 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010.05.24 14:30:28 | 000,195,535 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010.05.24 14:30:23 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2264717200-4286914280-695082641-1008.job
[2010.05.24 14:30:21 | 000,000,506 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2010.05.24 14:30:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.05.24 14:29:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.05.24 14:28:42 | 014,942,208 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\ntuser.dat
[2010.05.24 14:28:42 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\ntuser.ini
[2010.05.24 12:04:03 | 000,000,316 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\cc_20100524_120355.reg
[2010.05.24 12:03:18 | 000,044,362 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\cc_20100524_120305.reg
[2010.05.24 11:51:44 | 000,001,516 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\CCleaner.lnk
[2010.05.23 21:53:08 | 000,000,304 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.05.23 21:52:49 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010.05.23 21:02:28 | 003,693,967 | R--- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\Test.exe
[2010.05.23 19:58:04 | 000,000,456 | RHS- | M] () -- C:\boot.ini
[2010.05.23 19:43:14 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\defogger_reenable
[2010.05.22 23:36:48 | 000,000,680 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.22 09:28:16 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.05.22 09:28:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.05.22 09:28:16 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.05.22 09:28:16 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010.05.22 09:28:15 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010.05.22 09:26:26 | 000,000,025 | ---- | M] () -- C:\WINDOWS\cdplayer.ini
[2010.05.22 08:58:21 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2264717200-4286914280-695082641-1008.job
[2010.05.22 08:57:31 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\rmoc3260.dll
[2010.05.22 08:57:26 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5016.dll
[2010.05.22 08:57:26 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\WINDOWS\System32\pndx5032.dll
[2010.05.22 08:56:57 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\WINDOWS\System32\pncrt.dll
[2010.05.21 20:39:51 | 015,204,352 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\ntuser.dat_BAK_27175
[2010.05.21 20:17:18 | 000,000,817 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.05.21 20:17:18 | 000,000,385 | ---- | M] () -- C:\Boot.bak
[2010.05.21 01:00:00 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\SBRC.dat
[2010.05.20 21:52:39 | 000,043,520 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.05.20 08:01:26 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.05.19 00:05:35 | 000,000,054 | ---- | M] () -- C:\WINDOWS\Lic.xxx
[2010.05.16 23:54:46 | 000,003,002 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2010.05.16 18:11:55 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Wininit.ini
[2010.05.15 20:01:03 | 000,096,760 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010.05.15 19:56:34 | 000,000,188 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\pinfect.zip
[2010.05.15 13:39:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.05.15 13:39:04 | 000,362,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.05.12 13:21:30 | 000,001,594 | ---- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\Mozilla Firefox.lnk
[2010.05.06 22:59:57 | 000,038,848 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\avastSS.scr
[2010.05.06 22:59:36 | 000,165,032 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe
[2010.05.06 22:39:23 | 000,046,672 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2010.05.06 22:39:00 | 000,164,048 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2010.05.06 22:34:27 | 000,023,376 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2010.05.06 22:33:59 | 000,100,432 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2010.05.06 22:33:55 | 000,094,800 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2010.05.06 22:33:47 | 000,019,024 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2010.05.06 22:33:29 | 000,028,880 | ---- | M] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010.04.25 20:22:55 | 000,098,304 | ---- | M] (Sony DADC Austria AG.) -- C:\WINDOWS\System32\CmdLineExt.dll
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2011.05.14 19:02:15 | 000,000,188 | ---- | C] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\pinfect.zip
[2011.05.14 16:55:32 | 000,000,054 | ---- | C] () -- C:\WINDOWS\Lic.xxx
[2011.05.14 16:54:52 | 000,000,522 | ---- | C] () -- C:\WINDOWS\System32\Microsoft.VC80.CRT.manifest
[2010.05.24 12:03:57 | 000,000,316 | ---- | C] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\cc_20100524_120355.reg
[2010.05.24 12:03:10 | 000,044,362 | ---- | C] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\cc_20100524_120305.reg
[2010.05.24 11:51:44 | 000,001,516 | ---- | C] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\CCleaner.lnk
[2010.05.23 19:58:04 | 000,000,385 | ---- | C] () -- C:\Boot.bak
[2010.05.23 19:58:01 | 000,262,448 | ---- | C] () -- C:\cmldr
[2010.05.23 19:53:50 | 003,693,967 | R--- | C] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\Test.exe
[2010.05.23 19:43:00 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\defogger_reenable
[2010.05.22 23:36:48 | 000,000,680 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.22 09:26:26 | 000,000,025 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.05.22 08:57:41 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2264717200-4286914280-695082641-1008.job
[2010.05.22 08:57:40 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2264717200-4286914280-695082641-1008.job
[2010.05.21 20:39:26 | 000,000,000 | -H-- | C] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\ntuser.dat_TU_27175.LOG
[2010.05.21 01:00:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\SBRC.dat
[2010.05.19 22:47:13 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010.05.19 22:47:12 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010.05.19 22:47:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010.05.19 22:47:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010.05.19 22:47:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010.03.15 22:46:29 | 000,000,274 | ---- | C] () -- C:\WINDOWS\Wininit.ini
[2010.02.16 21:50:49 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2010.02.16 21:50:49 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009.12.31 15:00:55 | 000,001,124 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009.12.31 15:00:51 | 000,000,205 | ---- | C] () -- C:\WINDOWS\disneysy.ini
[2009.05.14 21:38:08 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2008.05.27 08:36:15 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008.05.22 23:17:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008.05.16 14:01:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008.05.16 14:01:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008.05.16 14:01:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008.05.16 14:01:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008.05.16 14:01:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2008.03.29 17:02:38 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007.11.25 12:08:38 | 000,000,029 | ---- | C] () -- C:\WINDOWS\Battle.ini
[2007.11.14 04:01:24 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007.11.06 14:23:37 | 000,000,035 | ---- | C] () -- C:\WINDOWS\A4W.INI
[2007.10.13 00:20:06 | 000,151,417 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.09.10 20:24:55 | 000,000,257 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2007.09.10 20:23:46 | 000,000,487 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2007.09.06 23:19:09 | 000,000,036 | ---- | C] () -- C:\WINDOWS\xbins_options.ini
[2007.08.13 02:42:14 | 000,000,873 | ---- | C] () -- C:\WINDOWS\uninst.ini
[2007.08.09 20:11:35 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2007.06.28 11:07:24 | 000,000,548 | ---- | C] () -- C:\WINDOWS\3gptoavi3.INI
[2007.06.26 23:40:53 | 001,483,776 | ---- | C] () -- C:\WINDOWS\Mgxrdr32.dll
[2007.06.26 23:40:50 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2007.06.26 23:40:50 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2007.06.26 23:40:48 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2007.06.26 23:40:34 | 000,082,944 | ---- | C] () -- C:\WINDOWS\System32\Ppiv20.dll
[2007.06.04 14:12:37 | 000,000,629 | ---- | C] () -- C:\WINDOWS\CleaningLab.INI
[2007.05.07 16:27:11 | 000,000,086 | ---- | C] () -- C:\WINDOWS\CLEANI~1.INI
[2007.02.06 02:51:51 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2006.10.25 11:34:37 | 000,000,119 | ---- | C] () -- C:\WINDOWS\magix.ini
[2006.10.23 12:55:25 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2006.10.23 11:14:12 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\CoInstaller7x.dll
[2006.10.23 11:13:03 | 000,295,018 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2006.10.17 12:28:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2006.10.17 12:19:47 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2006.10.17 12:19:46 | 000,001,208 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2006.10.16 13:39:55 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006.10.10 17:08:56 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\vuins32.dll
[2006.10.09 14:01:38 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006.10.09 13:55:55 | 000,004,704 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2006.10.09 13:55:55 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\EC23ACB85A.sys
[2006.10.09 12:42:57 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2006.09.29 14:24:49 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006.09.29 14:05:58 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006.09.29 13:11:58 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006.09.28 15:55:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PhysXLoader.dll
[2006.09.26 15:01:40 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2006.09.20 08:34:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Buhl.ini
[2006.09.08 10:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2006.09.08 10:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2006.09.08 10:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2006.09.08 10:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2006.09.08 10:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2006.09.08 10:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2006.09.08 10:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2006.09.08 10:01:50 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2005.08.16 13:48:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\OrdMen.dll
[2005.08.16 13:48:00 | 000,070,144 | ---- | C] () -- C:\WINDOWS\System32\ENCODE32.DLL
[2005.08.16 13:48:00 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\TAL12832.DLL
[2005.08.16 13:48:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\TALDM32A.dll
[2005.08.16 13:48:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\TALDM32.DLL
[2005.08.16 13:47:52 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\SBSPAIN3.DLL
[2005.08.16 13:47:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SBSPAIN2.DLL
[2005.08.16 13:47:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SBSPAINT.DLL
[2005.08.05 14:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.07.01 13:14:48 | 000,000,966 | ---- | C] () -- C:\WINDOWS\System32\Generic.ini
[2005.07.01 10:38:06 | 000,000,232 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP3.ini
[2005.07.01 10:37:46 | 000,000,233 | ---- | C] () -- C:\WINDOWS\SwapDrvrSP2.ini
[2004.12.14 13:04:48 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004.12.14 13:02:49 | 001,175,552 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004.09.28 23:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2001.07.07 04:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI

[color=#E56717]========== LOP Check ==========[/color]

[2007.07.23 10:29:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Bookmarks
[2006.12.01 05:53:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\BullGuard
[2009.02.02 18:15:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Crayon Physics Deluxe
[2007.06.26 23:34:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\DataDesign
[2009.12.31 16:08:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Disney Interactive Studios
[2007.09.10 19:51:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\FlashFXP
[2006.12.08 22:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\funkitron
[2009.04.21 20:46:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\ICQ
[2006.12.02 02:17:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\ICQLite
[2009.08.18 21:03:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Image Zone Express
[2010.02.26 21:24:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\LucasArts
[2007.11.16 16:09:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\MAGIX
[2009.01.28 23:31:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\OpenOffice.org
[2008.12.16 22:03:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Paltalk
[2008.01.31 03:09:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Propellerhead Software
[2006.10.23 12:56:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Sonavis
[2008.07.19 19:47:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Teleca
[2007.06.21 13:10:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\TuneUp Software
[2007.03.24 16:28:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\TVcentral-Core
[2009.11.20 20:46:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Ubisoft
[2010.02.28 11:36:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Uniblue
[2007.08.08 12:47:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\uTorrent
[2007.03.24 20:03:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\VMedia
[2006.10.23 15:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\BullGuard
[2006.10.23 12:56:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sonavis
[2010.05.16 23:54:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2006.10.16 13:07:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fun communications
[2006.10.28 21:22:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gnab
[2010.03.29 09:58:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KONAMI
[2008.07.12 03:02:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier
[2011.05.14 16:54:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MicroWorld
[2008.01.31 03:09:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Propellerhead Software
[2009.08.26 21:13:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2007.02.19 18:55:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2009.11.20 18:28:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2006.10.23 12:38:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\X10 Settings
[2010.05.21 20:27:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2006.10.23 15:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\BullGuard
[2006.10.23 12:56:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\Sonavis
[2006.10.23 12:38:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\X10 Commander
[2010.05.24 14:30:21 | 000,000,506 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job

[color=#E56717]========== Purity Check ==========[/color]

[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2006.12.11 21:34:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Ubisoft

[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]

[color=#A23BEC]< %APPDATA%\*. >[/color]
[2007.02.20 22:14:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Adobe
[2007.09.13 00:06:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\AdobeUM
[2007.06.08 19:04:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Ahead
[2009.05.14 23:22:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\ArcSoft
[2007.07.23 10:29:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Bookmarks
[2006.12.01 05:53:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\BullGuard
[2009.02.02 18:15:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Crayon Physics Deluxe
[2008.05.02 21:39:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\CyberLink
[2007.06.26 23:34:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\DataDesign
[2009.12.31 16:08:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Disney Interactive Studios
[2007.03.01 19:59:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\DivX
[2010.05.12 10:50:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\dvdcss
[2007.09.10 19:51:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\FlashFXP
[2006.12.08 22:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\funkitron
[2007.10.18 19:23:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Google
[2006.10.23 14:39:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Help
[2008.05.27 08:36:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\HP
[2009.04.21 20:46:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\ICQ
[2006.12.02 02:17:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\ICQLite
[2006.09.29 13:48:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Identities
[2009.08.18 21:03:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Image Zone Express
[2007.10.10 15:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\InstallShield
[2010.02.26 21:24:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\LucasArts
[2006.10.16 16:42:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Macromedia
[2007.11.16 16:09:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\MAGIX
[2010.05.18 18:04:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Malwarebytes
[2010.05.11 23:00:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Media Player Classic
[2010.05.10 20:23:37 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Microsoft
[2008.12.13 00:09:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Mozilla
[2007.06.23 11:56:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\MySpace
[2008.03.27 04:10:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Nero
[2007.05.04 13:04:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\NeroDCTemplates
[2009.01.28 23:31:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\OpenOffice.org
[2008.12.16 22:03:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Paltalk
[2008.01.31 03:09:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Propellerhead Software
[2010.05.22 08:58:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Real
[2006.12.11 20:58:49 | 000,000,000 | RH-D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\SecuROM
[2010.05.12 10:23:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Skype
[2010.05.12 08:08:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\skypePM
[2006.10.23 12:56:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Sonavis
[2008.07.17 03:58:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Sony Ericsson
[2006.10.09 11:21:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Sun
[2010.05.20 21:33:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\SUPERAntiSpyware.com
[2008.07.19 19:47:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Teleca
[2007.06.21 13:10:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\TuneUp Software
[2007.03.24 16:28:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\TVcentral-Core
[2010.04.28 20:41:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\TVU networks
[2009.11.20 20:46:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Ubisoft
[2010.02.28 11:36:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Uniblue
[2007.08.08 12:47:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\uTorrent
[2006.11.29 18:12:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\vlc
[2007.03.24 20:03:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\VMedia
[2009.09.06 19:27:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\WinRAR

[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2007.09.12 18:48:23 | 023,813,608 | ---- | M] ( ) -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Adobe\Acrobat\7.0\Updater\AdbeRdr709_de_DE.exe
[2006.10.16 16:43:16 | 000,839,680 | ---- | M] (Macromedia, Inc.) -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Macromedia\Authorware Web Player\NP32ASW\webplr08\webplr.exe
[2006.12.11 20:33:38 | 000,010,134 | R--- | M] () -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2010.01.25 11:02:20 | 000,029,344 | ---- | M] (NOS Microsystems Ltd.) -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\Mozilla\Firefox\Profiles\9odyv07b.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
[2007.06.23 11:53:32 | 003,461,216 | ---- | M] (MySpace Inc.) -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\MySpace\IM\Install\MSIMClientSetup.1.0.697.0-static-de.exe
[2010.04.28 20:42:18 | 005,514,304 | ---- | M] (TVU networks) -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\TVU networks\AutoUpgrade\TVUPlayer2.5.2.2.exe
[2009.12.08 22:25:43 | 005,562,672 | ---- | M] (TVU networks) -- C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\TVU networks\TVU AutoUpgrade\TVUPlayer2.4.9.1.exe

[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]

[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2006.03.24 14:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.10.22 04:42:15 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2006.03.24 14:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2008.10.22 04:42:15 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys

[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2006.03.24 14:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.10.22 04:42:15 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2006.03.24 14:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2008.10.22 04:42:15 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006.03.24 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2006.03.24 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[color=#A23BEC]< MD5 for: IASTOR.SYS >[/color]
[2006.07.06 06:59:42 | 000,246,784 | ---- | M] (Intel Corporation) MD5=019CF5F31C67030841233C545A0E217A -- C:\WINDOWS\I386\IASTOR.SYS

[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2006.03.24 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

[color=#A23BEC]< MD5 for: NVATABUS.SYS >[/color]
[2005.01.20 09:45:30 | 000,088,960 | ---- | M] (NVIDIA Corporation) MD5=A1F88223528AADBB6374132BECBBDCC1 -- C:\WINDOWS\I386\NVATABUS.SYS

[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2006.03.24 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2006.03.24 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

[color=#A23BEC]< MD5 for: VAXSCSI.SYS >[/color]
[2006.12.11 19:36:55 | 000,223,128 | ---- | M] (Alcohol Soft Co., Ltd.) MD5=92CEBC2BC7BE2C8D49391B365569F306 -- C:\WINDOWS\system32\drivers\vaxscsi.sys

[color=#A23BEC]< MD5 for: VIAMRAID.SYS >[/color]
[2006.03.31 02:18:30 | 000,100,992 | ---- | M] (VIA Technologies inc,.ltd) MD5=9F3F276C7300ED211129757A411B605F -- C:\WINDOWS\I386\VIAMRAID.SYS

[color=#A23BEC]< MD5 for: WS2IFSL.SYS >[/color]
[2006.03.24 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2006.03.24 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]

[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2006.09.29 15:22:35 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2006.09.29 15:22:35 | 000,663,552 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2006.09.29 15:22:34 | 000,462,848 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 68 bytes -> C:\WINDOWS\WindowsUpdate.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wups2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wups.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wupdmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wstrenderer.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wstpager.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmvdmoe.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmv8dmoe.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmv8dmod.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VBICodec.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole32.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sol.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\softpub.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shell.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psisrndr.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psisdecd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oleaccrc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.bin:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mssign32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msnp.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mpg2splt.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mp4sds32.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mdimon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\main.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icmui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsroute.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsclntR.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\freecell.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drmclien.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\x10ufx2.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfvfs02.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfsync04.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfhlp02.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfdrv01.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\secdrv.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\RtkHDAud.Sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rt73.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Drivers\PxHelp20.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\pciide.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\ftdisk.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ElbyDelay.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\AnyDVD.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acelpdec.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acctres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\aaaamon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\34CoInstaller.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\12520850.cpx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\12520437.cpx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$ncsp$.inf:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\CyberLink\Shared Files\RichVideo.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Startmenü\Programme\Autostart\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\wiaservc.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshde.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdtrace.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdmtpdr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowexec.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\WgaLogon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vss_ps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VSFLEX3.OCX:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vfpodbc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VEN2232.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEND32.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEN32.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBADE32.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsd32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\traffic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\REX Shared Library.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ReWire.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RDOCURS.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pxafs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\PSIKey.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pintool.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oeminfo.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxmlr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml4r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvidctl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp71.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp61.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvbvm50.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSSTKPRP.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msstdfmt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSRDO20.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSPRPDE.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msidntld.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscomctl.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MRT.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpg4c32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc42loc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC42DEU.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapisvc.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lmpgvd.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lights.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_intl.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\krnl386.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keyboard.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kdcom.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jsde.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifxcardm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifsutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hticons.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gdi.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxssend.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fmifs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\encdec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ElbyCDIO.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ega.cpi:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\x10hid.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Drivers\vaxscsi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\TVICHW32.SYS:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ssmdrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rt73.bin:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mhndrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\gm.dls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fetnd5bv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fetnd5.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.msn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.20100516-181304.backup:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.20100329-102240.backup:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.20070306-143951.backup:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ElbyCDIO.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cdralw2k.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\AegisP.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\3xHybrid.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpwsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpv10.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpus10.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dosx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmocx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmintf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dfrgres.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\devmgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\country.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CONFIG.NT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\commdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\command.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comcat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\charmap.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\calc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_850.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1252.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1250.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bcsprsrc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\basecsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\axaltocm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\AUTOEXEC.NT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMSYSTEM.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\RtlUpd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\opuc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBC.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\NeroDigital.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\kb913800.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\$NtServicePackUninstall$\userinit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\ScanSectorLog.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\rollback.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\Meine freigegebenen Ordner.lnk:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\MSDvbNP.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mpeg2data.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mfc42u.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\iprop.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\avicap32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\Mozilla Firefox.lnk:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\Dokumente und Einstellungen\All Users\Dokumente\desktop.ini:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\desktopzugang.lnk:KAVICHS
< End of report >
__________
"Würde man immer warten,bis man etwas perfekt kann, brächte man nie etwas zustande."

24.05.2010, 14:44

Robi

Member

Themenstarter

Beiträge: 56

#18 Extras.txt
-------------

OTL Extras logfile created on: 24.05.2010 14:35:16 - Run 1
OTL by OldTimer - Version 3.2.5.0 Folder = C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

1.022,00 Mb Total Physical Memory | 664,00 Mb Available Physical Memory | 65,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 91,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 278,55 Gb Total Space | 179,31 Gb Free Space | 64,37% Space Free | Partition Type: NTFS
Drive D: | 19,52 Gb Total Space | 10,03 Gb Free Space | 51,38% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
Drive G: | 931,51 Gb Total Space | 599,94 Gb Free Space | 64,41% Space Free | Partition Type: NTFS
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HIM
Current User Name: ''SeRa-SuN''
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

[color=#E56717]========== Extra Registry (SafeList) ==========[/color]

[color=#E56717]========== File Associations ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_USERS\S-1-5-21-2264717200-4286914280-695082641-1008\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[color=#E56717]========== Shell Spawning ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[color=#E56717]========== Security Center Settings ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst

[color=#E56717]========== Authorized Applications List ==========[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\FlashFXP\FlashFXP.exe" = C:\Programme\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- File not found
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\ICQ6.5\ICQ.exe" = C:\Programme\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Programme\Windows Live\Messenger\wlcsdk.exe" = C:\Programme\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Spiele\Assassin's Creed\AssassinsCreed_Dx9.exe" = C:\Spiele\Assassin's Creed\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9 -- (Ubisoft)
"C:\Spiele\Assassin's Creed\AssassinsCreed_Dx10.exe" = C:\Spiele\Assassin's Creed\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10 -- (Ubisoft)
"C:\Spiele\Assassin's Creed\AssassinsCreed_Launcher.exe" = C:\Spiele\Assassin's Creed\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update -- (Ubisoft)
"C:\Spiele\Pro Evo 2010\pes2010.exe" = C:\Spiele\Pro Evo 2010\pes2010.exe:*:Enabled

ro Evolution Soccer 2010 -- (Konami Digital Entertainment Co., Ltd.)

[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01CBFCE7-95AD-40F3-BC63-C46EFB2FC9C4}" = Pirates of the Caribbean - At Worlds End
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{192A107E-C6B9-41B9-BDBF-38E3AA226054}" = OpenOffice.org 3.2
"{1F0D5576-C383-4E5E-9906-0B47BECBB8B6}" = Hama Webcam Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{247A11CA-F5CE-4DD6-85E2-64850E64E064}" = USB2.0 CARD READER
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1
"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{3248F0A8-6813-11D6-A77B-00B0D0150130}" = J2SE Runtime Environment 5.0 Update 13
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5888428E-699C-4E71-BF71-94EE06B497DA}" = TuneUp Utilities 2008
"{5B8072B3-A576-4C0B-99BC-FAA7145A1031}" = Nero 7 Essentials
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{7104189A-C592-4A56-AC9E-7C0CA135DA3C}" = AGEIA PhysX v6.10.25
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}" = Windows Live Anmelde-Assistent
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89661B04-C646-4412-B6D3-5E19F02F1F37}" = EAX4 Unified Redist
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster FFB Driver
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98A64C75-BFD6-4212-8746-8BADC7ABA79E}" = Virtual CD v9
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A82000000003}" = Adobe Reader 8.2.2 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C359507C-30B1-48A6-BD9B-C7B1CC3B06D7}" = SweetIM for Messenger 2.6
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1B01DC9-CBAF-45F9-A387-7D00C11B630E}" = Microsoft Games for Windows - LIVE Redistributable
"{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}" = PowerCinema Linux 5.0
"{DA2B455A-B0BE-4C5A-B73A-0615F37C81D5}" = Beowulf TM
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Ralink Wireless LAN-Karte
"{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = Hama Webcam AC-150
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F41C11EC-7C13-47A7-A07C-251D96EC3879}" = Baphomets Fluch - Der Engel des Todes
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AnyDVD" = AnyDVD
"avast5" = avast! Free Antivirus
"AviSynth" = AviSynth 2.5
"CCleaner" = CCleaner
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"EAX Unified" = EAX Unified
"EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v4.60
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{0405E51E-9582-4207-8F38-AC44201D3808}" = VeohTV BETA
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"JDownloader" = JDownloader
"KinderGarten" = KinderGarten
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Micrografx Picture Publisher 7" = Micrografx Picture Publisher 7
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MKV Minimum Set (LD-Anime) - MatroskaSplitter & VSFilter_is1" = Matroska Pack - Lazy Man's MKV 0.9.9
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"RealPlayer 12.0" = RealPlayer
"Reason4_is1" = Reason 4.0
"RocketDock_is1" = RocketDock 1.3.5
"Shop for HP Supplies" = Shop for HP Supplies
"SopCast" = SopCast 3.0.3
"SystemRequirementsLab" = System Requirements Lab
"TV Player" = Veetle TV Player 0.9.14
"TVUPlayer" = TVUPlayer 2.4.9.1
"VLC media player" = VideoLAN VLC media player 0.8.4a
"VN_VUIns_Rhine_VIA" = VIA Rhine-Family Fast Ethernet Adapter
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"X10Hardware" = X10 Hardware(TM)
"XviD" = XviD MPEG-4 Codec
"YDKJG" = YOU DON'T KNOW JACK®

[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]

[HKEY_USERS\S-1-5-21-2264717200-4286914280-695082641-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Anwendungserkennung

[color=#E56717]========== Last 10 Event Log Errors ==========[/color]

[ Application Events ]
Error - 23.05.2010 00:02:47 | Computer Name = HIM | Source = ESENT | ID = 455
Description = wuaueng.dll (3772) SUS20ClientDataStore: Fehler -1032 (0xfffffbf8)
beim Öffnen von Protokolldatei C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error - 23.05.2010 00:02:57 | Computer Name = HIM | Source = ESENT | ID = 489
Description = wuauclt (3772) Versuch, Datei "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log"
für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess
kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet
wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error - 23.05.2010 00:02:57 | Computer Name = HIM | Source = ESENT | ID = 455
Description = wuaueng.dll (3772) SUS20ClientDataStore: Fehler -1032 (0xfffffbf8)
beim Öffnen von Protokolldatei C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.

Error - 23.05.2010 03:28:05 | Computer Name = HIM | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung HJT.exe, Version 2.0.0.4, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error - 23.05.2010 15:53:03 | Computer Name = HIM | Source = Virtual CD v9 Management Service | ID = 2
Description = OpenFileMapping _VCD_V9_MemSection_ failed, 2

Error - 23.05.2010 15:53:03 | Computer Name = HIM | Source = Virtual CD v9 Management Service | ID = 2
Description = Could not set scsi security, ErrCode: 2

Error - 24.05.2010 06:06:31 | Computer Name = HIM | Source = Virtual CD v9 Management Service | ID = 2
Description = OpenFileMapping _VCD_V9_MemSection_ failed, 2

Error - 24.05.2010 06:06:31 | Computer Name = HIM | Source = Virtual CD v9 Management Service | ID = 2
Description = Could not set scsi security, ErrCode: 2

Error - 24.05.2010 08:30:24 | Computer Name = HIM | Source = Virtual CD v9 Management Service | ID = 2
Description = OpenFileMapping _VCD_V9_MemSection_ failed, 2

Error - 24.05.2010 08:30:24 | Computer Name = HIM | Source = Virtual CD v9 Management Service | ID = 2
Description = Could not set scsi security, ErrCode: 2

[ System Events ]
Error - 24.05.2010 08:23:42 | Computer Name = HIM | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DNS-Client" ist vom Dienst "TCP/IP-Protokolltreiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31

Error - 24.05.2010 08:23:42 | Computer Name = HIM | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31

Error - 24.05.2010 08:23:42 | Computer Name = HIM | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Media Center Extender Service" ist vom Dienst "SSDP Discovery
Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058

Error - 24.05.2010 08:23:42 | Computer Name = HIM | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31

Error - 24.05.2010 08:23:42 | Computer Name = HIM | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Aavmker4 AFD aswSP aswTdi ElbyCDIO Fips intelppm IPSec MRxSmb NetBIOS NetBT pavboot RasAcd Rdbss
SASDIFSV
SASKUTIL
ssmdrv
Tcpip

Error - 24.05.2010 08:25:34 | Computer Name = HIM | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error - 24.05.2010 08:28:41 | Computer Name = HIM | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}

Error - 24.05.2010 08:30:36 | Computer Name = HIM | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Media Center Extender Service" ist vom Dienst "SSDP Discovery
Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058

Error - 24.05.2010 08:30:36 | Computer Name = HIM | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst
"Universeller Plug & Play-Gerätehost" abhängig, der aufgrund folgenden Fehlers
nicht gestartet wurde: %%1058

Error - 24.05.2010 08:30:36 | Computer Name = HIM | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
SASDIFSV SASKUTIL

< End of report >
__________
"Würde man immer warten,bis man etwas perfekt kann, brächte man nie etwas zustande."

24.05.2010, 15:25

virenfinder

Member

Beiträge: 3716

#19 Fixen mit OTL

• Starte bitte die OTL.exe.
Vista-User mit Rechtsklick "als Administrator starten"
• Kopiere nun das Folgende in die Textbox.

:OTL
SRV - (KLBLMain) -- File not found
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\WindowsUpdate.log:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wups2.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wups.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wupdmgr.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wstrenderer.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wstpager.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmvdmoe.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmv8dmoe.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\wmv8dmod.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\winmine.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\VBICodec.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\stdole32.tlb:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sound.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\sol.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\softpub.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\shell.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\riched32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psisrndr.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\psisdecd.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\olesvr32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oleaccrc.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\oembios.bin:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msxml3r.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mssign32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msnp.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mshearts.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\msacm32.drv:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mpg2splt.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mp4sds32.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mdimon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\mapi32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\main.cpl:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\kbdgr.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\ir32_32.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\icmui.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsroute.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\fxsclntR.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\freecell.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drmclien.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\x10ufx2.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfvfs02.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfsync04.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfhlp02.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\sfdrv01.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\secdrv.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\RtkHDAud.Sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\rt73.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\Drivers\PxHelp20.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\pciide.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\system32\DRIVERS\ftdisk.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\ElbyDelay.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\drivers\AnyDVD.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\c_1253.nls:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\bootvid.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acelpdec.ax:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\acctres.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\aaaamon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\34CoInstaller.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\12520850.cpx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\12520437.cpx:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$winnt$.inf:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\System32\$ncsp$.inf:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\scecli.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\WINDOWS\$NtServicePackUninstall$\atapi.sys:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Programme\CyberLink\Shared Files\RichVideo.exe:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Startmenü\Programme\Autostart\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini:KAVICHS
@Alternate Data Stream - 68 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\wiaservc.log:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wshde.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdtrace.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpdmtpdr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wpa.dbl:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wowexec.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\WgaLogon.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\wfwnet.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vss_ps.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VSFLEX3.OCX:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vga.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\vfpodbc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VEN2232.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEND32.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBAEN32.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\VBADE32.OLB:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\utildll.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\user.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\unicode.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tssoft32.acm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\tsd32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\traffic.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\timer.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\system.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sortkey.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sndvol32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\sbe.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\rsvp.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\REX Shared Library.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ReWire.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\RDOCURS.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pxafs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\PSIKey.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\pintool.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\OEMLOGO.BMP:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oeminfo.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.sig:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\oembios.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntio.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ntdos.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netmsg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\netevent.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mycomput.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxmlr.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msxml4r.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvidctl.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp71.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvcp61.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msvbvm50.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSSTKPRP.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msstdfmt.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSRDO20.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MSPRPDE.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msidntld.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msgsm32.acm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg723.acm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\msg711.acm:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mscomctl.ocx:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MRT.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mpg4c32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mouse.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmsystem.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mmdrv.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mfc42loc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\MFC42DEU.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\mapisvc.inf:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lz32.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lmpgvd.ax:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\lights.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\l_intl.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\krnl386.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keyboard.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\keyboard.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kdcom.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\kbdus.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\jsde.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifxcardm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ifsutil.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\hticons.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\gdi.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fxssend.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\fmifs.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\encdec.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ElbyCDIO.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ega.cpi:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drwtsn32.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\x10hid.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\Drivers\vaxscsi.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\TVICHW32.SYS:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ssmdrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rt73.bin:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\null.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\mhndrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\gm.dls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fetnd5bv.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\fetnd5.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.msn:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.20100516-181304.backup:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.20100329-102240.backup:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\etc\hosts.20070306-143951.backup:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\ElbyCDIO.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cdralw2k.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\beep.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\AegisP.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\drivers\3xHybrid.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpwsock.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpv10.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dpus10.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dosx.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmocx.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dmintf.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\dfrgres.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\devmgmt.msc:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\ctype.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\country.sys:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\CONFIG.NT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\commdlg.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\command.com:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comm.drv:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\comcat.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\charmap.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\calc.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_850.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1252.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1251.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\c_1250.nls:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\bcsprsrc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\basecsp.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\axaltocm.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System32\AUTOEXEC.NT:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\System\MMSYSTEM.DLL:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\RtlUpd.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\opuc.dll:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\ODBC.INI:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\NeroDigital.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\kb913800.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\bootstat.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\WINDOWS\$NtServicePackUninstall$\userinit.exe:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\ScanSectorLog.dat:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\rollback.ini:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE:KAVICHS
@Alternate Data Stream - 36 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\Meine freigegebenen Ordner.lnk:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\olethk32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\oleacc.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\MSDvbNP.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mpeg2data.ax:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\mfc42u.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\iprop.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\WINDOWS\System32\avicap32.dll:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\Mozilla Firefox.lnk:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\Dokumente und Einstellungen\All Users\Dokumente\desktop.ini:KAVICHS
@Alternate Data Stream - 100 bytes -> C:\desktopzugang.lnk:KAVICHS
:files
C:\WINDOWS\R.COM
C:\WINDOWS\System32\T.COM
:Commands
[purity]
[EMPTYFLASH]
[emptytemp]
[start explorer]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Run Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument dieses posten

24.05.2010, 15:45

Robi

Member

Themenstarter

Beiträge: 56

#20 Beim Herunterfahren erneut hängen geblieben!

All processes killed
========== OTL ==========
Service KLBLMain stopped successfully!
Service KLBLMain deleted successfully!
File File not found not found.
ADS C:\WINDOWS\WindowsUpdate.log:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wups2.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wups.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wupdmgr.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wstrenderer.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wstpager.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wmvdmoe.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wmv8dmoe.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wmv8dmod.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\winmine.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\VBICodec.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\stdole32.tlb:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\sound.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\sol.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\softpub.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\shell.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\riched32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\psisrndr.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\psisdecd.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\olesvr32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\oleaccrc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\oembios.bin:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msxml3r.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mssign32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msnp.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mshearts.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msacm32.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mpg2splt.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mp4sds32.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mdimon.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mapi32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\main.cpl:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\kbdgr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ir32_32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\icmui.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\fxsroute.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\fxsclntR.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\freecell.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\FNTCACHE.DAT:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drmclien.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\x10ufx2.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\wmilib.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\sfvfs02.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\sfsync04.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\sfhlp02.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\sfdrv01.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\secdrv.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\RtkHDAud.Sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\rt73.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\Drivers\PxHelp20.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\system32\DRIVERS\pciide.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\system32\DRIVERS\ftdisk.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\ElbyDelay.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\dxapi.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\dmload.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\audstub.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\AnyDVD.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\divxdec_0407.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\c_1253.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\bootvid.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\acelpdec.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\acctres.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\aaaamon.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\34CoInstaller.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\12520850.cpx:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\12520437.cpx:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\$winnt$.inf:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\$ncsp$.inf:KAVICHS deleted successfully.
ADS C:\WINDOWS\$NtServicePackUninstall$\scecli.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\$NtServicePackUninstall$\atapi.sys:KAVICHS deleted successfully.
ADS C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVESched.exe:KAVICHS deleted successfully.
ADS C:\Programme\Home Cinema\TV Enhance\Kernel\TV\TVECapSvc.exe:KAVICHS deleted successfully.
ADS C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe:KAVICHS deleted successfully.
ADS C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe:KAVICHS deleted successfully.
ADS C:\Programme\CyberLink\Shared Files\RichVideo.exe:KAVICHS deleted successfully.
ADS C:\Dokumente und Einstellungen\''SeRa-SuN''\Startmenü\Programme\Autostart\desktop.ini:KAVICHS deleted successfully.
ADS C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\desktop.ini:KAVICHS deleted successfully.
ADS C:\Dokumente und Einstellungen\''SeRa-SuN''\Anwendungsdaten\desktop.ini:KAVICHS deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\desktop.ini:KAVICHS deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\desktop.ini:KAVICHS deleted successfully.
ADS C:\WINDOWS\wiaservc.log:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wshde.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wpdtrace.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wpdmtpdr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wpa.dbl:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wowexec.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\WgaLogon.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\wfwnet.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\vss_ps.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\VSFLEX3.OCX:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\vga.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\vga.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\vfpodbc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\VEN2232.OLB:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\VBAEND32.OLB:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\VBAEN32.OLB:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\VBADE32.OLB:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\utildll.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\user.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\unicode.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\tssoft32.acm:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\tsd32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\traffic.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\timer.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\system.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\sortkey.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\sndvol32.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\sbe.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\rsvp.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\REX Shared Library.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ReWire.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\RDOCURS.DLL:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\pxafs.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\PSIKey.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\pintool.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\OEMLOGO.BMP:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\oeminfo.ini:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\oembios.sig:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\oembios.dat:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ntio.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ntdos.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\netmsg.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\netevent.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mycomput.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msxmlr.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msxml4r.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msvidctl.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msvcp71.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msvcp61.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msvbvm50.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\MSSTKPRP.DLL:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msstdfmt.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\MSRDO20.DLL:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\MSPRPDE.DLL:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msidntld.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msgsm32.acm:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msg723.acm:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\msg711.acm:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mscomctl.ocx:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\MRT.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mpg4c32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mouse.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mmsystem.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mmdrv.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mfc42loc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\MFC42DEU.DLL:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mapisvc.inf:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\lz32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\lmpgvd.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\lights.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\l_intl.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\krnl386.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\keyboard.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\keyboard.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\kdcom.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\kbdus.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\jsde.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ifxcardm.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ifsutil.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\hticons.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\gdi.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\fxssend.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\fmifs.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\encdec.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ElbyCDIO.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ega.cpi:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drwtsn32.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\x10hid.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\Drivers\vaxscsi.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\usbd.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\TVICHW32.SYS:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\ssmdrv.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\rt73.bin:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\rdpcdd.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\raspti.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\rasacd.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\ptilink.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\nwlnkfwd.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\nwlnkflt.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\null.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\mouhid.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\mnmdd.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\mhndrv.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\ipfltdrv.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\gm.dls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\fs_rec.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\fetnd5bv.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\fetnd5.sys:KAVICHS deleted successfully.
Unable to delete ADS C:\WINDOWS\System32\drivers\etc\hosts.msn:KAVICHS .
Unable to delete ADS C:\WINDOWS\System32\drivers\etc\hosts.20100516-181304.backup:KAVICHS .
Unable to delete ADS C:\WINDOWS\System32\drivers\etc\hosts.20100329-102240.backup:KAVICHS .
ADS C:\WINDOWS\System32\drivers\etc\hosts.20070306-143951.backup:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\ElbyCDIO.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\dxgthk.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\cdralw2k.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\cdaudio.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\beep.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\AegisP.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\drivers\3xHybrid.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\dpwsock.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\dpv10.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\dpus10.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\dosx.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\dmocx.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\dmintf.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\dfrgres.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\devmgmt.msc:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\ctype.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\country.sys:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\CONFIG.NT:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\commdlg.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\command.com:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\comm.drv:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\comcat.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\charmap.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\calc.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\c_850.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\c_1252.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\c_1251.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\c_1250.nls:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\bcsprsrc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\basecsp.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\axaltocm.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\AUTOEXEC.NT:KAVICHS deleted successfully.
ADS C:\WINDOWS\System\MMSYSTEM.DLL:KAVICHS deleted successfully.
ADS C:\WINDOWS\RtlUpd.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\opuc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\ODBC.INI:KAVICHS deleted successfully.
ADS C:\WINDOWS\NeroDigital.ini:KAVICHS deleted successfully.
ADS C:\WINDOWS\kb913800.exe:KAVICHS deleted successfully.
ADS C:\WINDOWS\bootstat.dat:KAVICHS deleted successfully.
ADS C:\WINDOWS\$NtServicePackUninstall$\userinit.exe:KAVICHS deleted successfully.
ADS C:\ScanSectorLog.dat:KAVICHS deleted successfully.
ADS C:\rollback.ini:KAVICHS deleted successfully.
ADS C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE:KAVICHS deleted successfully.
ADS C:\Dokumente und Einstellungen\''SeRa-SuN''\Eigene Dateien\Meine freigegebenen Ordner.lnk:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\olethk32.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\oleacc.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\MSDvbNP.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mpeg2data.ax:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\mfc42u.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\iprop.dll:KAVICHS deleted successfully.
ADS C:\WINDOWS\System32\avicap32.dll:KAVICHS deleted successfully.
ADS C:\Dokumente und Einstellungen\''SeRa-SuN''\Desktop\Mozilla Firefox.lnk:KAVICHS deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Dokumente\desktop.ini:KAVICHS deleted successfully.
ADS C:\desktopzugang.lnk:KAVICHS deleted successfully.
========== FILES ==========
C:\WINDOWS\R.COM moved successfully.
C:\WINDOWS\System32\T.COM moved successfully.
========== COMMANDS ==========

[EMPTYFLASH]

User: ''SeRa-SuN''
->Flash cache emptied: 8754 bytes

User: Administrator
->Flash cache emptied: 446 bytes

User: All Users

User: Default User
->Flash cache emptied: 446 bytes

User: LocalService

User: NetworkService

User: °°#DeKsTrOe#°°

Total Flash Files Cleaned = 0,00 mb

[EMPTYTEMP]

User: ''SeRa-SuN''
->Temp folder emptied: 1079040 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40086771 bytes
->Flash cache emptied: 0 bytes

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 65536 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: °°#DeKsTrOe#°°

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 24 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16384 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 39,00 mb

OTL by OldTimer - Version 3.2.5.0 log created on 05242010_152949

Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\S66612994.tmp scheduled to be moved on reboot.

Registry entries deleted on Reboot...
__________
"Würde man immer warten,bis man etwas perfekt kann, brächte man nie etwas zustande."

24.05.2010, 15:53

virenfinder

Member

Beiträge: 3716

#21 konfiguriere avira 10 wie folgt:
http://www.paules-pc-forum.de/forum/4-pc-sicherheit/127673-avira-10-free-anleitung-zur-einrichtung.html
danach updaten, avira öffnen, klicke auf lokaler schutz, lokale laufwerke, evtl. funde in quarantäne, log posten

24.05.2010, 16:04

Robi

Member

Themenstarter

Beiträge: 56

#22 habe avast auf dem rechner,reicht es,wenn ich es beim scan von avira deaktiviere oder soll es runter?
__________
"Würde man immer warten,bis man etwas perfekt kann, brächte man nie etwas zustande."

24.05.2010, 16:08

virenfinder

Member

Beiträge: 3716

#23 sorry nimm avast, aber ich sehe noch aktieve treiber von avira.
http://forum.avira.com/wbb/index.php?page=Thread&threadid=13095
hier findest du das avira removal tool, nutze es.
kannst du einen avast boot scan machen bitte. teile mir außerdem mal mit, ob das problem mit hängendem neustart immer auftritt. es sieht aus als würde super antispyware bei dir probleme machen, kannst du das ebenfalls mal deinstalieren bitte?

24.05.2010, 16:34

Robi

Member

Themenstarter

Beiträge: 56

#24 So,habe mich dazu entschieden Avira weiterhin zu nutzen(Hatte es auf Anraten eines Bekannten deinstalliert u Avast ausprobiert)Habe Avast normal über Systemsteuerung/Software deinstalliert,reicht das oder bleiben von diesem Programm auch noch Fragmente übrig bzw. gibts da auch ein removal tool?Super Anti Spyware hatte ich zum Scannen benutzt,allerdings auch wieder deinstalliert,habe jetzt nochmal die Windows Suche benutzt um eventuelle Reste davon aufzuspüren,allerdings nix gefunden.
Was soll ich tun?
__________
"Würde man immer warten,bis man etwas perfekt kann, brächte man nie etwas zustande."

24.05.2010, 16:40

virenfinder

Member

Beiträge: 3716

#25 avast removal tool:
http://www.avast.com/uninstall-utility

dann konfiguriere avira mal wie beschrieben und scanne wie beschrieben. log posten

24.05.2010, 16:45

Robi

Member

Themenstarter

Beiträge: 56

#26 danke fürs raussuchen des tools,hab in der zeit avira konfiguriert u starte jetzt neu,da ich das tool noch nicht anwenden kann,da noch irgendein prozess von avast zu laufen scheint.melde mich dann mit dem angefrderten log.bis gleich!
__________
"Würde man immer warten,bis man etwas perfekt kann, brächte man nie etwas zustande."

24.05.2010, 17:23

Robi

Member

Themenstarter

Beiträge: 56

#27 also avira blieb beim scan hängen:
C:\System Volume Information\MountPointManagerRemoteDatabase
17,1%
__________
"Würde man immer warten,bis man etwas perfekt kann, brächte man nie etwas zustande."

24.05.2010, 17:23

Robi

Member

Themenstarter

Beiträge: 56

#28 abgesicherter modus?
__________
"Würde man immer warten,bis man etwas perfekt kann, brächte man nie etwas zustande."

24.05.2010, 17:25

virenfinder

Member

Beiträge: 3716

#29 öffne mal avira, konfiguration, scanner, ausnahmen, datei hinzufügen, dann mal die datei hinzufügen wo er hängen bleibt, ok, erneut über lokaler schutz lokale laufwerke scannen, dann sollte es laufen

24.05.2010, 17:59

Robi

Member

Themenstarter

Beiträge: 56

#30 Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Montag, 24. Mai 2010 17:27

Es wird nach 2150131 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - FREE Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows XP
Windowsversion : (Service Pack 3) [5.1.2600]
Boot Modus : Normal gebootet
Benutzername : ''SeRa-SuN''
Computername : HIM

Versionsinformationen:
BUILD.DAT : 10.0.0.567 32097 Bytes 19.04.2010 15:50:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 01.04.2010 11:37:35
AVSCAN.DLL : 10.0.3.0 56168 Bytes 30.03.2010 10:42:16
LUKE.DLL : 10.0.2.3 104296 Bytes 07.03.2010 17:32:59
LUKERES.DLL : 10.0.0.0 13672 Bytes 14.01.2010 10:59:47
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 08:05:36
VBASE001.VDF : 7.10.1.0 1372672 Bytes 19.11.2009 18:27:49
VBASE002.VDF : 7.10.3.1 3143680 Bytes 20.01.2010 16:37:42
VBASE003.VDF : 7.10.3.75 996864 Bytes 26.01.2010 15:37:42
VBASE004.VDF : 7.10.4.203 1579008 Bytes 05.03.2010 10:29:03
VBASE005.VDF : 7.10.6.82 2494464 Bytes 15.04.2010 14:11:21
VBASE006.VDF : 7.10.6.83 2048 Bytes 15.04.2010 14:11:21
VBASE007.VDF : 7.10.6.84 2048 Bytes 15.04.2010 14:11:22
VBASE008.VDF : 7.10.6.85 2048 Bytes 15.04.2010 14:11:22
VBASE009.VDF : 7.10.6.86 2048 Bytes 15.04.2010 14:11:22
VBASE010.VDF : 7.10.6.87 2048 Bytes 15.04.2010 14:11:22
VBASE011.VDF : 7.10.6.88 2048 Bytes 15.04.2010 14:11:22
VBASE012.VDF : 7.10.6.89 2048 Bytes 15.04.2010 14:11:22
VBASE013.VDF : 7.10.6.90 2048 Bytes 15.04.2010 14:11:22
VBASE014.VDF : 7.10.6.123 126464 Bytes 19.04.2010 14:11:22
VBASE015.VDF : 7.10.6.152 123392 Bytes 21.04.2010 14:11:23
VBASE016.VDF : 7.10.6.178 122880 Bytes 22.04.2010 14:11:23
VBASE017.VDF : 7.10.6.206 120320 Bytes 26.04.2010 14:11:24
VBASE018.VDF : 7.10.6.232 99328 Bytes 28.04.2010 14:11:24
VBASE019.VDF : 7.10.7.2 155648 Bytes 30.04.2010 14:11:25
VBASE020.VDF : 7.10.7.26 119808 Bytes 04.05.2010 14:11:25
VBASE021.VDF : 7.10.7.51 118272 Bytes 06.05.2010 14:11:25
VBASE022.VDF : 7.10.7.75 404992 Bytes 10.05.2010 14:11:27
VBASE023.VDF : 7.10.7.100 125440 Bytes 13.05.2010 14:11:27
VBASE024.VDF : 7.10.7.119 177664 Bytes 17.05.2010 14:11:28
VBASE025.VDF : 7.10.7.139 129024 Bytes 19.05.2010 14:11:28
VBASE026.VDF : 7.10.7.157 145920 Bytes 21.05.2010 14:11:29
VBASE027.VDF : 7.10.7.158 2048 Bytes 21.05.2010 14:11:29
VBASE028.VDF : 7.10.7.159 2048 Bytes 21.05.2010 14:11:29
VBASE029.VDF : 7.10.7.160 2048 Bytes 21.05.2010 14:11:29
VBASE030.VDF : 7.10.7.161 2048 Bytes 21.05.2010 14:11:29
VBASE031.VDF : 7.10.7.162 40960 Bytes 23.05.2010 14:11:29
Engineversion : 8.2.1.242
AEVDF.DLL : 8.1.2.0 106868 Bytes 24.05.2010 14:11:38
AESCRIPT.DLL : 8.1.3.29 1343866 Bytes 24.05.2010 14:11:38
AESCN.DLL : 8.1.6.1 127347 Bytes 24.05.2010 14:11:36
AESBX.DLL : 8.1.3.1 254324 Bytes 24.05.2010 14:11:38
AERDL.DLL : 8.1.4.6 541043 Bytes 24.05.2010 14:11:36
AEPACK.DLL : 8.2.1.1 426358 Bytes 19.03.2010 11:34:51
AEOFFICE.DLL : 8.1.1.0 201081 Bytes 24.05.2010 14:11:35
AEHEUR.DLL : 8.1.1.27 2670967 Bytes 24.05.2010 14:11:35
AEHELP.DLL : 8.1.11.3 242039 Bytes 01.04.2010 15:05:25
AEGEN.DLL : 8.1.3.9 377203 Bytes 24.05.2010 14:11:32
AEEMU.DLL : 8.1.2.0 393588 Bytes 24.05.2010 14:11:31
AECORE.DLL : 8.1.15.3 192886 Bytes 24.05.2010 14:11:31
AEBB.DLL : 8.1.1.0 53618 Bytes 24.05.2010 14:11:30
AVWINLL.DLL : 10.0.0.0 19304 Bytes 14.01.2010 10:59:10
AVPREF.DLL : 10.0.0.0 44904 Bytes 14.01.2010 10:59:07
AVREP.DLL : 10.0.0.8 62209 Bytes 18.02.2010 15:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 01.04.2010 11:35:44
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 01.04.2010 11:39:49
AVARKT.DLL : 10.0.0.14 227176 Bytes 01.04.2010 11:22:11
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 26.01.2010 08:53:25
SQLITE3.DLL : 3.6.19.0 355688 Bytes 28.01.2010 11:57:53
AVSMTP.DLL : 10.0.0.17 63848 Bytes 16.03.2010 14:38:54
NETNT.DLL : 10.0.0.0 11624 Bytes 19.02.2010 13:40:55
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 28.01.2010 12:10:08
RCTEXT.DLL : 10.0.53.0 98152 Bytes 09.04.2010 13:14:28

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Lokale Laufwerke
Konfigurationsdatei...................: c:\programme\avira\antivir desktop\alldrives.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, G:, H:, I:, J:, E:, F:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Optimierter Suchlauf..................: ein
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: aus
Makrovirenheuristik...................: ein
Dateiheuristik........................: hoch
Auszulassende Dateien.................: C:\System Volume Information\MountPointManagerRemoteDatabase,
Abweichende Gefahrenkategorien........: +PCK,+PFS,+SPR,

Beginn des Suchlaufs: Montag, 24. Mai 2010 17:27

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'rsmsink.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'msdtc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'dllhost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'alg.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiapsrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RocketDock.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'realsched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'x10nets.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'vc9secs.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'RichVideo.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPZipm12.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvsvc32.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'MDM.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'LSSrvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jqs.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'InCDsrv.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '1' Modul(e) wurden durchsucht

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD2
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD3
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD4
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'G:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'H:\'
[INFO] Im Laufwerk 'H:\' ist kein Datenträger eingelegt!
Bootsektor 'I:\'
[INFO] Im Laufwerk 'I:\' ist kein Datenträger eingelegt!
Bootsektor 'J:\'
[INFO] Im Laufwerk 'J:\' ist kein Datenträger eingelegt!

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '673' Dateien ).

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <BOOT>
Beginne mit der Suche in 'D:\' <RECOVER>
Beginne mit der Suche in 'G:\' <MEDIA>
Beginne mit der Suche in 'H:\'
Der zu durchsuchende Pfad H:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'I:\'
Der zu durchsuchende Pfad I:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'J:\'
Der zu durchsuchende Pfad J:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'E:\'
Der zu durchsuchende Pfad E:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'F:\'
Der zu durchsuchende Pfad F:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.

Ende des Suchlaufs: Montag, 24. Mai 2010 17:56
Benötigte Zeit: 28:48 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

11028 Verzeichnisse wurden überprüft
118851 Dateien wurden geprüft
0 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
0 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
118851 Dateien ohne Befall
0 Archive wurden durchsucht
0 Warnungen
0 Hinweise
59916 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
__________
"Würde man immer warten,bis man etwas perfekt kann, brächte man nie etwas zustande."

Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:

Seite(n): 1 2 3 4 5