|
Plagegeister aller Art und deren Bekämpfung: Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
23.06.2011, 16:18 | #1 |
| Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Hallo zusammen, leider bin ich eine Laie, was die Tiefen meines Computers (Windows XP), Software etc betrifft, versuche aber mein Möglichstes mich klar auszudrücken. Vor drei Tagen spielte mein Sohn ein Online Spiel im Internet, als er es beendete, fing der Computer an zu spinnen. - Fenster öffneten sich willkürlich aus den verschiedensten Programmen, - ein Spiel von der Festplatte wurde immer wieder geöffnet, konnte jedes Mal auch problemlos wieder geschlossen werden. - Mozilla ging auf und in die Leiste wurde ein Buchstabenwirrwarr eingetragen. - In der Taskleiste unten rechts blinkte ein Symbol von Alamandi (roter Ballon) und wechselte immer wieder zu einem Symbol, welches aussah, wie ein Briefumschlag. Norton fand zwei Bedrohungen. Ich fuhr den Computer mehrfach rauf und wieder runter und wollte den Norton Power Eraser aus dem Internet herunterladen. Hierfür klickte ich den Link im Norton Center an und plötzlich gingen ca. 40 Karteireiter im Mozilla auf, mit der Anfrage Power Eraser. Ich habe sie alle bis auf eines wieder geschlossen, wollte dann den Eraser herunterladen und das System stürzte komplett ab. Ich habe den Computer dann zwei Tage nicht angepackt und heute wieder hochgefahren. Es ist, als ob nie etwas gewesen wäre! Der Computer reagiert ganz normal, das Alamandi Symbol in der Taskleiste blinkt nicht mehr. Ich habe Sorge, dass aber doch irgendetwas Virus/Tronjaner etc. auf dem Computer ist und folgendes getan: 1. Virenscanner von Norton laufen lassen: drei Bedrohungen (tracking Cookies) gefunden. 2. Power Eraser von Norton laufen lassen: Nichts gefunden 3. SpyBot-Search & Destroy laufen lassen: Nichts gefunden 4. Malwarebytes Anti-Malware laufen lassen: Nichts gefunden 5. OTL laufen lassen und anliegende Reports erhalten. Ist mein Computer nun virenfrei oder muss ich noch etwas anderes machen? Vielen Dank für Eure Mühe! Gruß Pumperl |
23.06.2011, 21:43 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc.Zitat:
__________________ |
24.06.2011, 18:56 | #3 |
| Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Hi,
__________________hier ist das Log: Malwarebytes' Anti-Malware 1.51.0.1200 www.malwarebytes.org Datenbank Version: 6925 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 23.06.2011 16:34:14 mbam-log-2011-06-23 (16-34-14).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|) Durchsuchte Objekte: 326662 Laufzeit: 1 Stunde(n), 10 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) Vielen Dank Pumperl |
24.06.2011, 21:44 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Das ist das erste und einzige Log? Ergo: Malwarebytes hat nie etwas gefunden?
__________________ Logfiles bitte immer in CODE-Tags posten |
25.06.2011, 18:50 | #5 |
| Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Stimmt! Es ist das einzige Log von Malware. Die anderen habe ich ja schon bei meinem letzten Post mitgeschickt. Otl extra:OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 23.06.2011 16:50:09 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,80 Gb Available Physical Memory | 79,88% Memory free 5,34 Gb Paging File | 4,72 Gb Available in Paging File | 88,52% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 449,75 Gb Total Space | 377,13 Gb Free Space | 83,85% Space Free | Partition Type: NTFS Drive D: | 16,00 Gb Total Space | 9,92 Gb Free Space | 62,02% Space Free | Partition Type: NTFS Drive F: | 465,64 Gb Total Space | 366,91 Gb Free Space | 78,80% Space Free | Partition Type: FAT32 Computer Name: BRAUTPAARPC | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* [HKEY_USERS\S-1-5-21-3723618814-2143213472-98843280-500\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "58463:TCP" = 58463:TCP:*:Enabled:Pando Media Booster "58463:UDP" = 58463:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002 "58463:TCP" = 58463:TCP:*:Enabled:Pando Media Booster "58463:UDP" = 58463:UDP:*:Enabled:Pando Media Booster ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe" = C:\Programme\McAfee\Managed VirusScan\Agent\myAgtSvc.exe:*:Enabled:Managed Services Agent "C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\WINDOWS\SMINST\Scheduler.exe" = C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler -- () "C:\Programme\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe" = C:\Programme\Microsoft Games\Dungeon Siege 2\DungeonSiege2.exe:*:Enabled:Dungeon Siege 2 Game Executable -- (Gas Powered Games) "C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01590C21-E8BF-444D-8FC4-DBD132CA1962}" = Windows Vista Upgrade Advisor "{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Systemsteuerung "{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp "{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch "{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy "{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery "{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java(TM) 6 Update 16 "{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg "{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant "{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}" = HP Backup and Recovery Manager "{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}" = Titan Quest "{4266BAFB-E6E6-4FB8-A475-632A1FE8615D}" = Moorhuhnjagd AYCS "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply "{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU "{4C1A7865-5BF4-4E68-8E8D-DBA4AF41F01B}" = Su Doku Master "{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2 "{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies "{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport "{576E71DA-3000-48F6-9B21-B9A70D47DFCF}" = Star Wars JK II Jedi Outcast "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5A96225D-A3B7-4535-AE49-3BF217999669}" = RPG Maker Fonts "{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard "{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8 "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{6850696D-FC0A-48A7-9097-7EB301FB0FEA}" = Magicians Handbook "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7730D510-6DE2-4CD4-8F58-0B04680AEFE6}" = Mysteryville 2 "{7FB12670-0F93-4E1E-B2F5-4F339199A03A}" = Microsoft SQL Server Native Client "{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01 "{837972D3-1A7E-42D6-A2F0-8BD0A29B6861}" = WeihnachtsTheme "{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01 "{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}" = Moorfrosch XXL "{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support "{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU "{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}" = Duke Nukem - Manhattan Project "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (German) 12 "{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007 "{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007 "{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007 "{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007 "{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007 "{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007 "{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007 "{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007 "{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007 "{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components "{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007 "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU) "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99E862CC-6F69-4D39-99AA-DBF71BF3B585}" = OpenOffice.org 3.1 "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A347C572-F7B4-43A3-BD51-FFC99184F70D}" = Jurassic Park Operation Genesis "{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2 "{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help "{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components "{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.3 - Deutsch "{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant "{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Samsung Master "{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd "{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min "{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}" = Titan Quest Immortal Throne "{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation "{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter "{BD11E3C6-065E-40BB-A129-435C4530A159}_is1" = Jewel Master - Cradle Of Rome "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour "{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component "{DDD076BF-C5C3-468C-AA1B-F9A7E47446FE}" = Intel(R) Network Connections 13.1.33.0 "{DE60CAE2-4CA8-4A6A-A557-0668004FE889}" = Moorhuhn Kart Extra XXL "{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm "{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{E8C5BD56-F5D8-41D3-8A71-273468FE256A}" = T-Home Dialerschutz-Software "{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack "{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes "{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE "{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0 "{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status "4 Elements_is1" = 4 Elements 1.0 "7 Wonders of the Ancient World" = 7 Wonders of the Ancient World "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2 "Akademie der Magie (Vollversion)" = Akademie der Magie (Vollversion) "Alamandi" = Alamandi "All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software "Animated Tropical Beaches_is1" = Animated Tropical Beaches "Ankh3" = Ankh3 "ANNO 1602 Königs-Edition" = ANNO 1602 Königs-Edition "ATI Display Driver" = ATI Display Driver "BFG-Azada" = Azada "BFGC" = Big Fish Games: Game Manager "BFG-Cradle of Persia" = Cradle of Persia "BFG-Drawn - Der Turm" = Drawn: Der Turm ™ "BFG-Drawn - Flucht aus der Dunkelheit" = Drawn: ® Flucht aus der Dunkelheit "BFG-Escape from Lost Island" = Escape from Lost Island "BFG-Heroes of Hellas 2 - Olympia" = Heroes of Hellas 2: Olympia "BFG-Jewel Match" = Jewel Match "BFG-Mystery Case Files - Dire Grove" = Mystery Case Files®: Dire Grove™ "BFG-The Nightshift Code" = The Nightshift Code "BFG-The Sultans Labyrinth - Das Opfer des Koenigs" = The Sultans Labyrinth: Das Opfer des Königs "Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2 "CCleaner" = CCleaner "CrystalDiskInfo_is1" = CrystalDiskInfo 2.7.5 "Dart701OU" = Dart701OU - Version 1.00 "Das Vermächtnis der Insel" = Das Vermächtnis der Insel "Der Stein der Weisen" = Der Stein der Weisen "DEUTSCHLAND SPIELT Spiele Post" = DEUTSCHLAND SPIELT Spiele Post "Dream Chronicles" = Dream Chronicles "DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER "DungeonSiege2" = Dungeon Siege 2 "Elfenzauber" = Elfenzauber "Farm Frenzy 2" = Farm Frenzy 2 "FirePlace Alive!_is1" = FirePlace Alive! "Geheime Fälle: Vermisst in Rom" = Geheime Fälle: Vermisst in Rom "Geheimnis von Montezuma" = Geheimnis von Montezuma "Geheimnis von Montezuma 2" = Geheimnis von Montezuma 2 "Google Chrome" = Google Chrome "Heroes of Might and Magic IV" = Heroes of Might and Magic® IV "HP Imaging Device Functions" = HP Imaging Device Functions 9.0 "HP Photosmart Essential" = HP Photosmart Essential 2.01 "HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0 "HPExtendedCapabilities" = HP Customer Participation Program 9.0 "ie8" = Windows Internet Explorer 8 "Incadia" = Incadia "InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8 "InstallShield_{8B9336DB-8D04-4325-BAFC-C7141D8E6CA1}" = Duke Nukem - Manhattan Project "InstallShield_{A347C572-F7B4-43A3-BD51-FFC99184F70D}" = Jurassic Park Operation Genesis "JOA_is1" = Jewels of Atlantis "Klett Mathetrainer 7_is1" = Klett Mathetrainer 7 "Magic Encyclopedia 3 - Illusionen" = Magic Encyclopedia 3 - Illusionen "MahJongg Master 4_is1" = MahJongg Master 4 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.0.1200 "Meine kleine Farm 3: Ice Age" = Meine kleine Farm 3: Ice Age "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU "Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Midnight Mysteries Salem Witch Trials" = Midnight Mysteries Salem Witch Trials "Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MSNINST" = MSN "N360" = Norton 360 "PDF Complete" = PDF Complete "PoolBallMasch" = PoolBallMasch - Version 1.00 "PROHYBRIDR" = 2007 Microsoft Office system "Ritter Arthur" = Ritter Arthur "Ritter Arthur II - Collectors Edition" = Ritter Arthur II - Collectors Edition "RollerCoaster Tycoon 3_is1" = RollerCoaster Tycoon 3 "Tomb Raider: Anniversary" = Tomb Raider: Anniversary 1.0 "TomTom HOME" = TomTom HOME 2.8.1.2218 "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 20.06.2011 12:43:35 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.1, fehlgeschlagenes Modul game.exe, Version 1.0.0.1, Fehleradresse 0x0002a424. Error - 20.06.2011 12:44:32 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.1, fehlgeschlagenes Modul game.exe, Version 1.0.0.1, Fehleradresse 0x0002a424. Error - 20.06.2011 12:52:38 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.1, fehlgeschlagenes Modul game.exe, Version 1.0.0.1, Fehleradresse 0x0002a424. Error - 20.06.2011 12:52:49 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.1, fehlgeschlagenes Modul game.exe, Version 1.0.0.1, Fehleradresse 0x0002a424. Error - 20.06.2011 12:52:59 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.1, fehlgeschlagenes Modul game.exe, Version 1.0.0.1, Fehleradresse 0x0002a424. Error - 20.06.2011 12:53:12 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.1, fehlgeschlagenes Modul game.exe, Version 1.0.0.1, Fehleradresse 0x0002a424. Error - 20.06.2011 13:43:13 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.1, fehlgeschlagenes Modul game.exe, Version 1.0.0.1, Fehleradresse 0x0002a424. Error - 20.06.2011 14:08:03 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.1, fehlgeschlagenes Modul game.exe, Version 1.0.0.1, Fehleradresse 0x0002a424. Error - 20.06.2011 14:09:03 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung game.exe, Version 1.0.0.1, fehlgeschlagenes Modul game.exe, Version 1.0.0.1, Fehleradresse 0x00253fa1. Error - 23.06.2011 07:15:24 | Computer Name = BRAUTPAARPC | Source = Application Error | ID = 1000 Description = Fehlgeschlagene Anwendung ccsvchst.exe, Version 10.1.1.16, fehlgeschlagenes Modul ntdll.dll, Version 5.1.2600.6055, Fehleradresse 0x00019af2. [ System Events ] Error - 05.06.2011 12:14:26 | Computer Name = BRAUTPAARPC | Source = VolSnap | ID = 393236 Description = Die Schattenkopie von Volume "C:" wurde aufgrund von einem fehlgeschlagenen Rechenvorgang bezüglich verfügbarem Speicher abgebrochen. Error - 19.06.2011 12:04:37 | Computer Name = BRAUTPAARPC | Source = VolSnap | ID = 393236 Description = Die Schattenkopie von Volume "C:" wurde aufgrund von einem fehlgeschlagenen Rechenvorgang bezüglich verfügbarem Speicher abgebrochen. Error - 20.06.2011 12:41:51 | Computer Name = BRAUTPAARPC | Source = PSched | ID = 14103 Description = QoS [Adapter {9A60D5CF-4C2A-49AA-ACC9-840E26B007AE}]: Die Abfrage des Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen. Error - 20.06.2011 13:13:05 | Computer Name = BRAUTPAARPC | Source = PSched | ID = 14103 Description = QoS [Adapter {9A60D5CF-4C2A-49AA-ACC9-840E26B007AE}]: Die Abfrage des Netzwerkkartentreibers nach OID_GEN_LINK_SPEED ist fehlgeschlagen. Error - 23.06.2011 07:23:03 | Computer Name = BRAUTPAARPC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: atapi Error - 23.06.2011 09:10:38 | Computer Name = BRAUTPAARPC | Source = Service Control Manager | ID = 7026 Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: atapi Error - 23.06.2011 10:34:14 | Computer Name = BRAUTPAARPC | Source = PlugPlayManager | ID = 11 Description = Das Gerät "Root\LEGACY_SMR200\0000" wurde ohne vorbereitende Maßnahmen vom System entfernt. < End of report > Und das ist OTL:OTL Logfile: Code:
ATTFilter OTL logfile created on: 23.06.2011 16:50:09 - Run 1 OTL by OldTimer - Version 3.2.24.1 Folder = C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,50 Gb Total Physical Memory | 2,80 Gb Available Physical Memory | 79,88% Memory free 5,34 Gb Paging File | 4,72 Gb Available in Paging File | 88,52% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 449,75 Gb Total Space | 377,13 Gb Free Space | 83,85% Space Free | Partition Type: NTFS Drive D: | 16,00 Gb Total Space | 9,92 Gb Free Space | 62,02% Space Free | Partition Type: NTFS Drive F: | 465,64 Gb Total Space | 366,91 Gb Free Space | 78,80% Space Free | Partition Type: FAT32 Computer Name: BRAUTPAARPC | User Name: Administrator | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Norton 360\Engine\5.1.0.29\ccsvchst.exe (Symantec Corporation) PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe (T-Systems International GmbH) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\PDF Complete\pdfsvc.exe (PDF Complete Inc) PRC - C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated) PRC - C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin) PRC - C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) PRC - C:\WINDOWS\SMINST\Scheduler.exe () ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools) MOD - C:\Programme\Norton 360\Engine\5.1.0.29\asoehook.dll (Symantec Corporation) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation) MOD - C:\Programme\T-Online\Dialerschutz-Software\df.dll (T-Systems International GmbH) MOD - C:\Programme\Norton 360\Engine\5.1.0.29\microsoft.vc90.crt\msvcr90.dll (Microsoft Corporation) MOD - C:\Programme\Norton 360\Engine\5.1.0.29\microsoft.vc90.crt\msvcp90.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (0258291254242786mcinstcleanup) McAfee Application Installer Cleanup (0258291254242786) -- File not found SRV - (N360) -- C:\Programme\Norton 360\Engine\5.1.0.29\ccSvcHst.exe (Symantec Corporation) SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (DFSVC) -- C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe (T-Systems International GmbH) SRV - (odserv) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (pdfcDispatcher) -- C:\Programme\PDF Complete\pdfsvc.exe (PDF Complete Inc) SRV - (BcmSqlStartupSvc) -- C:\Programme\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (IviRegMgr) -- C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (IDSxpx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110623.001\IDSXpx86.sys (Symantec Corporation) DRV - (BHDrvx86) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110616.003\BHDrvx86.sys (Symantec Corporation) DRV - (NAVEX15) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110622.052\NAVEX15.SYS (Symantec Corporation) DRV - (NAVENG) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110622.052\NAVENG.SYS (Symantec Corporation) DRV - (SymEvent) -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS (Symantec Corporation) DRV - (eeCtrl) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (SRTSP) -- C:\WINDOWS\System32\Drivers\N360\0501000.01D\SRTSP.SYS (Symantec Corporation) DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS (Symantec Corporation) DRV - (SYMTDI) -- C:\WINDOWS\System32\Drivers\N360\0501000.01D\SYMTDI.SYS (Symantec Corporation) DRV - (SymEFA) -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS (Symantec Corporation) DRV - (SymDS) -- C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS (Symantec Corporation) DRV - (SymIRON) -- C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS (Symantec Corporation) DRV - (SipIMNDI) -- C:\WINDOWS\system32\drivers\SipIMNDI.sys (T-Systems International GmbH) DRV - (DFSYS) -- C:\Programme\T-Online\Dialerschutz-Software\DFSYS.sys (T-Systems International GmbH) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (e1yexpress) Intel(R) -- C:\WINDOWS\system32\drivers\e1y5132.sys (Intel Corporation) DRV - (NAL) -- C:\WINDOWS\system32\drivers\iqvw32.sys (Intel Corporation ) DRV - (iAimFP4) -- C:\WINDOWS\system32\drivers\wVchNTxx.sys (Intel(R) Corporation) DRV - (iAimFP3) -- C:\WINDOWS\system32\drivers\wSiINTxx.sys (Intel(R) Corporation) DRV - (iAimTV3) -- C:\WINDOWS\system32\drivers\wATV04nt.sys (Intel(R) Corporation) DRV - (iAimTV0) -- C:\WINDOWS\system32\drivers\wATV01nt.sys (Intel(R) Corporation) DRV - (iAimTV5) -- C:\WINDOWS\system32\drivers\wATV10nt.sys (Intel(R) Corporation) DRV - (iAimTV4) -- C:\WINDOWS\system32\drivers\wCh7xxNT.sys (Intel(R) Corporation) DRV - (iAimTV6) -- C:\WINDOWS\system32\drivers\wATV06nt.sys (Intel(R) Corporation) DRV - (iAimTV1) -- C:\WINDOWS\system32\drivers\wATV02NT.sys (Intel(R) Corporation) DRV - (i81x) -- C:\WINDOWS\system32\drivers\i81xnt5.sys (Intel(R) Corporation) DRV - (iAimFP0) -- C:\WINDOWS\system32\drivers\wADV01nt.sys (Intel(R) Corporation) DRV - (iAimFP1) -- C:\WINDOWS\system32\drivers\wADV02NT.sys (Intel(R) Corporation) DRV - (iAimFP7) -- C:\WINDOWS\system32\drivers\wADV09NT.sys (Intel(R) Corporation) DRV - (iAimFP5) -- C:\WINDOWS\system32\drivers\wADV07nt.sys (Intel(R) Corporation) DRV - (iAimFP2) -- C:\WINDOWS\system32\drivers\wADV05NT.sys (Intel(R) Corporation) DRV - (iAimFP6) -- C:\WINDOWS\system32\drivers\wADV08NT.sys (Intel(R) Corporation) DRV - (regi) -- C:\WINDOWS\system32\drivers\regi.sys (InterVideo) DRV - (FWLANUSB) -- C:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH) DRV - (avmeject) -- C:\WINDOWS\system32\drivers\avmeject.sys (AVM Berlin) DRV - (Symmpi) -- C:\WINDOWS\system32\DRIVERS\symmpi.sys (LSI Logic) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=all&pf=cmdt IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=all&pf=cmdt IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com IE - HKU\.DEFAULT\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com IE - HKU\S-1-5-18\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hp.com IE - HKU\S-1-5-21-3723618814-2143213472-98843280-500\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=all&pf=cmdt IE - HKU\S-1-5-21-3723618814-2143213472-98843280-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/ IE - HKU\S-1-5-21-3723618814-2143213472-98843280-500\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKU\S-1-5-21-3723618814-2143213472-98843280-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3723618814-2143213472-98843280-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0 FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:5.5 FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011.06.23 13:23:33 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn\ [2011.05.10 18:54:59 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.05.09 21:54:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.05.09 21:54:47 | 000,000,000 | ---D | M] [2009.10.11 17:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions [2009.10.11 17:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Extensions\home2@tomtom.com [2011.05.08 10:13:26 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\z7vkpuq3.default\extensions [2010.12.15 21:00:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\z7vkpuq3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011.06.20 19:57:53 | 000,000,944 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\z7vkpuq3.default\searchplugins\icqplugin.xml [2011.05.08 10:13:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions File not found (No name found) -- [2011.05.10 18:54:59 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\COFFPLGN [2011.06.23 13:23:33 | 000,000,000 | ---D | M] (Symantec IPS) -- C:\DOKUMENTE UND EINSTELLUNGEN\ALL USERS\ANWENDUNGSDATEN\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPLGN [2009.10.03 20:24:36 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011.05.08 18:01:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll [2009.10.26 16:53:52 | 000,102,400 | ---- | M] (Zylom) -- C:\Programme\Mozilla Firefox\plugins\npzylomgamesplayer.dll [2011.05.08 18:01:26 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2011.05.08 18:01:26 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml [2011.05.08 18:01:26 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2011.05.08 18:01:26 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2011.05.08 18:01:26 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2011.05.08 18:01:26 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2008.04.14 11:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton 360\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found. O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation) O3 - HKU\S-1-5-21-3723618814-2143213472-98843280-500\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton 360\Engine\5.1.0.29\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\FRITZWLANMini.exe (AVM Berlin) O4 - HKLM..\Run: [PDF Complete] C:\Programme\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe () O4 - HKLM..\Run: [Reminder] C:\WINDOWS\CREATOR\Remind_XP.exe () O4 - HKLM..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe () O4 - HKLM..\Run: [SetRefresh] C:\Programme\Compaq\SetRefresh\SetRefresh.exe (Hewlett-Packard Company) O4 - HKLM..\Run: [T-Home Dialerschutz-Software] C:\Programme\T-Online\Dialerschutz-Software\Defender.exe (T-Systems International GmbH) O4 - HKU\.DEFAULT..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation) O4 - HKU\S-1-5-18..\Run: [DWQueuedReporting] C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-3723618814-2143213472-98843280-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1254578468171 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004.04.30 17:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2002.10.17 09:56:50 | 000,000,036 | RH-- | M] () - F:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2006.02.09 14:59:36 | 000,000,000 | RH-D | M] - F:\autorun -- [ FAT32 ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906) ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447) ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460) ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE NetSvcs: 6to4 - File not found NetSvcs: Ias - File not found NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found MsConfig - State: "system.ini" - 0 MsConfig - State: "win.ini" - 0 MsConfig - State: "bootini" - 0 MsConfig - State: "services" - 0 MsConfig - State: "startup" - 0 CREATERESTOREPOINT Restore point Set: OTL Restore Point (60530730744152064) ========== Files/Folders - Created Within 30 Days ========== [2011.06.23 15:22:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Malwarebytes [2011.06.23 15:22:44 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.06.23 15:22:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware [2011.06.23 15:22:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2011.06.23 15:22:41 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2011.06.23 15:22:41 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2011.06.23 15:16:23 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent [2011.06.23 13:20:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\NPE [2011.06.23 13:17:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Tific [2011.06.23 13:17:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Symantec [2011.06.23 12:45:52 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy [2011.06.23 12:45:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy [2011.06.20 19:10:33 | 000,118,784 | ---- | C] (SoftThinks) -- C:\WINDOWS\System32\chg.exe [2011.06.15 15:56:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel [2011.06.10 07:10:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\HP [2011.05.27 21:17:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\HdO Adventure [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2011.06.23 16:44:00 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2011.06.23 16:40:30 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2011.06.23 16:40:29 | 000,001,100 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2011.06.23 16:28:31 | 000,000,380 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\games.stat [2011.06.23 15:22:44 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.06.23 15:16:06 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2011.06.23 15:10:18 | 000,118,784 | ---- | M] (SoftThinks) -- C:\WINDOWS\System32\chg.exe [2011.06.23 15:09:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2011.06.23 15:09:31 | 000,167,952 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap [2011.06.23 15:09:25 | 3757,228,032 | -HS- | M] () -- C:\hiberfil.sys [2011.06.23 13:25:48 | 000,000,211 | RHS- | M] () -- C:\boot.ini [2011.06.18 14:10:39 | 000,160,031 | ---- | M] () -- C:\WINDOWS\hpoins14.dat [2011.06.15 16:13:45 | 000,463,098 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat [2011.06.15 16:13:45 | 000,444,600 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2011.06.15 16:13:45 | 000,085,970 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat [2011.06.15 16:13:45 | 000,072,476 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2011.06.15 14:44:30 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk [2011.06.15 14:02:01 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2011.06.10 07:28:43 | 000,013,659 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Einkaufsliste.ods [2011.06.05 18:43:57 | 000,012,800 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Finanzamt Anlage 2010.xlt [2011.06.05 18:42:08 | 000,016,270 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Finanzamt Anlage 2010.ods [2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2011.05.29 09:11:20 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2011.06.23 15:22:44 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2011.06.23 15:16:06 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk [2011.06.18 13:30:20 | 000,160,031 | ---- | C] () -- C:\WINDOWS\hpoins14.dat [2011.06.18 13:30:20 | 000,002,000 | ---- | C] () -- C:\WINDOWS\hpomdl14.dat [2011.06.05 18:43:54 | 000,012,800 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien\Finanzamt Anlage 2010.xlt [2011.04.20 07:43:42 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011.04.20 07:38:41 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2011.02.10 22:11:06 | 000,000,053 | ---- | C] () -- C:\WINDOWS\tropical_beaches1.ini [2011.02.10 21:25:31 | 000,001,730 | ---- | C] () -- C:\WINDOWS\unins002.dat [2011.02.10 21:24:52 | 000,002,225 | ---- | C] () -- C:\WINDOWS\unins000.dat [2011.02.08 17:36:34 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010.12.19 18:48:58 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\psfind.dll [2010.11.07 15:47:22 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2010.06.14 19:13:55 | 000,000,736 | ---- | C] () -- C:\WINDOWS\SamsungMaster.INI [2010.04.25 20:54:32 | 000,000,020 | ---- | C] () -- C:\WINDOWS\eplan.ini [2010.04.25 18:59:47 | 000,026,624 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.04.25 18:54:37 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2010.04.25 18:54:37 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2010.04.25 18:54:37 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\vidccleaner.exe [2009.10.12 21:55:13 | 000,002,828 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KGyGaAvL.sys [2009.10.12 21:55:13 | 000,000,008 | RHS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\0951FC7CE7.sys [2009.10.03 19:47:47 | 000,048,148 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat [2009.09.30 18:39:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat [2009.09.29 18:48:22 | 000,097,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin [2009.09.15 18:39:31 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat [2009.09.15 18:39:31 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat [2009.09.15 18:39:31 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe [2009.09.15 18:39:31 | 000,188,348 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat [2009.09.15 18:39:31 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe [2009.09.15 18:37:00 | 000,000,978 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2009.09.15 10:15:56 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2009.09.15 09:46:06 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2009.09.15 09:44:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll [2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe [2009.04.05 21:18:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2009.04.05 21:10:03 | 000,463,098 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat [2009.04.05 21:10:03 | 000,444,600 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat [2009.04.05 21:10:03 | 000,085,970 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat [2009.04.05 21:10:03 | 000,072,476 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat [2009.04.05 21:06:42 | 000,297,256 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009.04.05 20:59:09 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2009.04.05 20:53:43 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat [2008.04.14 11:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat [2008.04.14 11:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat [2008.04.14 11:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat [2008.04.14 11:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat [2008.04.14 11:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin [2008.04.14 11:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat [2008.04.14 11:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat [2008.04.14 11:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat [2008.04.14 11:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin [2008.04.14 11:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat [2002.05.28 18:55:42 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin [2002.05.28 18:54:40 | 000,004,605 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat ========== LOP Check ========== [2009.10.13 18:26:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\7Wonders [2010.05.02 17:25:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Atari [2011.04.17 13:56:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Big Fish Games [2009.10.04 14:12:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Cornelsen [2011.02.11 19:47:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ERS G-Studio [2011.05.27 21:17:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\HdO Adventure [2009.10.12 21:55:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\InterVideo [2011.03.16 08:27:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Klett [2009.11.15 15:32:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Leadertech [2011.05.22 14:22:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\LolClient [2009.10.17 18:35:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Magic Academy [2011.02.26 16:16:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Magic3 [2009.10.03 20:25:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\OpenOffice.org [2011.01.15 20:39:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Peace Craft [2011.02.11 14:22:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\PeaceCraft2 [2010.12.19 15:34:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\PlayFirst [2011.05.01 21:58:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Playrix Entertainment [2009.09.30 03:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SampleView [2010.04.20 18:59:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SevenSails [2011.06.23 13:17:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Tific [2009.10.11 17:21:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TomTom [2010.12.11 17:04:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Zylom [2011.01.01 16:18:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Awem [2009.10.13 19:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FarmFrenzy2 [2010.05.16 17:54:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ [2011.02.11 14:18:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intenium [2011.01.14 18:15:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MumboJumbo [2010.12.12 22:41:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nevosoft [2010.12.19 15:34:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PlayFirst [2009.10.14 21:19:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Playrix Entertainment [2011.06.20 19:06:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files [2009.09.29 19:34:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-Online [2011.06.14 11:00:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP [2010.11.13 19:18:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\The Mirror Mysteries [2009.10.11 17:22:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom [2010.12.11 17:04:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom [2009.09.30 03:36:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{174892B1-CBE7-44F5-86FF-AB555EFD73A3} [2011.05.09 22:03:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2009.09.30 18:56:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009.10.03 13:20:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{7B6BA59A-FB0E-4499-8536-A7420338BF3B} [2009.09.30 03:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\SampleView ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2009.11.21 17:46:29 | 000,000,000 | ---D | M] -- C:\05d683bee5903e419bc74ec4c3fa [2009.11.21 17:46:43 | 000,000,000 | ---D | M] -- C:\1f7c81843870767f77ea1971ce398042 [2009.11.19 18:51:09 | 000,000,000 | ---D | M] -- C:\5bda50968a7193a6704d49ae [2010.05.30 19:19:20 | 000,000,000 | ---D | M] -- C:\7837a82f5ac50bf540 [2009.10.03 15:26:50 | 000,000,000 | ---D | M] -- C:\b8b1f179b2298b6790 [2009.09.30 03:36:31 | 000,000,000 | ---D | M] -- C:\compaq [2011.06.18 14:06:40 | 000,000,000 | -H-D | M] -- C:\Config.Msi [2009.10.03 15:26:54 | 000,000,000 | ---D | M] -- C:\d2b396a757f6e317c2f973 [2009.09.29 21:22:51 | 000,000,000 | ---D | M] -- C:\d35619442881d4404fec1930 [2009.09.30 03:36:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen [2011.06.20 20:50:44 | 000,000,000 | ---D | M] -- C:\eefec7c210d50592ed56e5c6bd2757 [2010.04.25 20:53:07 | 000,000,000 | ---D | M] -- C:\EPLAN [2009.09.30 03:36:39 | 000,000,000 | -H-D | M] -- C:\hp [2009.09.30 03:36:41 | 000,000,000 | ---D | M] -- C:\i386 [2011.05.22 13:27:45 | 000,000,000 | ---D | M] -- C:\Metin2 [2009.09.30 03:36:41 | 000,000,000 | RH-D | M] -- C:\MSOCache [2009.10.04 18:44:57 | 000,000,000 | ---D | M] -- C:\Phenomedia AG [2011.06.23 15:22:41 | 000,000,000 | R--D | M] -- C:\Programme [2009.09.30 20:20:31 | 000,000,000 | -HSD | M] -- C:\RECYCLER [2011.05.22 14:08:44 | 000,000,000 | ---D | M] -- C:\Riot Games [2009.10.03 13:55:29 | 000,000,000 | ---D | M] -- C:\Shortcuts [2010.05.14 19:08:13 | 000,000,000 | ---D | M] -- C:\Spiele [2009.09.30 03:36:30 | 000,000,000 | ---D | M] -- C:\SWSetup [2011.06.23 15:09:15 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2009.09.29 18:43:31 | 000,000,000 | -H-D | M] -- C:\SYSTEM.SAV [2011.06.23 15:16:24 | 000,000,000 | ---D | M] -- C:\WINDOWS < %PROGRAMFILES%\*.exe > Invalid Environment Variable: LOCALAPPDATA < %systemroot%\*. /mp /s > < MD5 for: EXPLORER.EXE > [2008.04.14 11:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe < MD5 for: REGEDIT.EXE > [2008.04.14 17:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\i386\REGEDIT.EXE [2008.04.14 11:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe < MD5 for: USERINIT.EXE > [2008.04.14 11:00:00 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe < MD5 for: WINLOGON.EXE > [2008.04.14 11:00:00 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-06-15 14:13:53 < > ========== Alternate Data Streams ========== @Alternate Data Stream - 242 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D4BB0AD6 @Alternate Data Stream - 218 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:640EA6E8 @Alternate Data Stream - 217 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:50636E35 @Alternate Data Stream - 171 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:E2458802 @Alternate Data Stream - 169 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A4AF8D0D @Alternate Data Stream - 168 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:F84B8DB5 @Alternate Data Stream - 159 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A02025CE @Alternate Data Stream - 138 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:29629382 @Alternate Data Stream - 129 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:70E897B5 @Alternate Data Stream - 119 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:66AA0486 @Alternate Data Stream - 114 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:067F588D < End of report > Mehr habe ich nicht! Viele Grüße Pumperl |
25.06.2011, 20:53 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004.04.30 17:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ] O32 - AutoRun File - [2002.10.17 09:56:50 | 000,000,036 | RH-- | M] () - F:\autorun.inf -- [ FAT32 ] O32 - AutoRun File - [2006.02.09 14:59:36 | 000,000,000 | RH-D | M] - F:\autorun -- [ FAT32 ] [2011.06.20 19:10:33 | 000,118,784 | ---- | C] (SoftThinks) -- C:\WINDOWS\System32\chg.exe [2009.11.21 17:46:29 | 000,000,000 | ---D | M] -- C:\05d683bee5903e419bc74ec4c3fa [2009.11.21 17:46:43 | 000,000,000 | ---D | M] -- C:\1f7c81843870767f77ea1971ce398042 [2009.11.19 18:51:09 | 000,000,000 | ---D | M] -- C:\5bda50968a7193a6704d49ae [2010.05.30 19:19:20 | 000,000,000 | ---D | M] -- C:\7837a82f5ac50bf540 [2009.10.03 15:26:50 | 000,000,000 | ---D | M] -- C:\b8b1f179b2298b6790 [2009.10.03 15:26:54 | 000,000,000 | ---D | M] -- C:\d2b396a757f6e317c2f973 [2009.09.29 21:22:51 | 000,000,000 | ---D | M] -- C:\d35619442881d4404fec1930 [2011.06.20 20:50:44 | 000,000,000 | ---D | M] -- C:\eefec7c210d50592ed56e5c6bd2757 @Alternate Data Stream - 242 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D4BB0AD6 @Alternate Data Stream - 218 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:640EA6E8 @Alternate Data Stream - 217 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:50636E35 @Alternate Data Stream - 171 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:E2458802 @Alternate Data Stream - 169 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A4AF8D0D @Alternate Data Stream - 168 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:F84B8DB5 @Alternate Data Stream - 159 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A02025CE @Alternate Data Stream - 138 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:29629382 @Alternate Data Stream - 129 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:70E897B5 @Alternate Data Stream - 119 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:66AA0486 @Alternate Data Stream - 114 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:067F588D :Commands [purity] [resethosts] Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet. Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.
__________________ --> Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. |
26.06.2011, 13:19 | #7 |
| Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Hi Arne, danke für Deine Geduld!! Folgendes Log habe ich nach dem Fix erhalten: ========== OTL ========== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully! D:\Autorun.inf moved successfully. F:\autorun.inf moved successfully. File not found. C:\WINDOWS\system32\chg.exe moved successfully. Folder move failed. C:\05d683bee5903e419bc74ec4c3fa\hotfixexpress\files scheduled to be moved on reboot. C:\05d683bee5903e419bc74ec4c3fa\hotfixexpress folder moved successfully. C:\05d683bee5903e419bc74ec4c3fa\1031 folder moved successfully. C:\05d683bee5903e419bc74ec4c3fa folder moved successfully. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\system scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net\adomd.net\90\en scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net\adomd.net\90\de scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net\adomd.net\90 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net\adomd.net scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\install scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\data scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn\res\1033 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn\res\1031 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn\res scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn\de scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared\database replication scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\z8ww3aes.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\y8ww3aes.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\67wtistq.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2kfkwlwq.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2ggml9qs.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\p6hpravq.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\jwfvlhtq.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\hwfvlhtq.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\77wtistq.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kfkwlwq.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3ggml9qs.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\system32\ansi scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\system32 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\sqltypes scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqltransaction scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlrowcount scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlresultstream scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlparameter scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlmessage scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\options scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload\format scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\showplan scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\queryprocessor scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\dta scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\resources scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared\resources scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared\de scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\sdk\assemblies\en scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\sdk\assemblies\de scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\sdk\assemblies scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\sdk scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\gac\de scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\gac scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\eula scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\resources scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\en scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\de scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools\binn\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools\binn\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools\binn\resources scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools\binn scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\common files\microsoft shared\sql debugging scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\common files\microsoft shared scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files\common files scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\program files scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\images scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\help\1033 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\help\1031 scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup\help scheduled to be moved on reboot. Folder move failed. C:\1f7c81843870767f77ea1971ce398042\setup scheduled to be moved on reboot. C:\1f7c81843870767f77ea1971ce398042\1031 folder moved successfully. C:\1f7c81843870767f77ea1971ce398042 folder moved successfully. Folder move failed. C:\5bda50968a7193a6704d49ae\hotfixexpress\files scheduled to be moved on reboot. C:\5bda50968a7193a6704d49ae\hotfixexpress folder moved successfully. C:\5bda50968a7193a6704d49ae\1031 folder moved successfully. C:\5bda50968a7193a6704d49ae folder moved successfully. C:\7837a82f5ac50bf540\update folder moved successfully. C:\7837a82f5ac50bf540 folder moved successfully. Folder move failed. C:\b8b1f179b2298b6790\hotfixexpress\files scheduled to be moved on reboot. C:\b8b1f179b2298b6790\hotfixexpress folder moved successfully. C:\b8b1f179b2298b6790\1031 folder moved successfully. C:\b8b1f179b2298b6790 folder moved successfully. Folder move failed. C:\d2b396a757f6e317c2f973\setup\system scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net\adomd.net\90\en scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net\adomd.net\90\de scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net\adomd.net\90 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net\adomd.net scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\install scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\data scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn\res\1033 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn\res\1031 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn\res scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn\de scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared\database replication scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\z8ww3aes.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\y8ww3aes.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\67wtistq.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2kfkwlwq.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2ggml9qs.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\p6hpravq.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\jwfvlhtq.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\hwfvlhtq.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\77wtistq.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kfkwlwq.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3ggml9qs.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\system32\ansi scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\system32 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\sqltypes scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqltransaction scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlrowcount scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlresultstream scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlparameter scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlmessage scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\options scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload\format scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\showplan scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\queryprocessor scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\dta scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\resources scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared\resources scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared\de scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\sdk\assemblies\en scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\sdk\assemblies\de scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\sdk\assemblies scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\sdk scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\gac\de scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\gac scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\eula scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\resources scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\en scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\de scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools\binn\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools\binn\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools\binn\resources scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools\binn scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\common files\microsoft shared\sql debugging scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\common files\microsoft shared scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files\common files scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\program files scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\images scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\help\1033 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\help\1031 scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup\help scheduled to be moved on reboot. Folder move failed. C:\d2b396a757f6e317c2f973\setup scheduled to be moved on reboot. C:\d2b396a757f6e317c2f973\1031 folder moved successfully. C:\d2b396a757f6e317c2f973 folder moved successfully. C:\d35619442881d4404fec1930\i386 folder moved successfully. C:\d35619442881d4404fec1930\amd64 folder moved successfully. C:\d35619442881d4404fec1930 folder moved successfully. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\system scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net\adomd.net\90\en scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net\adomd.net\90\de scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net\adomd.net\90 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net\adomd.net scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\install scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\data scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn\res\1033 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn\res\1031 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn\res scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn\de scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared\database replication scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\z8ww3aes.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\y8ww3aes.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\67wtistq.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2kfkwlwq.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2ggml9qs.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\p6hpravq.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\jwfvlhtq.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\hwfvlhtq.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\77wtistq.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kfkwlwq.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3ggml9qs.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\system32\ansi scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\system32 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\sqltypes scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqltransaction scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlrowcount scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlresultstream scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlparameter scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlmessage scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\options scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload\format scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\showplan scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\queryprocessor scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\dta scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\resources scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared\resources scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared\de scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\sdk\assemblies\en scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\sdk\assemblies\de scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\sdk\assemblies scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\sdk scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\gac\de scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\gac scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\eula scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\resources scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\en scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\de scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools\binn\resources\1033 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools\binn\resources\1031 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools\binn\resources scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools\binn scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\common files\microsoft shared\sql debugging scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\common files\microsoft shared scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\common files scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\program files scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\images scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\help\1033 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\help\1031 scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup\help scheduled to be moved on reboot. Folder move failed. C:\eefec7c210d50592ed56e5c6bd2757\setup scheduled to be moved on reboot. C:\eefec7c210d50592ed56e5c6bd2757\1031 folder moved successfully. C:\eefec7c210d50592ed56e5c6bd2757 folder moved successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP4BB0AD6 deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:640EA6E8 deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:50636E35 deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:E2458802 deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A4AF8D0D deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:F84B8DB5 deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A02025CE deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:29629382 deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:70E897B5 deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:66AA0486 deleted successfully. ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:067F588D deleted successfully. ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.24.1 log created on 06262011_141349 Files\Folders moved on Reboot... File\Folder C:\05d683bee5903e419bc74ec4c3fa\hotfixexpress\files not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\system not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net\adomd.net\90\en not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net\adomd.net\90\de not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net\adomd.net\90 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net\adomd.net not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft.net not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\install not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\data not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn\res\1033 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn\res\1031 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn\res not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn\de not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86\binn not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\x86 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1033 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1031 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared\database replication not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files\microsoft shared not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\common files not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\z8ww3aes.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\y8ww3aes.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\67wtistq.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2kfkwlwq.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2ggml9qs.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\p6hpravq.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\jwfvlhtq.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\hwfvlhtq.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\77wtistq.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kfkwlwq.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3ggml9qs.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\system32\ansi not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows\system32 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\windows not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\sqltypes not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqltransaction not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlrowcount not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlresultstream not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlparameter not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlmessage not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\options not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload\format not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\showplan not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\queryprocessor not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\dta not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\schemas not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\resources\1033 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\resources\1031 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn\resources not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools\binn not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\tools not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared\resources\1033 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared\resources\1031 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared\resources not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared\de not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\shared not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\sdk\assemblies\en not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\sdk\assemblies\de not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\sdk\assemblies not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\sdk not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\gac\de not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\gac not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\eula not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\resources\1033 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\resources\1031 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\resources not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\en not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com\de not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90\com not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\90 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools\binn\resources\1033 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools\binn\resources\1031 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools\binn\resources not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools\binn not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80\tools not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server\80 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\microsoft sql server not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\common files\microsoft shared\sql debugging not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\common files\microsoft shared not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files\common files not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\program files not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\images not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\help\1033 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\help\1031 not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup\help not found! File\Folder C:\1f7c81843870767f77ea1971ce398042\setup not found! File\Folder C:\5bda50968a7193a6704d49ae\hotfixexpress\files not found! File\Folder C:\b8b1f179b2298b6790\hotfixexpress\files not found! File\Folder C:\d2b396a757f6e317c2f973\setup\system not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net\adomd.net\90\en not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net\adomd.net\90\de not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net\adomd.net\90 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net\adomd.net not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft.net not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\install not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\data not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn\res\1033 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn\res\1031 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn\res not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn\de not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86\binn not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\x86 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1033 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1031 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared\database replication not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files\microsoft shared not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\common files not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\z8ww3aes.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\y8ww3aes.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\67wtistq.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2kfkwlwq.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2ggml9qs.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\p6hpravq.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\jwfvlhtq.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\hwfvlhtq.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\77wtistq.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kfkwlwq.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3ggml9qs.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\system32\ansi not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows\system32 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\windows not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\sqltypes not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqltransaction not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlrowcount not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlresultstream not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlparameter not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlmessage not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\options not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload\format not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\showplan not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\queryprocessor not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\dta not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\schemas not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\resources\1033 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\resources\1031 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn\resources not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools\binn not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\tools not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared\resources\1033 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared\resources\1031 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared\resources not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared\de not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\shared not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\sdk\assemblies\en not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\sdk\assemblies\de not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\sdk\assemblies not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\sdk not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\gac\de not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\gac not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\eula not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\resources\1033 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\resources\1031 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\resources not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\en not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com\de not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90\com not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\90 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools\binn\resources\1033 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools\binn\resources\1031 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools\binn\resources not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools\binn not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80\tools not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server\80 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\microsoft sql server not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\common files\microsoft shared\sql debugging not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\common files\microsoft shared not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files\common files not found! File\Folder C:\d2b396a757f6e317c2f973\setup\program files not found! File\Folder C:\d2b396a757f6e317c2f973\setup\images not found! File\Folder C:\d2b396a757f6e317c2f973\setup\help\1033 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\help\1031 not found! File\Folder C:\d2b396a757f6e317c2f973\setup\help not found! File\Folder C:\d2b396a757f6e317c2f973\setup not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\system not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net\adomd.net\90\en not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net\adomd.net\90\de not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net\adomd.net\90 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net\adomd.net not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft.net not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\install not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\data not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn\res\1033 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn\res\1031 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn\res not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn\de not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86\binn not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\x86 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1033 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources\1031 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared\database replication\resources not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared\database replication not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files\microsoft shared not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\common files not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\z8ww3aes.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\r6hpravq.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\y8ww3aes.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\67wtistq.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2kfkwlwq.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies\2ggml9qs.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\policies not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\p6hpravq.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\manifests not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\jwfvlhtq.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\hwfvlhtq.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\bql1q2cs.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\9ql1q2cs.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\77wtistq.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kn09qps.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3kfkwlwq.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\3ggml9qs.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs\1kn09qps.lm8 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\winsxs not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\system32\ansi not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows\system32 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\windows not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\sqltypes not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqltransaction not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlrowcount not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlresultstream not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlparameter not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types\sqlmessage not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\types not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap\options not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\soap not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload\format not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\bulkload not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\showplan not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\queryprocessor not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07\dta not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004\07 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver\2004 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas\sqlserver not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\schemas not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\resources\1033 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\resources\1031 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn\resources not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools\binn not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\tools not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared\resources\1033 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared\resources\1031 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared\resources not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared\de not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\shared not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\sdk\assemblies\en not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\sdk\assemblies\de not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\sdk\assemblies not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\sdk not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\gac\de not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\gac not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\eula not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\resources\1033 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\resources\1031 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\resources not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\en not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com\de not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90\com not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\90 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools\binn\resources\1033 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools\binn\resources\1031 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools\binn\resources not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools\binn not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80\tools not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server\80 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\microsoft sql server not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\common files\microsoft shared\sql debugging not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\common files\microsoft shared not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files\common files not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\program files not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\images not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\help\1033 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\help\1031 not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup\help not found! File\Folder C:\eefec7c210d50592ed56e5c6bd2757\setup not found! Registry entries deleted on Reboot... Vielen Dank!! Gruß Susanne |
26.06.2011, 13:48 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen: Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop. Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern ) Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________ Logfiles bitte immer in CODE-Tags posten |
26.06.2011, 14:07 | #9 |
| Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Hi, habe das Tool laufen lassen und folgenden Scan erhalten: Code:
ATTFilter 2011/06/26 15:02:50.0984 0640 TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15 2011/06/26 15:02:51.0125 0640 ================================================================================ 2011/06/26 15:02:51.0125 0640 SystemInfo: 2011/06/26 15:02:51.0125 0640 2011/06/26 15:02:51.0125 0640 OS Version: 5.1.2600 ServicePack: 3.0 2011/06/26 15:02:51.0125 0640 Product type: Workstation 2011/06/26 15:02:51.0125 0640 ComputerName: BRAUTPAARPC 2011/06/26 15:02:51.0125 0640 UserName: Administrator 2011/06/26 15:02:51.0125 0640 Windows directory: C:\WINDOWS 2011/06/26 15:02:51.0125 0640 System windows directory: C:\WINDOWS 2011/06/26 15:02:51.0125 0640 Processor architecture: Intel x86 2011/06/26 15:02:51.0125 0640 Number of processors: 4 2011/06/26 15:02:51.0125 0640 Page size: 0x1000 2011/06/26 15:02:51.0125 0640 Boot type: Normal boot 2011/06/26 15:02:51.0125 0640 ================================================================================ 2011/06/26 15:02:51.0406 0640 Initialize success 2011/06/26 15:02:55.0390 2836 ================================================================================ 2011/06/26 15:02:55.0390 2836 Scan started 2011/06/26 15:02:55.0390 2836 Mode: Manual; 2011/06/26 15:02:55.0390 2836 ================================================================================ 2011/06/26 15:02:55.0656 2836 ac97intc (0f2d66d5f08ebe2f77bb904288dcf6f0) C:\WINDOWS\system32\drivers\ac97intc.sys 2011/06/26 15:02:55.0703 2836 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys 2011/06/26 15:02:55.0734 2836 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys 2011/06/26 15:02:55.0765 2836 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 2011/06/26 15:02:55.0781 2836 adpu320 (0ea9b1f0c6c90a509c8603775366adb7) C:\WINDOWS\system32\DRIVERS\adpu320.sys 2011/06/26 15:02:55.0812 2836 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 2011/06/26 15:02:55.0859 2836 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys 2011/06/26 15:02:55.0906 2836 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 2011/06/26 15:02:55.0937 2836 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 2011/06/26 15:02:56.0000 2836 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 2011/06/26 15:02:56.0062 2836 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 2011/06/26 15:02:56.0093 2836 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 2011/06/26 15:02:56.0187 2836 ati2mtag (8e54c76db5d88bf8b4e82b37e1322671) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 2011/06/26 15:02:56.0250 2836 AtiHdmiService (1e82f05cff41316bcaa513909d99a004) C:\WINDOWS\system32\drivers\AtiHdmi.sys 2011/06/26 15:02:56.0250 2836 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 2011/06/26 15:02:56.0281 2836 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 2011/06/26 15:02:56.0312 2836 avmeject (263cf9d248fd5e020a1333ed4f7eaa88) C:\WINDOWS\system32\drivers\avmeject.sys 2011/06/26 15:02:56.0343 2836 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 2011/06/26 15:02:56.0531 2836 BHDrvx86 (ad73b4cd214de82d003fdadbaeab6410) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110616.003\BHDrvx86.sys 2011/06/26 15:02:56.0562 2836 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 2011/06/26 15:02:56.0578 2836 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 2011/06/26 15:02:56.0609 2836 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 2011/06/26 15:02:56.0640 2836 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 2011/06/26 15:02:56.0828 2836 DFSYS (ea29c804fcf6fed1f2f4f14bec890de0) C:\Programme\T-Online\Dialerschutz-Software\DFSYS.SYS 2011/06/26 15:02:56.0859 2836 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 2011/06/26 15:02:56.0890 2836 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys 2011/06/26 15:02:56.0937 2836 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys 2011/06/26 15:02:56.0953 2836 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 2011/06/26 15:02:56.0984 2836 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 2011/06/26 15:02:57.0015 2836 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 2011/06/26 15:02:57.0046 2836 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 2011/06/26 15:02:57.0062 2836 E100B (a6de5342417fec3c0aa8efebb899c431) C:\WINDOWS\system32\DRIVERS\e100b325.sys 2011/06/26 15:02:57.0093 2836 e1yexpress (6a738bee58ff3d2f237157082e799de8) C:\WINDOWS\system32\DRIVERS\e1y5132.sys 2011/06/26 15:02:57.0156 2836 eeCtrl (5461f01b7def17dc90d90b029f874c3b) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys 2011/06/26 15:02:57.0203 2836 EraserUtilRebootDrv (17fcc372d03ba39f3aee85198c0ec594) C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 2011/06/26 15:02:57.0234 2836 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 2011/06/26 15:02:57.0250 2836 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 2011/06/26 15:02:57.0265 2836 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys 2011/06/26 15:02:57.0328 2836 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 2011/06/26 15:02:57.0343 2836 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 2011/06/26 15:02:57.0343 2836 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 2011/06/26 15:02:57.0359 2836 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 2011/06/26 15:02:57.0406 2836 FWLANUSB (ff12fa487265da2ac7de4be53f72ff1a) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys 2011/06/26 15:02:57.0437 2836 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 2011/06/26 15:02:57.0468 2836 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 2011/06/26 15:02:57.0500 2836 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 2011/06/26 15:02:57.0531 2836 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 2011/06/26 15:02:57.0578 2836 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys 2011/06/26 15:02:57.0593 2836 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys 2011/06/26 15:02:57.0625 2836 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys 2011/06/26 15:02:57.0656 2836 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 2011/06/26 15:02:57.0718 2836 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 2011/06/26 15:02:57.0734 2836 i81x (06b7ef73ba5f302eecc294cdf7e19702) C:\WINDOWS\system32\DRIVERS\i81xnt5.sys 2011/06/26 15:02:57.0765 2836 iAimFP0 (7b5b44efe5eb9dadfb8ee29700885d23) C:\WINDOWS\system32\DRIVERS\wADV01nt.sys 2011/06/26 15:02:57.0781 2836 iAimFP1 (eb1f6bab6c22ede0ba551b527475f7e9) C:\WINDOWS\system32\DRIVERS\wADV02NT.sys 2011/06/26 15:02:57.0781 2836 iAimFP2 (03ce989d846c1aa81145cb22fcb86d06) C:\WINDOWS\system32\DRIVERS\wADV05NT.sys 2011/06/26 15:02:57.0796 2836 iAimFP3 (525849b4469de021d5d61b4db9be3a9d) C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys 2011/06/26 15:02:57.0812 2836 iAimFP4 (589c2bcdb5bd602bf7b63d210407ef8c) C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys 2011/06/26 15:02:57.0843 2836 iAimFP5 (0308aef61941e4af478fa1a0f83812f5) C:\WINDOWS\system32\DRIVERS\wADV07nt.sys 2011/06/26 15:02:57.0859 2836 iAimFP6 (714038a8aa5de08e12062202cd7eaeb5) C:\WINDOWS\system32\DRIVERS\wADV08nt.sys 2011/06/26 15:02:57.0890 2836 iAimFP7 (7bb3aa595e4507a788de1cdc63f4c8c4) C:\WINDOWS\system32\DRIVERS\wADV09nt.sys 2011/06/26 15:02:57.0906 2836 iAimTV0 (d83bdd5c059667a2f647a6be5703a4d2) C:\WINDOWS\system32\DRIVERS\wATV01nt.sys 2011/06/26 15:02:57.0921 2836 iAimTV1 (ed968d23354daa0d7c621580c012a1f6) C:\WINDOWS\system32\DRIVERS\wATV02NT.sys 2011/06/26 15:02:57.0953 2836 iAimTV3 (d738273f218a224c1ddac04203f27a84) C:\WINDOWS\system32\DRIVERS\wATV04nt.sys 2011/06/26 15:02:57.0968 2836 iAimTV4 (0052d118995cbab152daabe6106d1442) C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys 2011/06/26 15:02:57.0968 2836 iAimTV5 (791cc45de6e50445be72e8ad6401ff45) C:\WINDOWS\system32\DRIVERS\wATV10nt.sys 2011/06/26 15:02:57.0984 2836 iAimTV6 (352fa0e98bc461ce1ce5d41f64db558d) C:\WINDOWS\system32\DRIVERS\wATV06nt.sys 2011/06/26 15:02:58.0046 2836 iaStor (42be6406094936a23280d68d9aec33d0) C:\WINDOWS\system32\DRIVERS\iaStor.sys 2011/06/26 15:02:58.0171 2836 IDSxpx86 (b9ba869eb7b66c5740e904a79f9245b4) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110624.050\IDSxpx86.sys 2011/06/26 15:02:58.0218 2836 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 2011/06/26 15:02:58.0328 2836 IntcAzAudAddService (3fd00a073361937b705822775255d4e0) C:\WINDOWS\system32\drivers\RtkHDAud.sys 2011/06/26 15:02:58.0375 2836 IntelIde (69c4e3c9e67a1f103b94e14fdd5f3213) C:\WINDOWS\system32\DRIVERS\intelide.sys 2011/06/26 15:02:58.0406 2836 intelppm (4c7d2750158ed6e7ad642d97bffae351) C:\WINDOWS\system32\DRIVERS\intelppm.sys 2011/06/26 15:02:58.0421 2836 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 2011/06/26 15:02:58.0437 2836 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 2011/06/26 15:02:58.0453 2836 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 2011/06/26 15:02:58.0484 2836 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 2011/06/26 15:02:58.0500 2836 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 2011/06/26 15:02:58.0531 2836 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 2011/06/26 15:02:58.0562 2836 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys 2011/06/26 15:02:58.0593 2836 Iviaspi (4ac11b2250106774f694df2db4ffed61) C:\WINDOWS\system32\drivers\iviaspi.sys 2011/06/26 15:02:58.0609 2836 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 2011/06/26 15:02:58.0625 2836 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 2011/06/26 15:02:58.0656 2836 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 2011/06/26 15:02:58.0703 2836 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 2011/06/26 15:02:58.0750 2836 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 2011/06/26 15:02:58.0781 2836 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys 2011/06/26 15:02:58.0796 2836 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys 2011/06/26 15:02:58.0812 2836 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys 2011/06/26 15:02:58.0828 2836 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 2011/06/26 15:02:58.0843 2836 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 2011/06/26 15:02:58.0906 2836 MRxSmb (0dc719e9b15e902346e87e9dcd5751fa) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 2011/06/26 15:02:58.0937 2836 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 2011/06/26 15:02:58.0968 2836 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 2011/06/26 15:02:58.0984 2836 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2011/06/26 15:02:58.0984 2836 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 2011/06/26 15:02:59.0015 2836 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 2011/06/26 15:02:59.0031 2836 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 2011/06/26 15:02:59.0062 2836 NAL (03ca886ba148b6b9996be1368ddc3fc0) C:\WINDOWS\system32\Drivers\iqvw32.sys 2011/06/26 15:02:59.0171 2836 NAVENG (920d9701bba90dbb7ccfd3536ea4d6f9) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110625.002\NAVENG.SYS 2011/06/26 15:02:59.0218 2836 NAVEX15 (31b1a9b53c3319b97f7874347cd992d2) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20110625.002\NAVEX15.SYS 2011/06/26 15:02:59.0265 2836 NDIS (b5b1080d35974c0e718d64280761bcd5) C:\WINDOWS\system32\drivers\NDIS.sys 2011/06/26 15:02:59.0281 2836 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 2011/06/26 15:02:59.0296 2836 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 2011/06/26 15:02:59.0343 2836 NdisWan (b053a8411045fd0664b389a090cb2bbc) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 2011/06/26 15:02:59.0375 2836 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 2011/06/26 15:02:59.0390 2836 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 2011/06/26 15:02:59.0421 2836 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 2011/06/26 15:02:59.0453 2836 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 2011/06/26 15:02:59.0468 2836 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 2011/06/26 15:02:59.0500 2836 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 2011/06/26 15:02:59.0515 2836 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 2011/06/26 15:02:59.0546 2836 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 2011/06/26 15:02:59.0562 2836 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 2011/06/26 15:02:59.0578 2836 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 2011/06/26 15:02:59.0609 2836 P3 (a7af0c0860f1c43fc6581ba8a99eabef) C:\WINDOWS\system32\DRIVERS\p3.sys 2011/06/26 15:02:59.0625 2836 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\DRIVERS\parport.sys 2011/06/26 15:02:59.0625 2836 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 2011/06/26 15:02:59.0656 2836 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys 2011/06/26 15:02:59.0671 2836 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys 2011/06/26 15:02:59.0703 2836 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys 2011/06/26 15:02:59.0718 2836 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys 2011/06/26 15:02:59.0828 2836 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 2011/06/26 15:02:59.0843 2836 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 2011/06/26 15:02:59.0859 2836 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 2011/06/26 15:02:59.0921 2836 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 2011/06/26 15:02:59.0937 2836 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 2011/06/26 15:02:59.0953 2836 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 2011/06/26 15:02:59.0968 2836 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 2011/06/26 15:02:59.0984 2836 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 2011/06/26 15:03:00.0000 2836 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 2011/06/26 15:03:00.0015 2836 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 2011/06/26 15:03:00.0046 2836 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 2011/06/26 15:03:00.0062 2836 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys 2011/06/26 15:03:00.0093 2836 regi (001b4278407f4303efc902a2b16f2453) C:\WINDOWS\system32\drivers\regi.sys 2011/06/26 15:03:00.0125 2836 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 2011/06/26 15:03:00.0140 2836 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 2011/06/26 15:03:00.0156 2836 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys 2011/06/26 15:03:00.0187 2836 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys 2011/06/26 15:03:00.0250 2836 SipIMNDI (1644c3814e0dae66cd68e39ffb97d869) C:\WINDOWS\system32\DRIVERS\SipIMNDI.sys 2011/06/26 15:03:00.0296 2836 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 2011/06/26 15:03:00.0312 2836 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys 2011/06/26 15:03:00.0375 2836 SRTSP (83726cf02eced69138948083e06b6eac) C:\WINDOWS\System32\Drivers\N360\0501000.01D\SRTSP.SYS 2011/06/26 15:03:00.0390 2836 SRTSPX (4e7eab2e5615d39cf1f1df9c71e5e225) C:\WINDOWS\system32\drivers\N360\0501000.01D\SRTSPX.SYS 2011/06/26 15:03:00.0421 2836 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 2011/06/26 15:03:00.0453 2836 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 2011/06/26 15:03:00.0468 2836 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 2011/06/26 15:03:00.0500 2836 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 2011/06/26 15:03:00.0515 2836 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 2011/06/26 15:03:00.0578 2836 SymDS (9bbeb8c6258e72d62e7560e6667aad39) C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMDS.SYS 2011/06/26 15:03:00.0609 2836 SymEFA (d5c02629c02a820a7e71bca3d44294a3) C:\WINDOWS\system32\drivers\N360\0501000.01D\SYMEFA.SYS 2011/06/26 15:03:00.0640 2836 SymEvent (ab33c3b196197ca467cbdda717860dba) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS 2011/06/26 15:03:00.0687 2836 SymIRON (a73399804d5d4a8b20ba60fcf70c9f1f) C:\WINDOWS\system32\drivers\N360\0501000.01D\Ironx86.SYS 2011/06/26 15:03:00.0718 2836 Symmpi (f2b7e8416f508368ac6730e2ae1c614f) C:\WINDOWS\system32\DRIVERS\symmpi.sys 2011/06/26 15:03:00.0750 2836 SYMTDI (dec35ccaf7a222df918306cd2fdfbd39) C:\WINDOWS\System32\Drivers\N360\0501000.01D\SYMTDI.SYS 2011/06/26 15:03:00.0765 2836 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 2011/06/26 15:03:00.0781 2836 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 2011/06/26 15:03:00.0796 2836 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 2011/06/26 15:03:00.0859 2836 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 2011/06/26 15:03:00.0875 2836 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 2011/06/26 15:03:00.0890 2836 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 2011/06/26 15:03:00.0921 2836 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 2011/06/26 15:03:00.0968 2836 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 2011/06/26 15:03:01.0015 2836 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys 2011/06/26 15:03:01.0046 2836 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 2011/06/26 15:03:01.0078 2836 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 2011/06/26 15:03:01.0078 2836 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 2011/06/26 15:03:01.0109 2836 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 2011/06/26 15:03:01.0140 2836 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 2011/06/26 15:03:01.0156 2836 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 2011/06/26 15:03:01.0187 2836 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 2011/06/26 15:03:01.0218 2836 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 2011/06/26 15:03:01.0281 2836 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 2011/06/26 15:03:01.0312 2836 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys 2011/06/26 15:03:01.0343 2836 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 2011/06/26 15:03:01.0375 2836 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 2011/06/26 15:03:01.0468 2836 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys 2011/06/26 15:03:01.0500 2836 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 2011/06/26 15:03:01.0515 2836 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 2011/06/26 15:03:01.0562 2836 MBR (0x1B8) (4f02a8d4048a138c450ed7f867eb0144) \Device\Harddisk0\DR0 2011/06/26 15:03:01.0687 2836 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk1\DR3 2011/06/26 15:03:01.0703 2836 ================================================================================ 2011/06/26 15:03:01.0703 2836 Scan finished 2011/06/26 15:03:01.0703 2836 ================================================================================ 2011/06/26 15:03:01.0703 3344 Detected object count: 0 2011/06/26 15:03:01.0703 3344 Actual detected object count: 0 VG Susanne |
26.06.2011, 14:24 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
26.06.2011, 14:49 | #11 |
| Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Hi, nachfolgend das Combofix Log: [CODE] Combofix Logfile: Code:
ATTFilter ComboFix 11-06-25.05 - Administrator 26.06.2011 15:42:14.1.4 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.3583.2959 [GMT 2:00] ausgeführt von:: c:\dokumente und einstellungen\Administrator\Desktop\ComboFix.exe AV: Norton 360 Online *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 Online *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} * Neuer Wiederherstellungspunkt wurde erstellt . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\IsUn0407.exe c:\windows\system32\AutoRun.inf . . ((((((((((((((((((((((( Dateien erstellt von 2011-05-26 bis 2011-06-26 )))))))))))))))))))))))))))))) . . 2011-06-26 13:20 . 2011-06-26 13:20 2106216 ----a-w- c:\programme\Mozilla Firefox\D3DCompiler_43.dll 2011-06-26 13:20 . 2011-06-26 13:20 1998168 ----a-w- c:\programme\Mozilla Firefox\d3dx9_43.dll 2011-06-26 12:15 . 2011-06-26 12:15 118784 ----a-w- c:\windows\system32\chg.exe 2011-06-26 12:13 . 2011-06-26 12:13 -------- d-----w- C:\_OTL 2011-06-23 13:22 . 2011-06-23 13:22 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Malwarebytes 2011-06-23 13:22 . 2011-06-23 13:22 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes 2011-06-23 13:22 . 2011-05-29 07:11 39984 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-06-23 13:22 . 2011-06-23 13:22 -------- d-----w- c:\programme\Malwarebytes' Anti-Malware 2011-06-23 13:22 . 2011-05-29 07:11 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-06-23 11:20 . 2011-06-23 11:25 -------- d-----w- c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\NPE 2011-06-23 11:17 . 2011-06-23 11:17 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Tific 2011-06-23 11:17 . 2011-06-23 11:17 -------- d-----w- c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\Symantec 2011-06-23 10:45 . 2011-06-23 13:09 -------- d-----w- c:\programme\Spybot - Search & Destroy 2011-06-23 10:45 . 2011-06-23 13:07 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy 2011-06-19 17:56 . 2008-03-05 13:56 3786760 ----a-w- c:\windows\system32\D3DX9_37.dll 2011-06-15 13:56 . 2011-06-15 17:29 -------- d-----w- c:\windows\SxsCaPendDel 2011-06-15 11:51 . 2011-04-21 13:37 105472 ------w- c:\windows\system32\dllcache\mup.sys 2011-06-10 05:10 . 2011-06-10 05:10 -------- d-----w- c:\dokumente und einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\HP 2011-05-27 19:17 . 2011-05-27 19:17 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\HdO Adventure . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-06-19 17:51 . 2011-05-22 11:03 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-05-11 14:23 . 2009-09-29 17:36 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2011-05-11 14:23 . 2009-09-29 17:36 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2011-05-02 15:31 . 2008-04-14 09:00 692736 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 16:19 . 2008-04-14 09:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2011-04-25 16:05 . 2008-04-14 09:00 916480 ----a-w- c:\windows\system32\wininet.dll 2011-04-25 16:05 . 2008-04-14 09:00 43520 ----a-w- c:\windows\system32\licmgr10.dll 2011-04-25 16:05 . 2008-04-14 09:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2011-04-25 12:01 . 2008-04-14 09:00 385024 ----a-w- c:\windows\system32\html.iec 2011-04-21 13:37 . 2008-04-14 09:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys 2011-04-06 14:20 . 2011-04-06 14:20 91424 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 14:20 . 2011-04-06 14:20 197920 ----a-w- c:\windows\system32\dnssdX.dll 2011-04-06 14:20 . 2011-04-06 14:20 107808 ----a-w- c:\windows\system32\dns-sd.exe 2011-03-31 03:00 . 2011-05-10 16:55 516216 ----a-w- c:\windows\system32\drivers\N360\0501000.01D\srtsp.sys 2011-03-31 03:00 . 2011-05-10 16:55 50168 ----a-w- c:\windows\system32\drivers\N360\0501000.01D\srtspx.sys 2011-06-26 13:20 . 2011-05-08 16:01 142296 ----a-w- c:\programme\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATIPTA"="c:\programme\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2009-04-28 344064] "PDF Complete"="c:\programme\PDF Complete\pdfsty.exe" [2008-04-07 318488] "SetRefresh"="c:\programme\Compaq\SetRefresh\SetRefresh.exe" [2003-11-21 525824] "Recguard"="c:\windows\Sminst\Recguard.exe" [2006-05-12 1138688] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2006-03-31 761856] "Scheduler"="c:\windows\SMINST\Scheduler.exe" [2006-07-10 872448] "AVMWlanClient"="c:\programme\avmwlanstick\FRITZWLANMini.exe" [2007-02-02 283136] "HP Software Update"="c:\programme\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152] "Adobe Photo Downloader"="c:\programme\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [2007-03-16 63712] "T-Home Dialerschutz-Software"="c:\programme\T-Online\Dialerschutz-Software\Defender.exe" [2010-03-29 1411720] "Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-14 39792] "QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-11-29 421888] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] "DWQueuedReporting"="c:\progra~1\GEMEIN~1\MICROS~1\DW\dwtrig20.exe" [2008-11-04 435096] . c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\ HP Digital Imaging Monitor.lnk - c:\programme\HP\Digital Imaging\bin\hpqtra08.exe [2007-3-11 210520] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Programme\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\WINDOWS\\SMINST\\Scheduler.exe"= "c:\\Programme\\Messenger\\msmsgs.exe"= "c:\\Programme\\Microsoft Games\\Dungeon Siege 2\\DungeonSiege2.exe"= "c:\\Programme\\Bonjour\\mDNSResponder.exe"= "c:\\Programme\\iTunes\\iTunes.exe"= "c:\\Programme\\Pando Networks\\Media Booster\\PMB.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "58463:TCP"= 58463:TCP:Pando Media Booster "58463:UDP"= 58463:UDP:Pando Media Booster . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0501000.01D\symds.sys [10.05.2011 18:55 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0501000.01D\symefa.sys [10.05.2011 18:55 744568] R1 BHDrvx86;BHDrvx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20110616.003\BHDrvx86.sys [17.06.2011 18:44 810616] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0501000.01D\ironx86.sys [10.05.2011 18:55 136312] R2 DFSVC;T-Home Dialerschutz Dienst;c:\programme\T-Online\Dialerschutz-Software\DFInject.exe [29.09.2009 19:34 288768] R2 N360;Norton 360;c:\programme\Norton 360\Engine\5.1.0.29\ccsvchst.exe [10.05.2011 18:55 130008] R2 pdfcDispatcher;PDF Document Manager;c:\programme\PDF Complete\pdfsvc.exe [15.09.2009 10:06 576024] R2 regi;regi;c:\windows\system32\drivers\regi.sys [17.04.2007 20:09 11032] R2 TomTomHOMEService;TomTomHOMEService;c:\programme\TomTom HOME 2\TomTomHOMEService.exe [09.03.2011 14:30 92592] R3 DFSYS;T-Home Dialerschutz Hooking Treiber;c:\programme\T-Online\Dialerschutz-Software\DFSYS.sys [29.09.2009 19:34 14624] R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys [15.09.2009 18:39 243856] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\programme\Gemeinsame Dateien\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [10.05.2011 18:55 105592] R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\drivers\fwlanusb.sys [29.09.2009 18:48 265088] R3 IDSxpx86;IDSxpx86;c:\dokumente und einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20110624.050\IDSXpx86.sys [25.06.2011 13:17 355256] R3 SipIMNDI;T-Home Dialerschutz VoIP Service;c:\windows\system32\drivers\SipIMNDI.sys [29.09.2009 19:34 24352] S2 0258291254242786mcinstcleanup;McAfee Application Installer Cleanup (0258291254242786);c:\dokume~1\ADMINI~1\LOKALE~1\Temp\025829~1.EXE c:\progra~1\GEMEIN~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> c:\dokume~1\ADMINI~1\LOKALE~1\Temp\025829~1.EXE c:\progra~1\GEMEIN~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?] S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [10.12.2009 20:14 135664] S3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [29.09.2009 18:48 4352] S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [10.12.2009 20:14 135664] . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - 87347624 *NewlyCreated* - 93964158 *Deregistered* - 87347624 *Deregistered* - 93964158 *Deregistered* - DFInjDrv . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhalt des "geplante Tasks" Ordners . 2011-06-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programme\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . 2011-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programme\Google\Update\GoogleUpdate.exe [2009-12-10 18:14] . 2011-06-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programme\Google\Update\GoogleUpdate.exe [2009-12-10 18:14] . . ------- Zusätzlicher Suchlauf ------- . uStart Page = hxxp://start.icq.com/ mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=93&bd=all&pf=cmdt uInternet Settings,ProxyOverride = *.local IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.2.1 FF - ProfilePath - c:\dokumente und einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\z7vkpuq3.default\ FF - prefs.js: browser.search.selectedEngine - ICQ Search FF - prefs.js: browser.startup.homepage - www.google.de . - - - - Entfernte verwaiste Registrierungseinträge - - - - . AddRemove-ANNO 1602 Königs-Edition - c:\windows\IsUn0407.exe AddRemove-Heroes of Might and Magic IV - c:\windows\IsUn0407.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net Rootkit scan 2011-06-26 15:45 Windows 5.1.2600 Service Pack 3 NTFS . Scanne versteckte Prozesse... . Scanne versteckte Autostarteinträge... . Scanne versteckte Dateien... . Scan erfolgreich abgeschlossen versteckte Dateien: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\N360] "ImagePath"="\"c:\programme\Norton 360\Engine\5.1.0.29\ccSvcHst.exe\" /s \"N360\" /m \"c:\programme\Norton 360\Engine\5.1.0.29\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\System\ControlSet002\Services\pdfcDispatcher] "ImagePath"="c:\programme\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-3723618814-2143213472-98843280-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b3,17,93,26,a9,f2,1f,43,8b,a9,24,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a7,fa,58,ab,66,45,3d,4b,bd,07,b6,\ "6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,b3,17,93,26,a9,f2,1f,43,8b,a9,24,\ . --------------------- Durch laufende Prozesse gestartete DLLs --------------------- . - - - - - - - > 'winlogon.exe'(1360) c:\windows\system32\Ati2evxx.dll . Zeit der Fertigstellung: 2011-06-26 15:46:39 ComboFix-quarantined-files.txt 2011-06-26 13:46 . Vor Suchlauf: 14 Verzeichnis(se), 405.076.287.488 Bytes frei Nach Suchlauf: 20 Verzeichnis(se), 405.193.490.432 Bytes frei . WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - D0ED5E86816643E9000CF3F0BBDECFE0 Danke und Gruß Susanne |
26.06.2011, 14:54 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen. Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst. Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM! Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Nach Online Spiel plötzlich Computer Chaos: Sich öffnende Fenster, Buchstabenchaos etc. |
anti-malware, bli, center, computer, eraser, festplatte, folge, frage, hallo zusammen, internet, klick, malwarebytes, mozilla, nichts, norton power eraser, online, plötzlich, programme, reagiert, scan, scanner, software, symbol, system, taskleiste, tracking, virenscanner |