Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Ebenso Probleme mit DWLGINA3.dll

Ebenso Probleme mit DWLGINA3.dll


Log-Analyse und Auswertung: Ebenso Probleme mit DWLGINA3.dll

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 1 von 2 1 2
Alt 23.01.2012, 12:15   #1
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


Hallo ich hab Probleme wegen nicht gefundener DWLGina3.dll
kann nicht in den abgesichterten Modus, kann kein Recovery starten,

Das ist ist die Datei mit OTLPE erstellt, ich weiß nicht weiter.
Kan geholfne werden?


OTL logfile created on: 1/23/2012 12:02:14 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Basic (Version = 6.0.6000) - Type = System
Internet Explorer (Version = 7.0.6000.16473)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.10 Gb Total Space | 86.49 Gb Free Space | 58.40% Space Free | Partition Type: NTFS
Drive M: | 73.07 Gb Total Space | 55.26 Gb Free Space | 75.63% Space Free | Partition Type: NTFS
Drive N: | 7.47 Gb Total Space | 4.24 Gb Free Space | 56.71% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2011/10/12 01:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 00:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2007/08/06 11:33:45 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/15 20:58:19 | 001,251,720 | ---- | M] () [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/12/08 03:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2006/10/24 17:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006/10/24 17:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/10/24 17:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/10/13 10:29:12 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/09/20 13:05:16 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (TSMPacket)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] -- -- (NAVENG)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | System] -- -- (IDSvix86)
DRV - [2011/10/07 01:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 01:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 00:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 00:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/10 19:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/10 19:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/10 19:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/07/10 19:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2008/07/23 09:17:16 | 000,023,936 | ---- | M] (Phase One A/S) [Kernel | On_Demand] -- C:\Windows\System32\drivers\p1c1394.sys -- (P1C1394)
DRV - [2007/11/30 16:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 16:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | System] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 16:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/10/30 12:55:44 | 000,037,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2007/10/30 12:55:38 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/10/30 12:55:34 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/10/30 12:55:28 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/10/30 12:55:20 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/10/30 12:55:14 | 000,012,848 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/06/25 06:37:24 | 000,084,480 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/06/13 14:28:11 | 002,600,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/06/13 14:28:11 | 002,600,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/05/15 20:59:00 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/04/03 11:25:22 | 000,025,984 | ---- | M] (Generic Provider.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xVGAUSB.sys -- (xVGAUSB) USB2.0 VGA DEVICE(USB)
DRV - [2007/04/03 09:53:12 | 000,047,872 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007/03/30 09:15:08 | 000,243,456 | ---- | M] (Generic Provider.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xVGAMINI.sys -- (xVGAMINI)
DRV - [2007/03/30 09:12:52 | 000,242,816 | ---- | M] (Generic Provider.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xMrMINI.sys -- (xMrMINI)
DRV - [2006/11/05 20:00:00 | 000,387,432 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2006/11/05 20:00:00 | 000,102,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2006/10/30 04:22:26 | 000,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/07/14 07:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2006/02/07 12:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot] -- C:\Windows\System32\drivers\JGOGO.sys -- (JGOGO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Alle_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\Alle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Alle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.2.1:80
IE - HKU\Alle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.2.1




========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/12/23 03:15:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/14 05:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/10/05 08:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alle\AppData\Roaming\Mozilla\Extensions
[2011/10/05 08:41:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/12/23 03:15:26 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2012/01/14 05:34:04 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 20:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/09/28 20:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/28 20:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/09/28 20:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/09/28 20:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/09/28 20:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Cl3XeOQ7Sj1b8lr] C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O4 - HKLM..\Run: [Mxvgautil] C:\Windows\System32\mxvgautil.exe (Generic Provider)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\Alle_ON_C..\Run: [Cl3XeOQ7Sj1b8lr] C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\Alle_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.2
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe) - C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O20 - HKU\Alle_ON_C Winlogon: Shell - (C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe) - C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{06914c50-6bf6-11dc-b3a7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{09d3049c-0338-11dc-9754-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d3049c-0338-11dc-9754-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d304c5-0338-11dc-9616-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{09d30523-0338-11dc-949b-001bfc0845cf}\Shell\AutoRun\command - "" = Menu.exe
O33 - MountPoints2\{09d30627-0338-11dc-960e-001bfc0845cf}\Shell\AutoRun\command - "" = K:\RECYCLER\recycld.exe
O33 - MountPoints2\{09d30627-0338-11dc-960e-001bfc0845cf}\Shell\open\command - "" = K:\RECYCLER\recycld.exe
O33 - MountPoints2\{09d55604-0338-11dc-ad9f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{09d55604-0338-11dc-ad9f-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\1\Command - "" = K:\.\RECYCLER\Lcass.exe
O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\2\Command - "" = K:\.\RECYCLER\Lcass.exe
O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\.\RECYCLER\Lcass.exe
O33 - MountPoints2\{09d5574a-0338-11dc-bada-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d5574a-0338-11dc-bada-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9b3-0338-11dc-a83d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9b3-0338-11dc-a83d-001bfc0845cf}\Shell\Open(&0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9f1-0338-11dc-a696-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9f1-0338-11dc-a696-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0a6dff73-0338-11dc-9393-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a6dff73-0338-11dc-9393-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a6dff97-0338-11dc-9393-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a6dff97-0338-11dc-9393-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a705018-0338-11dc-b6e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a705018-0338-11dc-b6e6-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a72b1ab-0338-11dc-8bc8-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a72b1ab-0338-11dc-8bc8-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a940397-0338-11dc-940e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a940397-0338-11dc-940e-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a9403e3-0338-11dc-940e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a9403e3-0338-11dc-940e-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0afd0bff-0338-11dc-98e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0afd0bff-0338-11dc-98e6-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0afd0d16-0338-11dc-b6b9-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0afd0d16-0338-11dc-b6b9-001bfc0845cf}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{0afd0d6d-0338-11dc-98e6-001bfc0845cf}\Shell\AutoRun\command - "" = NADFOLDER\autorun.exe
O33 - MountPoints2\{0afd0d6d-0338-11dc-98e6-001bfc0845cf}\Shell\open\command - "" = NADFOLDER\autorun.exe
O33 - MountPoints2\{0b068451-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL O:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b068451-0338-11dc-a7d1-001bfc0845cf}\Shell\Open(&0)\command - "" = O:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0684a8-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0684a8-0338-11dc-a7d1-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0684ad-0338-11dc-a7d1-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b0684ad-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0b08e77c-0338-11dc-a1c5-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b08e77c-0338-11dc-a1c5-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0b0b4776-0338-11dc-b80a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0b4776-0338-11dc-b80a-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0b4796-0338-11dc-b80a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\copy.exe
O33 - MountPoints2\{0b127204-0338-11dc-a111-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b127204-0338-11dc-a111-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0b127326-0338-11dc-863f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b127326-0338-11dc-863f-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0b1738b3-0338-11dc-a829-001bfc0845cf}\Shell\AutoRun\command - "" = N:\mranjm.exe
O33 - MountPoints2\{0b1738b3-0338-11dc-a829-001bfc0845cf}\Shell\open\Command - "" = N:\mranjm.exe
O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\Auto\command - "" = N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\explore\Command - "" = N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\open\Command - "" = N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0b2314b5-0338-11dc-99f0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b2314b5-0338-11dc-99f0-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b980492-0338-11dc-bbf0-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b980492-0338-11dc-bbf0-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0b9804b6-0338-11dc-8021-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0b9a6738-0338-11dc-b49f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b9a6738-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{0b9a675a-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Q:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9a675a-0338-11dc-b49f-001bfc0845cf}\Shell\Open(&0)\command - "" = Q:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9a675d-0338-11dc-b49f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b9a675d-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{0b9cc817-0338-11dc-af73-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9cc817-0338-11dc-af73-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9cc886-0338-11dc-b3f3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9cc886-0338-11dc-b3f3-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9f1a2c-0338-11dc-bbb9-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9f1a2c-0338-11dc-bbb9-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0ba17c8d-0338-11dc-8110-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0ba64127-0338-11dc-8f03-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\Recycled\ctfmon.exe
O33 - MountPoints2\{0ba64127-0338-11dc-8f03-001bfc0845cf}\Shell\Open(&0)\command - "" = M:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\AutoRun\command - "" = N:\ -- File not found
O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\explore\Command - "" = WScript.exe .\autorun.vbs
O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\open\Command - "" = WScript.exe .\autorun.vbs
O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bad6b21-0338-11dc-839b-001bfc0845cf}\Shell\AutoRun\command - "" = N:\setupSNK.exe
O33 - MountPoints2\{0bad6b26-0338-11dc-839b-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0bad6b26-0338-11dc-839b-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bafd04f-0338-11dc-8505-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0bafd04f-0338-11dc-8505-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe
O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bb2340d-0338-11dc-8f04-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0bb2340d-0338-11dc-8f04-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bb6e939-0338-11dc-9899-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\copy.exe
O33 - MountPoints2\{0bb6e985-0338-11dc-95f9-001bfc0845cf}\Shell\AutoRun\command - "" = N:\TrekStor/menu.exe
O33 - MountPoints2\{0bb6e9dd-0338-11dc-96fb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{0bbbac67-0338-11dc-8abb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bbbac67-0338-11dc-8abb-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bbe0e6b-0338-11dc-b66d-001bfc0845cf}\Shell\AutoRun\command - "" = N:\urDrive.exe
O33 - MountPoints2\{0bc06f19-0338-11dc-a2f2-001bfc0845cf}\Shell\AutoRun\command - "" = F:\RunClubSanDisk.exe
O33 - MountPoints2\{0bc06f1a-0338-11dc-8629-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc06f1a-0338-11dc-8629-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\1\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\2\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycle.exe
O33 - MountPoints2\{0bc06fbc-0338-11dc-a3f7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc06fbc-0338-11dc-a3f7-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc2cf10-0338-11dc-bf4c-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc2cf10-0338-11dc-bf4c-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc5312e-0338-11dc-88cb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc5312e-0338-11dc-88cb-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc53374-0338-11dc-9961-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc53374-0338-11dc-9961-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c32fe0a-0338-11dc-b5c3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c32fe0a-0338-11dc-b5c3-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c355e59-0338-11dc-b0e1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c355e59-0338-11dc-b0e1-001bfc0845cf}\Shell\Open(&0)\command - "" = P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c355ea9-0338-11dc-bbbf-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0c355eac-0338-11dc-bbbf-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0c355eac-0338-11dc-bbbf-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe
O33 - MountPoints2\{0c37c303-0338-11dc-b022-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0c37c303-0338-11dc-b022-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0c3a12d4-0338-11dc-9dd5-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0c3a12d4-0338-11dc-9dd5-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0c3c74f2-0338-11dc-b079-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\nvda\nvda.exe
O33 - MountPoints2\{0c3c74f2-0338-11dc-b079-001bfc0845cf}\Shell\nvda\command - "" = N:\nvda\nvda.exe
O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\AutoRun\command - "" = N:\PISTOLATO\kalibar.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\explore\command - "" = N:\PISTOLATO\\kalibar.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\Install\command - "" = N:\PISTOLATO\\kalibar.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\open\command - "" = N:\PISTOLATO\\kalibar.exe
O33 - MountPoints2\{0c4f8113-0338-11dc-9636-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0c5442a2-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5442a2-0338-11dc-acd0-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5442d9-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe
O33 - MountPoints2\{0c5442d9-0338-11dc-acd0-001bfc0845cf}\Shell\open\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe
O33 - MountPoints2\{0c5442f3-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5442f3-0338-11dc-acd0-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a35c-0338-11dc-bea7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\copy.exe
O33 - MountPoints2\{0c56a4fe-0338-11dc-8058-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a4fe-0338-11dc-8058-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a535-0338-11dc-9839-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a535-0338-11dc-9839-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\1\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\2\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycle.exe
O33 - MountPoints2\{0c5b652f-0338-11dc-9528-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5b652f-0338-11dc-9528-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5b654c-0338-11dc-bd49-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5b654c-0338-11dc-bd49-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5dc7dc-0338-11dc-aa5f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5dc7dc-0338-11dc-aa5f-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\AutoRun\command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\Explore\Command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\Open\Command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{0ce81609-0338-11dc-9506-001bfc0845cf}\Shell\AutoRun\command - "" = N:\Menu.exe
O33 - MountPoints2\{0cef3a1f-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cef3a1f-0338-11dc-a34d-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0cef3a28-0338-11dc-a34d-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0cef3a28-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0cf3fc86-0338-11dc-b214-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fc86-0338-11dc-b214-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd3a-0338-11dc-891a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd3a-0338-11dc-891a-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd46-0338-11dc-891a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd46-0338-11dc-891a-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0cf65e3d-0338-11dc-9a76-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf65e3d-0338-11dc-9a76-001bfc0845cf}\Shell\Open(&0)\command - "" = P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0d700513-0338-11dc-9108-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0d700513-0338-11dc-9108-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe
O33 - MountPoints2\{0d80adaa-0338-11dc-8199-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0d80adaa-0338-11dc-8199-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0e08997e-0338-11dc-8297-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e08997e-0338-11dc-8297-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e089984-0338-11dc-8297-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e089984-0338-11dc-8297-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e1e051e-0338-11dc-952f-001bfc0845cf}\Shell\AutoRun\command - "" = N:\hm1bfpuj.exe
O33 - MountPoints2\{0e1e051e-0338-11dc-952f-001bfc0845cf}\Shell\open\Command - "" = N:\hm1bfpuj.exe
O33 - MountPoints2\{0e252b56-0338-11dc-9b24-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e252b56-0338-11dc-9b24-001bfc0845cf}\Shell\Open(&0)\command - "" = G:\Recycled\ctfmon.exe
O33 - MountPoints2\{0eaac122-0338-11dc-9a0e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0eaac122-0338-11dc-9a0e-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f4cd3a0-0338-11dc-a38f-001bfc0845cf}\Shell\Auto\command - "" = auto.exe
O33 - MountPoints2\{0f4cd3a0-0338-11dc-a38f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
O33 - MountPoints2\{0f4f344c-0338-11dc-a690-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f4f344c-0338-11dc-a690-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f5655f9-0338-11dc-99c3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f5655f9-0338-11dc-99c3-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0fd4c115-0338-11dc-8f1b-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd4c115-0338-11dc-8f1b-001bfc0845cf}\Shell\AutoRun\command - "" = Q:\LaunchU3.exe -a
O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0fe56952-0338-11dc-94c0-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0fe56952-0338-11dc-94c0-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{0feeed94-0338-11dc-a2d6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0feeed94-0338-11dc-a2d6-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{111fda2b-6a6c-11dc-96bc-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{122da34e-0338-11dc-bc53-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{123255a9-0338-11dc-abe2-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{123255a9-0338-11dc-abe2-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{14924d88-0338-11dc-8dab-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{14924d88-0338-11dc-8dab-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{1aa6c9b7-5ae0-11dc-91ff-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{1bb244b4-0338-11dc-a2ce-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{1bb244b4-0338-11dc-a2ce-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{1c487aea-0338-11dc-b8f8-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{1c487aea-0338-11dc-b8f8-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{1c54544d-0338-11dc-b0f0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{1c54544d-0338-11dc-b0f0-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{1ce11129-0338-11dc-88eb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\copy.exe
O33 - MountPoints2\{207f8b14-3b62-11e1-b7e5-001bfc0845cf}\Shell\AutoRun\command - "" = RunClubSanDisk.exe
O33 - MountPoints2\{301e9c7f-5ddd-11dc-8a59-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{3697343b-36aa-11e1-b081-001bfc0845cf}\Shell\AutoRun\command - "" = N:\RunClubSanDisk.exe
O33 - MountPoints2\{37a30b32-2ba4-11e1-b955-001bfc0845cf}\Shell\AutoRun\command - "" = N:\autorun.bat
O33 - MountPoints2\{5491d992-3a9a-11e1-8bbb-001bfc0845cf}\Shell\AutoRun\command - "" = N:\RunClubSanDisk.exe
O33 - MountPoints2\{71cd1a52-ff9f-11e0-8abe-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{71cd1a52-ff9f-11e0-8abe-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{a762ef5d-032f-11dc-a971-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a7fde9e0-032f-11dc-a355-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{a7fde9e0-032f-11dc-a355-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{a7fde9ec-032f-11dc-a355-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\copy.exe
O33 - MountPoints2\{a802b24f-032f-11dc-841f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a92cb271-032f-11dc-ae64-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a92f160f-032f-11dc-b5ea-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f160f-032f-11dc-b5ea-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f161b-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f161b-032f-11dc-a5fd-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f16a1-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
O33 - MountPoints2\{a92f16a4-032f-11dc-a5fd-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{a92f16a4-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{a93179f4-032f-11dc-92d6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9317a80-032f-11dc-8c55-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9317a9a-032f-11dc-a197-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9317abf-032f-11dc-a197-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{a9317abf-032f-11dc-a197-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{a9317b99-032f-11dc-8e4e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933dc38-032f-11dc-b027-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933dd0d-032f-11dc-9251-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933ddeb-032f-11dc-ad3a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933df41-032f-11dc-b28b-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9363f3e-032f-11dc-b7c7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a936411f-032f-11dc-b804-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a936411f-032f-11dc-b804-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a9364166-032f-11dc-901f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{a9364166-032f-11dc-901f-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{a938a3b0-032f-11dc-9be1-001bfc0845cf}\Shell\Auto\command - "" = K:\auto.exe
O33 - MountPoints2\{a938a3b0-032f-11dc-9be1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\auto.exe
O33 - MountPoints2\{a9ced79a-032f-11dc-b483-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9d1384c-032f-11dc-9bd3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{aa650c41-032f-11dc-89fa-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\AutoRun\command - "" = L:\RECYCLER.exe F:\
O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\Explore\command - "" = L:\RECYCLER.exe F:\
O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\Open\command - "" = L:\RECYCLER.exe F:\
O33 - MountPoints2\{aafd9e08-032f-11dc-90ae-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{aafd9e08-032f-11dc-90ae-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{aafda28a-032f-11dc-91b3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{afd2d5a6-1d83-11e1-b6a7-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{afd2d5a6-1d83-11e1-b6a7-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{b8ae5f20-032f-11dc-a2ca-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{b8ae5f20-032f-11dc-a2ca-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{ba782168-032f-11dc-99fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{ba78241f-032f-11dc-b9f6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{ba78241f-032f-11dc-b9f6-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\AutoRun\command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\Explore\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\Open\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\AuToplaY\comMAnD - "" = hyaj.pif
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\AutoRun\command - "" = hyaj.pif
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\exPlore\CoMMand - "" = hyaj.pif
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\opeN\command - "" = hyaj.pif
O33 - MountPoints2\{bce1a841-032f-11dc-8e23-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{bce1a841-032f-11dc-8e23-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{cd0cdea7-5f6b-11dc-ab81-001bfc0845cf}\Shell\AutoRun\command - "" = .\Highspeed drivers.exe
O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{d4619373-678a-11dc-adda-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{d80c664a-6b4e-11dc-9992-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{d80c664a-6b4e-11dc-9992-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\F\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\I\Shell\1\Command - "" = I:\Recycle.exe
O33 - MountPoints2\I\Shell\2\Command - "" = I:\Recycle.exe
O33 - MountPoints2\I\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycle.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\N\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\N\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\P\Shell\1\Command - "" = P:\Recycle.exe
O33 - MountPoints2\P\Shell\2\Command - "" = P:\Recycle.exe
O33 - MountPoints2\P\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycle.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/23 03:43:33 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\Alle\AppData\Roaming\dwlGina3.dll
[2012/01/23 03:14:23 | 000,363,008 | ---- | C] (Pinnacle Systems) -- C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe
[2012/01/17 03:56:53 | 000,000,000 | ---D | C] -- C:\Users\Alle\Desktop\TIP
[2012/01/17 03:35:50 | 000,000,000 | ---D | C] -- C:\Users\Alle\AppData\Roaming\Apple Computer
[2012/01/11 05:59:13 | 000,000,000 | ---D | C] -- C:\Users\Alle\Desktop\SCHÄFER cd
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/23 05:52:20 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/23 05:52:20 | 000,291,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/23 05:52:20 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/23 05:52:20 | 000,034,978 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/23 05:48:07 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/23 05:48:07 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/23 05:47:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/23 03:43:33 | 000,095,744 | ---- | M] (Kassl GmbH) -- C:\Users\Alle\AppData\Roaming\dwlGina3.dll
[2012/01/23 03:14:20 | 000,363,008 | ---- | M] (Pinnacle Systems) -- C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe
[2012/01/23 03:13:48 | 087,231,418 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/01/20 11:23:33 | 000,272,928 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/01/17 04:50:40 | 000,207,872 | ---- | M] () -- C:\Users\Alle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/17 03:35:33 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2012/01/17 03:35:33 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/17 03:35:33 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2012/01/17 03:35:33 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2011/10/19 10:58:03 | 000,000,680 | ---- | C] () -- C:\Users\Alle\AppData\Local\d3d9caps.dat
[2011/10/08 07:55:22 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/26 12:04:56 | 000,010,752 | ---- | C] () -- C:\Windows\System32\KOBJUT_L.DLL
[2010/01/27 06:59:00 | 000,010,752 | ---- | C] () -- C:\Windows\System32\KOBJUJ_L.DLL
[2007/11/15 06:57:00 | 000,013,312 | ---- | C] () -- C:\Windows\System32\KOBJUA_L.DLL
[2007/09/07 11:01:23 | 000,000,182 | ---- | C] () -- C:\Windows\System32\EBPPORT.DAT
[2007/09/03 04:31:16 | 000,434,176 | ---- | C] () -- C:\Windows\System32\CNQL3203.DLL
[2007/09/03 03:58:23 | 000,207,872 | ---- | C] () -- C:\Users\Alle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/06 13:34:31 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/08/06 13:34:29 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/08/06 05:00:53 | 000,135,168 | ---- | C] () -- C:\Windows\System32\property.dll
[2007/05/16 00:15:22 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007/05/15 19:21:37 | 000,143,360 | ---- | C] () -- C:\Windows\System32\PF1800LC.Dll
[2007/05/15 19:21:37 | 000,049,152 | ---- | C] () -- C:\Windows\System32\PWiaExt.dll
[2007/05/15 19:21:37 | 000,010,624 | ---- | C] () -- C:\Windows\System32\GENEUSB.SYS
[2007/05/15 19:21:37 | 000,010,624 | ---- | C] () -- C:\Windows\System32\drivers\GENEUSB.SYS
[2007/05/15 19:21:36 | 000,155,648 | ---- | C] () -- C:\Windows\System32\daspi32u.dll
[2007/05/15 19:21:36 | 000,106,496 | ---- | C] () -- C:\Windows\System32\IO_PORT.DLL
[2007/05/15 19:21:36 | 000,102,400 | ---- | C] () -- C:\Windows\System32\FVC.DLL
[2007/05/15 19:21:36 | 000,032,768 | ---- | C] () -- C:\Windows\System32\SQ1394.DLL
[2007/05/15 19:21:36 | 000,000,234 | ---- | C] () -- C:\Windows\Scanner.ini
[2007/05/15 19:18:16 | 000,000,000 | ---- | C] () -- C:\Users\Alle\AppData\Roaming\wklnhst.dat
[2007/05/15 18:54:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2007/05/15 18:54:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2007/05/15 18:54:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2007/05/15 18:54:23 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2007/05/15 18:54:23 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2006/11/02 10:38:05 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 10:38:05 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 10:38:05 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 10:38:05 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,395,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,291,936 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,034,978 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 02:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 02:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/08/11 02:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll

========== LOP Check ==========

[2011/10/06 10:34:55 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\AVG2012
[2007/05/15 21:17:12 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\Canon
[2007/05/16 03:06:56 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\EFSoftware
[2011/10/06 07:50:37 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\GetRightToGo
[2007/05/15 19:23:23 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\PIE
[2007/09/05 06:53:11 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\T-DSL SpeedManager
[2007/05/15 21:28:33 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\Template
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/10/07 02:48:55 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG2012
[2011/10/06 10:27:40 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/01/23 03:13:54 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData
[2007/05/15 18:35:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Phase One
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2007/09/05 06:53:14 | 000,000,000 | ---D | M] -- C:\ProgramData\T-DSL SpeedManager
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/01/18 04:59:49 | 000,000,000 | ---D | M] -- C:\ProgramData\tmp
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/01/23 03:41:09 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >

Alt 23.01.2012, 13:11   #2
markusg
/// Malware-holic
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
ATTFilter
:OTL
O4 - HKLM..\Run: [Cl3XeOQ7Sj1b8lr] C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O4 - HKU\Alle_ON_C..\Run: [Cl3XeOQ7Sj1b8lr] C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O20 - HKLM Winlogon: Shell - (C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe) - C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O20 - HKU\Alle_ON_C Winlogon: Shell - (C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe) - C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O33 - MountPoints2\{06914c50-6bf6-11dc-b3a7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{09d3049c-0338-11dc-9754-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d3049c-0338-11dc-9754-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d304c5-0338-11dc-9616-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{09d30523-0338-11dc-949b-001bfc0845cf}\Shell\AutoRun\command - "" = Menu.exe
O33 - MountPoints2\{09d30627-0338-11dc-960e-001bfc0845cf}\Shell\AutoRun\command - "" = K:\RECYCLER\recycld.exe
O33 - MountPoints2\{09d30627-0338-11dc-960e-001bfc0845cf}\Shell\open\command - "" = K:\RECYCLER\recycld.exe
O33 - MountPoints2\{09d55604-0338-11dc-ad9f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{09d55604-0338-11dc-ad9f-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\1\Command - "" = K:\.\RECYCLER\Lcass.exe
O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\2\Command - "" = K:\.\RECYCLER\Lcass.exe
O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\.\RECYCLER\Lcass.exe
O33 - MountPoints2\{09d5574a-0338-11dc-bada-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d5574a-0338-11dc-bada-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9b3-0338-11dc-a83d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9b3-0338-11dc-a83d-001bfc0845cf}\Shell\Open(0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9f1-0338-11dc-a696-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9f1-0338-11dc-a696-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0a6dff73-0338-11dc-9393-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a6dff73-0338-11dc-9393-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a6dff97-0338-11dc-9393-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a6dff97-0338-11dc-9393-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a705018-0338-11dc-b6e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a705018-0338-11dc-b6e6-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a72b1ab-0338-11dc-8bc8-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a72b1ab-0338-11dc-8bc8-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a940397-0338-11dc-940e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a940397-0338-11dc-940e-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a9403e3-0338-11dc-940e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a9403e3-0338-11dc-940e-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0afd0bff-0338-11dc-98e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0afd0bff-0338-11dc-98e6-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0afd0d16-0338-11dc-b6b9-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0afd0d16-0338-11dc-b6b9-001bfc0845cf}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{0afd0d6d-0338-11dc-98e6-001bfc0845cf}\Shell\AutoRun\command - "" = NADFOLDER\autorun.exe
O33 - MountPoints2\{0afd0d6d-0338-11dc-98e6-001bfc0845cf}\Shell\open\command - "" = NADFOLDER\autorun.exe
O33 - MountPoints2\{0b068451-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL O:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b068451-0338-11dc-a7d1-001bfc0845cf}\Shell\Open(0)\command - "" = O:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0684a8-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0684a8-0338-11dc-a7d1-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0684ad-0338-11dc-a7d1-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b0684ad-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0b08e77c-0338-11dc-a1c5-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b08e77c-0338-11dc-a1c5-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0b0b4776-0338-11dc-b80a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0b4776-0338-11dc-b80a-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0b4796-0338-11dc-b80a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\copy.exe
O33 - MountPoints2\{0b127204-0338-11dc-a111-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b127204-0338-11dc-a111-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0b127326-0338-11dc-863f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b127326-0338-11dc-863f-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0b1738b3-0338-11dc-a829-001bfc0845cf}\Shell\AutoRun\command - "" = N:\mranjm.exe
O33 - MountPoints2\{0b1738b3-0338-11dc-a829-001bfc0845cf}\Shell\open\Command - "" = N:\mranjm.exe
O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\Auto\command - "" = N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\activexdebugger32.exe
f
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\explore\Command - "" = N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\open\Command - "" = N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0b2314b5-0338-11dc-99f0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b2314b5-0338-11dc-99f0-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b980492-0338-11dc-bbf0-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b980492-0338-11dc-bbf0-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0b9804b6-0338-11dc-8021-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0b9a6738-0338-11dc-b49f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b9a6738-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{0b9a675a-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Q:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9a675a-0338-11dc-b49f-001bfc0845cf}\Shell\Open(0)\command - "" = Q:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9a675d-0338-11dc-b49f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b9a675d-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{0b9cc817-0338-11dc-af73-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9cc817-0338-11dc-af73-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9cc886-0338-11dc-b3f3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9cc886-0338-11dc-b3f3-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9f1a2c-0338-11dc-bbb9-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9f1a2c-0338-11dc-bbb9-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0ba17c8d-0338-11dc-8110-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0ba64127-0338-11dc-8f03-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\Recycled\ctfmon.exe
O33 - MountPoints2\{0ba64127-0338-11dc-8f03-001bfc0845cf}\Shell\Open(0)\command - "" = M:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\AutoRun\command - "" = N:\ -- File not found
O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\explore\Command - "" = WScript.exe .\autorun.vbs
O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\open\Command - "" = WScript.exe .\autorun.vbs
O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bad6b21-0338-11dc-839b-001bfc0845cf}\Shell\AutoRun\command - "" = N:\setupSNK.exe
O33 - MountPoints2\{0bad6b26-0338-11dc-839b-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0bad6b26-0338-11dc-839b-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bafd04f-0338-11dc-8505-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0bafd04f-0338-11dc-8505-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe
O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bb2340d-0338-11dc-8f04-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0bb2340d-0338-11dc-8f04-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bb6e939-0338-11dc-9899-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\copy.exe
O33 - MountPoints2\{0bb6e985-0338-11dc-95f9-001bfc0845cf}\Shell\AutoRun\command - "" = N:\TrekStor/menu.exe
O33 - MountPoints2\{0bb6e9dd-0338-11dc-96fb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE
.\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{0bbbac67-0338-11dc-8abb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bbbac67-0338-11dc-8abb-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bbe0e6b-0338-11dc-b66d-001bfc0845cf}\Shell\AutoRun\command - "" = N:\urDrive.exe
O33 - MountPoints2\{0bc06f19-0338-11dc-a2f2-001bfc0845cf}\Shell\AutoRun\command - "" = F:\RunClubSanDisk.exe
O33 - MountPoints2\{0bc06f1a-0338-11dc-8629-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc06f1a-0338-11dc-8629-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\1\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\2\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycle.exe
O33 - MountPoints2\{0bc06fbc-0338-11dc-a3f7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc06fbc-0338-11dc-a3f7-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc2cf10-0338-11dc-bf4c-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc2cf10-0338-11dc-bf4c-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc5312e-0338-11dc-88cb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc5312e-0338-11dc-88cb-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc53374-0338-11dc-9961-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc53374-0338-11dc-9961-001bfc0845cf}\Shell\Open(0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c32fe0a-0338-11dc-b5c3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c32fe0a-0338-11dc-b5c3-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c355e59-0338-11dc-b0e1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c355e59-0338-11dc-b0e1-001bfc0845cf}\Shell\Open(0)\command - "" = P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c355ea9-0338-11dc-bbbf-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0c355eac-0338-11dc-bbbf-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0c355eac-0338-11dc-bbbf-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe
O33 - MountPoints2\{0c37c303-0338-11dc-b022-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0c37c303-0338-11dc-b022-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0c3a12d4-0338-11dc-9dd5-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0c3a12d4-0338-11dc-9dd5-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0c3c74f2-0338-11dc-b079-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\nvda\nvda.exe
O33 - MountPoints2\{0c3c74f2-0338-11dc-b079-001bfc0845cf}\Shell\nvda\command - "" = N:\nvda\nvda.exe
O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\AutoRun\command - "" = N:\PISTOLATO\kalibar.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\explore\command - "" = N:\PISTOLATO\\kalibar.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\Install\command - "" = N:\PISTOLATO\\kalibar.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\open\command - "" = N:\PISTOLATO\\kalibar.exe
O33 - MountPoints2\{0c4f8113-0338-11dc-9636-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0c5442a2-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5442a2-0338-11dc-acd0-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5442d9-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe
O33 - MountPoints2\{0c5442d9-0338-11dc-acd0-001bfc0845cf}\Shell\open\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe
O33 - MountPoints2\{0c5442f3-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5442f3-0338-11dc-acd0-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a35c-0338-11dc-bea7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\copy.exe
O33 - MountPoints2\{0c56a4fe-0338-11dc-8058-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a4fe-0338-11dc-8058-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a535-0338-11dc-9839-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a535-0338-11dc-9839-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\1\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\2\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycle.exe
O33 - MountPoints2\{0c5b652f-0338-11dc-9528-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5b652f-0338-11dc-9528-001bfc0845cf}\Shell\Open(0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5b654c-0338-11dc-bd49-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5b654c-0338-11dc-bd49-001bfc0845cf}\Shell\Open(0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5dc7dc-0338-11dc-aa5f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5dc7dc-0338-11dc-aa5f-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\AutoRun\command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584
| RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\Explore\Command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584
| RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\Open\Command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584
| RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{0ce81609-0338-11dc-9506-001bfc0845cf}\Shell\AutoRun\command - "" = N:\Menu.exe
O33 - MountPoints2\{0cef3a1f-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cef3a1f-0338-11dc-a34d-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0cef3a28-0338-11dc-a34d-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0cef3a28-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0cf3fc86-0338-11dc-b214-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fc86-0338-11dc-b214-001bfc0845cf}\Shell\Open(0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd3a-0338-11dc-891a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd3a-0338-11dc-891a-001bfc0845cf}\Shell\Open(0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd46-0338-11dc-891a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd46-0338-11dc-891a-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0cf65e3d-0338-11dc-9a76-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf65e3d-0338-11dc-9a76-001bfc0845cf}\Shell\Open(0)\command - "" = P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0d700513-0338-11dc-9108-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0d700513-0338-11dc-9108-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe
O33 - MountPoints2\{0d80adaa-0338-11dc-8199-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0d80adaa-0338-11dc-8199-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0e08997e-0338-11dc-8297-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e08997e-0338-11dc-8297-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e089984-0338-11dc-8297-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e089984-0338-11dc-8297-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e1e051e-0338-11dc-952f-001bfc0845cf}\Shell\AutoRun\command - "" = N:\hm1bfpuj.exe
O33 - MountPoints2\{0e1e051e-0338-11dc-952f-001bfc0845cf}\Shell\open\Command - "" = N:\hm1bfpuj.exe
O33 - MountPoints2\{0e252b56-0338-11dc-9b24-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e252b56-0338-11dc-9b24-001bfc0845cf}\Shell\Open(0)\command - "" = G:\Recycled\ctfmon.exe
O33 - MountPoints2\{0eaac122-0338-11dc-9a0e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0eaac122-0338-11dc-9a0e-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f4cd3a0-0338-11dc-a38f-001bfc0845cf}\Shell\Auto\command - "" = auto.exe
O33 - MountPoints2\{0f4cd3a0-0338-11dc-a38f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
O33 - MountPoints2\{0f4f344c-0338-11dc-a690-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f4f344c-0338-11dc-a690-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f5655f9-0338-11dc-99c3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f5655f9-0338-11dc-99c3-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0fd4c115-0338-11dc-8f1b-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd4c115-0338-11dc-8f1b-001bfc0845cf}\Shell\AutoRun\command - "" = Q:\LaunchU3.exe -a
O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0fe56952-0338-11dc-94c0-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0fe56952-0338-11dc-94c0-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{0feeed94-0338-11dc-a2d6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0feeed94-0338-11dc-a2d6-001bfc0845cf}\Shell\Open(0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{111fda2b-6a6c-11dc-96bc-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{122da34e-0338-11dc-bc53-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{123255a9-0338-11dc-abe2-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{123255a9-0338-11dc-abe2-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{14924d88-0338-11dc-8dab-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{14924d88-0338-11dc-8dab-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{1aa6c9b7-5ae0-11dc-91ff-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{1bb244b4-0338-11dc-a2ce-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{1bb244b4-0338-11dc-a2ce-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{1c487aea-0338-11dc-b8f8-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{1c487aea-0338-11dc-b8f8-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{1c54544d-0338-11dc-b0f0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{1c54544d-0338-11dc-b0f0-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{1ce11129-0338-11dc-88eb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\copy.exe
O33 - MountPoints2\{207f8b14-3b62-11e1-b7e5-001bfc0845cf}\Shell\AutoRun\command - "" = RunClubSanDisk.exe
O33 - MountPoints2\{301e9c7f-5ddd-11dc-8a59-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{3697343b-36aa-11e1-b081-001bfc0845cf}\Shell\AutoRun\command - "" = N:\RunClubSanDisk.exe
O33 - MountPoints2\{37a30b32-2ba4-11e1-b955-001bfc0845cf}\Shell\AutoRun\command - "" = N:\autorun.bat
O33 - MountPoints2\{5491d992-3a9a-11e1-8bbb-001bfc0845cf}\Shell\AutoRun\command - "" = N:\RunClubSanDisk.exe
O33 - MountPoints2\{71cd1a52-ff9f-11e0-8abe-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{71cd1a52-ff9f-11e0-8abe-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{a762ef5d-032f-11dc-a971-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a7fde9e0-032f-11dc-a355-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{a7fde9e0-032f-11dc-a355-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{a7fde9ec-032f-11dc-a355-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\copy.exe
O33 - MountPoints2\{a802b24f-032f-11dc-841f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a92cb271-032f-11dc-ae64-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a92f160f-032f-11dc-b5ea-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f160f-032f-11dc-b5ea-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f161b-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f161b-032f-11dc-a5fd-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f16a1-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe
killVBS.vbs
O33 - MountPoints2\{a92f16a4-032f-11dc-a5fd-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{a92f16a4-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{a93179f4-032f-11dc-92d6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9317a80-032f-11dc-8c55-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9317a9a-032f-11dc-a197-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9317abf-032f-11dc-a197-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{a9317abf-032f-11dc-a197-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{a9317b99-032f-11dc-8e4e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933dc38-032f-11dc-b027-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933dd0d-032f-11dc-9251-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933ddeb-032f-11dc-ad3a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933df41-032f-11dc-b28b-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9363f3e-032f-11dc-b7c7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a936411f-032f-11dc-b804-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a936411f-032f-11dc-b804-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a9364166-032f-11dc-901f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{a9364166-032f-11dc-901f-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{a938a3b0-032f-11dc-9be1-001bfc0845cf}\Shell\Auto\command - "" = K:\auto.exe
O33 - MountPoints2\{a938a3b0-032f-11dc-9be1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\auto.exe
O33 - MountPoints2\{a9ced79a-032f-11dc-b483-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9d1384c-032f-11dc-9bd3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{aa650c41-032f-11dc-89fa-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\AutoRun\command - "" = L:\RECYCLER.exe F:\
O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\Explore\command - "" = L:\RECYCLER.exe F:\
O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\Open\command - "" = L:\RECYCLER.exe F:\
O33 - MountPoints2\{aafd9e08-032f-11dc-90ae-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{aafd9e08-032f-11dc-90ae-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{aafda28a-032f-11dc-91b3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{afd2d5a6-1d83-11e1-b6a7-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{afd2d5a6-1d83-11e1-b6a7-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{b8ae5f20-032f-11dc-a2ca-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{b8ae5f20-032f-11dc-a2ca-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{ba782168-032f-11dc-99fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{ba78241f-032f-11dc-b9f6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{ba78241f-032f-11dc-b9f6-001bfc0845cf}\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\AutoRun\command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\Explore\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\Open\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\AuToplaY\comMAnD - "" = hyaj.pif
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\AutoRun\command - "" = hyaj.pif
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\exPlore\CoMMand - "" = hyaj.pif
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\opeN\command - "" = hyaj.pif
O33 - MountPoints2\{bce1a841-032f-11dc-8e23-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{bce1a841-032f-11dc-8e23-001bfc0845cf}\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{cd0cdea7-5f6b-11dc-ab81-001bfc0845cf}\Shell\AutoRun\command - "" = .\Highspeed drivers.exe
O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{d4619373-678a-11dc-adda-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{d80c664a-6b4e-11dc-9992-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{d80c664a-6b4e-11dc-9992-001bfc0845cf}\Shell\Open(0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\F\Shell\Open(0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\I\Shell\1\Command - "" = I:\Recycle.exe
O33 - MountPoints2\I\Shell\2\Command - "" = I:\Recycle.exe
O33 - MountPoints2\I\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycle.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\N\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\N\Shell\Open(0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\P\Shell\1\Command - "" = P:\Recycle.exe
O33 - MountPoints2\P\Shell\2\Command - "" = P:\Recycle.exe
O33 - MountPoints2\P\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycle.exe
[2012/01/23 03:43:33 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\Alle\AppData\Roaming\dwlGina3.dll
:Files
C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.


Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus
__________________

__________________
Alt 23.01.2012, 14:00   #3
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


Also erst mal jetzt schon Tausend Dank.

Wenn ich die Fix.txt eingeladen habe, kann ich leider nicht erneut auf
"RUNFIX" drücken, es passiert nichts. Ist das normal?

Der "Knopf" lässt sich auch farnicht drücken!

EDIT: Hab jetzt neu gestartet, wieder nix, der Taskmanager sagt das die CPU zu 100% ausgelastet ist, ich lasse es jetzt mal laufen... (seit etwa 10 minuten)
__________________
Geändert von Bonnhai (23.01.2012 um 14:25 Uhr)

Alt 23.01.2012, 15:06   #4
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


Ok, nach nun fast einer Stunde Nix passiert!! Was läuft falsch? bzw was kann ich ändern?

Mir scheint das das Programm nicht richtig funktioniert, wenn ich manuell suche da gibt es eine Fehlermerldung,
nur wenn ich es sofort in den richtigen Ordner lege (also die fix.txt) dann nimmt er es, aber es passiert halt nix...


Ratlosigkeit und verzweiflung pur
Geändert von Bonnhai (23.01.2012 um 15:28 Uhr)

Alt 23.01.2012, 15:48   #5
markusg
/// Malware-holic
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


dann öffne die fix.txt auf dem betroffenen pc rechtsklick, markieren, rechtsklick kopieren. dann im otl fenster in dem feld für die scripts einfügen und weiter wie beschrieben

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2012, 15:59   #6
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


Das einkopieren geht ja, aber ich kann dann den Fixit Knopf nicht drücken, es passiert rein garnichts, das hab ich jetzt schon ganz oft ausprobiert, das fenster bleibt leblos aber es wird kein Absturz oder so gemeldet

Alt 23.01.2012, 16:02   #7
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


ahh Kommando zurück! Das Manuelle eingeben geht!! Sorry!

Alt 23.01.2012, 16:05   #8
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


Ist das Normal als Ergebnis? Kein Reboot

Das ist das Ergebnis;
Error: Unable to interpret <OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 1/23/2012 12:02:14 PM - Run > in the current context!
Error: Unable to interpret <OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE> in the current context!
Error: Unable to interpret <Windows Vista (TM) Home Basic  (Version = 6.0.6000) - Type = System> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 7.0.6000.16473)> in the current context!
Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free> in the current context!
Error: Unable to interpret <3.00 Gb Paging File | 2.00 Gb Available in Paging File | 98.00% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files> in the current context!
Error: Unable to interpret <Drive C: | 148.10 Gb Total Space | 86.49 Gb Free Space | 58.40% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive M: | 73.07 Gb Total Space | 55.26 Gb Free Space | 75.63% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive N: | 7.47 Gb Total Space | 4.24 Gb Free Space | 56.71% Space Free | Partition Type: FAT32> in the current context!
Error: Unable to interpret <Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: REATOGO | User Name: SYSTEM> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: All users> in the current context!
Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret <Using ControlSet: ControlSet001> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV - [2011/10/12 01:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)> in the current context!
Error: Unable to interpret <SRV - [2011/08/02 00:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)> in the current context!
Error: Unable to interpret <SRV - [2007/08/06 11:33:45 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)> in the current context!
Error: Unable to interpret <SRV - [2007/05/15 20:58:19 | 001,251,720 | ---- | M] () [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)> in the current context!
Error: Unable to interpret <SRV - [2006/12/08 03:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)> in the current context!
Error: Unable to interpret <SRV - [2006/10/24 17:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)> in the current context!
Error: Unable to interpret <SRV - [2006/10/24 17:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)> in the current context!
Error: Unable to interpret <SRV - [2006/10/24 17:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)> in the current context!
Error: Unable to interpret <SRV - [2006/10/13 10:29:12 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)> in the current context!
Error: Unable to interpret <SRV - [2006/09/20 13:05:16 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] --  -- (TSMPacket)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFwd)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] --  -- (NwlnkFlt)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] --  -- (NAVEX15)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] --  -- (NAVENG)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | On_Demand] --  -- (IpInIp)> in the current context!
Error: Unable to interpret <DRV - File not found [Kernel | System] --  -- (IDSvix86)> in the current context!
Error: Unable to interpret <DRV - [2011/10/07 01:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)> in the current context!
Error: Unable to interpret <DRV - [2011/10/04 01:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)> in the current context!
Error: Unable to interpret <DRV - [2011/09/13 00:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)> in the current context!
Error: Unable to interpret <DRV - [2011/08/08 00:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)> in the current context!
Error: Unable to interpret <DRV - [2011/07/10 19:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)> in the current context!
Error: Unable to interpret <DRV - [2011/07/10 19:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)> in the current context!
Error: Unable to interpret <DRV - [2011/07/10 19:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)> in the current context!
Error: Unable to interpret <DRV - [2011/07/10 19:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)> in the current context!
Error: Unable to interpret <DRV - [2008/07/23 09:17:16 | 000,023,936 | ---- | M] (Phase One A/S) [Kernel | On_Demand] -- C:\Windows\System32\drivers\p1c1394.sys -- (P1C1394)> in the current context!
Error: Unable to interpret <DRV - [2007/11/30 16:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)> in the current context!
Error: Unable to interpret <DRV - [2007/11/30 16:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | System] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)> in the current context!
Error: Unable to interpret <DRV - [2007/11/30 16:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)> in the current context!
Error: Unable to interpret <DRV - [2007/10/30 12:55:44 | 000,037,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)> in the current context!
Error: Unable to interpret <DRV - [2007/10/30 12:55:38 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)> in the current context!
Error: Unable to interpret <DRV - [2007/10/30 12:55:34 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)> in the current context!
Error: Unable to interpret <DRV - [2007/10/30 12:55:28 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)> in the current context!
Error: Unable to interpret <DRV - [2007/10/30 12:55:20 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)> in the current context!
Error: Unable to interpret <DRV - [2007/10/30 12:55:14 | 000,012,848 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)> in the current context!
Error: Unable to interpret <DRV - [2007/06/25 06:37:24 | 000,084,480 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)> in the current context!
Error: Unable to interpret <DRV - [2007/06/13 14:28:11 | 002,600,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)> in the current context!
Error: Unable to interpret <DRV - [2007/06/13 14:28:11 | 002,600,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)> in the current context!
Error: Unable to interpret <DRV - [2007/05/15 20:59:00 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)> in the current context!
Error: Unable to interpret <DRV - [2007/04/03 11:25:22 | 000,025,984 | ---- | M] (Generic Provider.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xVGAUSB.sys -- (xVGAUSB) USB2.0 VGA DEVICE(USB)> in the current context!
Error: Unable to interpret <DRV - [2007/04/03 09:53:12 | 000,047,872 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)> in the current context!
Error: Unable to interpret <DRV - [2007/03/30 09:15:08 | 000,243,456 | ---- | M] (Generic Provider.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xVGAMINI.sys -- (xVGAMINI)> in the current context!
Error: Unable to interpret <DRV - [2007/03/30 09:12:52 | 000,242,816 | ---- | M] (Generic Provider.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xMrMINI.sys -- (xMrMINI)> in the current context!
Error: Unable to interpret <DRV - [2006/11/05 20:00:00 | 000,387,432 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)> in the current context!
Error: Unable to interpret <DRV - [2006/11/05 20:00:00 | 000,102,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)> in the current context!
Error: Unable to interpret <DRV - [2006/10/30 04:22:26 | 000,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)> in the current context!
Error: Unable to interpret <DRV - [2006/07/14 07:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvatabus.sys -- (nvatabus)> in the current context!
Error: Unable to interpret <DRV - [2006/02/07 12:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot] -- C:\Windows\System32\drivers\JGOGO.sys -- (JGOGO)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKU\Alle_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 2> in the current context!
Error: Unable to interpret <IE - HKU\Alle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <IE - HKU\Alle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.2.1:80> in the current context!
Error: Unable to interpret <IE - HKU\Alle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.2.1> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/12/23 03:15:26 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/14 05:34:04 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011/10/05 08:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alle\AppData\Roaming\Mozilla\Extensions> in the current context!
Error: Unable to interpret <[2011/10/05 08:41:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions> in the current context!
Error: Unable to interpret <File not found (No name found) -- > in the current context!
Error: Unable to interpret <[2011/12/23 03:15:26 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4> in the current context!
Error: Unable to interpret <[2012/01/14 05:34:04 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll> in the current context!
Error: Unable to interpret <[2011/09/28 20:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2011/09/28 20:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml> in the current context!
Error: Unable to interpret <[2011/09/28 20:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml> in the current context!
Error: Unable to interpret <[2011/09/28 20:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2011/09/28 20:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context!
Error: Unable to interpret <[2011/09/28 20:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1       localhost> in the current context!
Error: Unable to interpret <O1 - Hosts: ::1             localhost> in the current context!
Error: Unable to interpret <O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)> in the current context!
Error: Unable to interpret <O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Cl3XeOQ7Sj1b8lr] C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Mxvgautil] C:\Windows\System32\mxvgautil.exe (Generic Provider)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\Alle_ON_C..\Run: [Cl3XeOQ7Sj1b8lr] C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)> in the current context!
Error: Unable to interpret <O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1> in the current context!
Error: Unable to interpret <O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present> in the current context!
Error: Unable to interpret <O7 - HKU\Alle_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present> in the current context!
Error: Unable to interpret <O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145> in the current context!
Error: Unable to interpret <O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1> in the current context!
Error: Unable to interpret <O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1> in the current context!
Error: Unable to interpret <O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1> in the current context!
Error: Unable to interpret <O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present> in the current context!
Error: Unable to interpret <O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present> in the current context!
Error: Unable to interpret <O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.2> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe) - C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)> in the current context!
Error: Unable to interpret <O20 - HKU\Alle_ON_C Winlogon: Shell - (C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe) - C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]> in the current context!
Error: Unable to interpret <O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{06914c50-6bf6-11dc-b3a7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d3049c-0338-11dc-9754-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d3049c-0338-11dc-9754-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d304c5-0338-11dc-9616-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d30523-0338-11dc-949b-001bfc0845cf}\Shell\AutoRun\command - "" = Menu.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d30627-0338-11dc-960e-001bfc0845cf}\Shell\AutoRun\command - "" = K:\RECYCLER\recycld.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d30627-0338-11dc-960e-001bfc0845cf}\Shell\open\command - "" = K:\RECYCLER\recycld.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d55604-0338-11dc-ad9f-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d55604-0338-11dc-ad9f-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\1\Command - "" = K:\.\RECYCLER\Lcass.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\2\Command - "" = K:\.\RECYCLER\Lcass.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\.\RECYCLER\Lcass.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d5574a-0338-11dc-bada-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d5574a-0338-11dc-bada-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d7b9b3-0338-11dc-a83d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d7b9b3-0338-11dc-a83d-001bfc0845cf}\Shell\Open(&0)\command - "" = Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d7b9f1-0338-11dc-a696-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09d7b9f1-0338-11dc-a696-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a6dff73-0338-11dc-9393-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a6dff73-0338-11dc-9393-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a6dff97-0338-11dc-9393-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a6dff97-0338-11dc-9393-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a705018-0338-11dc-b6e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a705018-0338-11dc-b6e6-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a72b1ab-0338-11dc-8bc8-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a72b1ab-0338-11dc-8bc8-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a940397-0338-11dc-940e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a940397-0338-11dc-940e-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a9403e3-0338-11dc-940e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0a9403e3-0338-11dc-940e-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0afd0bff-0338-11dc-98e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0afd0bff-0338-11dc-98e6-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0afd0d16-0338-11dc-b6b9-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0afd0d16-0338-11dc-b6b9-001bfc0845cf}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0afd0d6d-0338-11dc-98e6-001bfc0845cf}\Shell\AutoRun\command - "" = NADFOLDER\autorun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0afd0d6d-0338-11dc-98e6-001bfc0845cf}\Shell\open\command - "" = NADFOLDER\autorun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b068451-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL O:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b068451-0338-11dc-a7d1-001bfc0845cf}\Shell\Open(&0)\command - "" = O:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b0684a8-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b0684a8-0338-11dc-a7d1-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b0684ad-0338-11dc-a7d1-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b0684ad-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b08e77c-0338-11dc-a1c5-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b08e77c-0338-11dc-a1c5-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b0b4776-0338-11dc-b80a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b0b4776-0338-11dc-b80a-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b0b4796-0338-11dc-b80a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b127204-0338-11dc-a111-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b127204-0338-11dc-a111-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b127326-0338-11dc-863f-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b127326-0338-11dc-863f-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b1738b3-0338-11dc-a829-001bfc0845cf}\Shell\AutoRun\command - "" = N:\mranjm.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b1738b3-0338-11dc-a829-001bfc0845cf}\Shell\open\Command - "" = N:\mranjm.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\Auto\command - "" = N:\activexdebugger32.exe f> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\activexdebugger32.exe f> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\explore\Command - "" = N:\activexdebugger32.exe f> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\open\Command - "" = N:\activexdebugger32.exe f> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b2314b5-0338-11dc-99f0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b2314b5-0338-11dc-99f0-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b980492-0338-11dc-bbf0-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b980492-0338-11dc-bbf0-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9804b6-0338-11dc-8021-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9a6738-0338-11dc-b49f-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9a6738-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9a675a-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Q:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9a675a-0338-11dc-b49f-001bfc0845cf}\Shell\Open(&0)\command - "" = Q:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9a675d-0338-11dc-b49f-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9a675d-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9cc817-0338-11dc-af73-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9cc817-0338-11dc-af73-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9cc886-0338-11dc-b3f3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9cc886-0338-11dc-b3f3-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9f1a2c-0338-11dc-bbb9-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0b9f1a2c-0338-11dc-bbb9-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0ba17c8d-0338-11dc-8110-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0ba64127-0338-11dc-8f03-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0ba64127-0338-11dc-8f03-001bfc0845cf}\Shell\Open(&0)\command - "" = M:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\AutoRun\command - "" = N:\ -- File not found> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\explore\Command - "" = WScript.exe .\autorun.vbs> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\open\Command - "" = WScript.exe .\autorun.vbs> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bad6b21-0338-11dc-839b-001bfc0845cf}\Shell\AutoRun\command - "" = N:\setupSNK.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bad6b26-0338-11dc-839b-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bad6b26-0338-11dc-839b-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bafd04f-0338-11dc-8505-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bafd04f-0338-11dc-8505-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb2340d-0338-11dc-8f04-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb2340d-0338-11dc-8f04-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb6e939-0338-11dc-9899-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb6e985-0338-11dc-95f9-001bfc0845cf}\Shell\AutoRun\command - "" = N:\TrekStor/menu.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bb6e9dd-0338-11dc-96fb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE      .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bbbac67-0338-11dc-8abb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bbbac67-0338-11dc-8abb-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bbe0e6b-0338-11dc-b66d-001bfc0845cf}\Shell\AutoRun\command - "" = N:\urDrive.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc06f19-0338-11dc-a2f2-001bfc0845cf}\Shell\AutoRun\command - "" = F:\RunClubSanDisk.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc06f1a-0338-11dc-8629-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc06f1a-0338-11dc-8629-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\1\Command - "" = F:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\2\Command - "" = F:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc06fbc-0338-11dc-a3f7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc06fbc-0338-11dc-a3f7-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc2cf10-0338-11dc-bf4c-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc2cf10-0338-11dc-bf4c-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc5312e-0338-11dc-88cb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc5312e-0338-11dc-88cb-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc53374-0338-11dc-9961-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0bc53374-0338-11dc-9961-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c32fe0a-0338-11dc-b5c3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c32fe0a-0338-11dc-b5c3-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c355e59-0338-11dc-b0e1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c355e59-0338-11dc-b0e1-001bfc0845cf}\Shell\Open(&0)\command - "" = P:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c355ea9-0338-11dc-bbbf-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c355eac-0338-11dc-bbbf-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c355eac-0338-11dc-bbbf-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c37c303-0338-11dc-b022-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c37c303-0338-11dc-b022-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c3a12d4-0338-11dc-9dd5-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c3a12d4-0338-11dc-9dd5-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c3c74f2-0338-11dc-b079-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\nvda\nvda.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c3c74f2-0338-11dc-b079-001bfc0845cf}\Shell\nvda\command - "" = N:\nvda\nvda.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\AutoRun\command - "" = N:\PISTOLATO\kalibar.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\explore\command - "" = N:\PISTOLATO\\kalibar.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\Install\command - "" = N:\PISTOLATO\\kalibar.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\open\command - "" = N:\PISTOLATO\\kalibar.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c4f8113-0338-11dc-9636-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5442a2-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5442a2-0338-11dc-acd0-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5442d9-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5442d9-0338-11dc-acd0-001bfc0845cf}\Shell\open\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5442f3-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5442f3-0338-11dc-acd0-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c56a35c-0338-11dc-bea7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c56a4fe-0338-11dc-8058-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c56a4fe-0338-11dc-8058-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c56a535-0338-11dc-9839-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c56a535-0338-11dc-9839-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\1\Command - "" = F:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\2\Command - "" = F:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5b652f-0338-11dc-9528-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5b652f-0338-11dc-9528-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5b654c-0338-11dc-bd49-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5b654c-0338-11dc-bd49-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5dc7dc-0338-11dc-aa5f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0c5dc7dc-0338-11dc-aa5f-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\AutoRun\command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584 | RHS- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\Explore\Command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584 | RHS- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\Open\Command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584 | RHS- | M] (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0ce81609-0338-11dc-9506-001bfc0845cf}\Shell\AutoRun\command - "" = N:\Menu.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a1f-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a1f-0338-11dc-a34d-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a28-0338-11dc-a34d-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a28-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf3fc86-0338-11dc-b214-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf3fc86-0338-11dc-b214-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf3fd3a-0338-11dc-891a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf3fd3a-0338-11dc-891a-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf3fd46-0338-11dc-891a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf3fd46-0338-11dc-891a-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf65e3d-0338-11dc-9a76-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0cf65e3d-0338-11dc-9a76-001bfc0845cf}\Shell\Open(&0)\command - "" = P:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0d700513-0338-11dc-9108-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0d700513-0338-11dc-9108-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0d80adaa-0338-11dc-8199-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0d80adaa-0338-11dc-8199-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0e08997e-0338-11dc-8297-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0e08997e-0338-11dc-8297-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0e089984-0338-11dc-8297-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0e089984-0338-11dc-8297-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0e1e051e-0338-11dc-952f-001bfc0845cf}\Shell\AutoRun\command - "" = N:\hm1bfpuj.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0e1e051e-0338-11dc-952f-001bfc0845cf}\Shell\open\Command - "" = N:\hm1bfpuj.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0e252b56-0338-11dc-9b24-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0e252b56-0338-11dc-9b24-001bfc0845cf}\Shell\Open(&0)\command - "" = G:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0eaac122-0338-11dc-9a0e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0eaac122-0338-11dc-9a0e-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0f4cd3a0-0338-11dc-a38f-001bfc0845cf}\Shell\Auto\command - "" = auto.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0f4cd3a0-0338-11dc-a38f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0f4f344c-0338-11dc-a690-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0f4f344c-0338-11dc-a690-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0f5655f9-0338-11dc-99c3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0f5655f9-0338-11dc-99c3-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0fd4c115-0338-11dc-8f1b-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0fd4c115-0338-11dc-8f1b-001bfc0845cf}\Shell\AutoRun\command - "" = Q:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0fe56952-0338-11dc-94c0-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0fe56952-0338-11dc-94c0-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0feeed94-0338-11dc-a2d6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{0feeed94-0338-11dc-a2d6-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{111fda2b-6a6c-11dc-96bc-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{122da34e-0338-11dc-bc53-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{123255a9-0338-11dc-abe2-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{123255a9-0338-11dc-abe2-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{14924d88-0338-11dc-8dab-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{14924d88-0338-11dc-8dab-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{1aa6c9b7-5ae0-11dc-91ff-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{1bb244b4-0338-11dc-a2ce-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{1bb244b4-0338-11dc-a2ce-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{1c487aea-0338-11dc-b8f8-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{1c487aea-0338-11dc-b8f8-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{1c54544d-0338-11dc-b0f0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{1c54544d-0338-11dc-b0f0-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{1ce11129-0338-11dc-88eb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{207f8b14-3b62-11e1-b7e5-001bfc0845cf}\Shell\AutoRun\command - "" = RunClubSanDisk.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{301e9c7f-5ddd-11dc-8a59-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{3697343b-36aa-11e1-b081-001bfc0845cf}\Shell\AutoRun\command - "" = N:\RunClubSanDisk.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{37a30b32-2ba4-11e1-b955-001bfc0845cf}\Shell\AutoRun\command - "" = N:\autorun.bat> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{5491d992-3a9a-11e1-8bbb-001bfc0845cf}\Shell\AutoRun\command - "" = N:\RunClubSanDisk.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{71cd1a52-ff9f-11e0-8abe-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{71cd1a52-ff9f-11e0-8abe-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a762ef5d-032f-11dc-a971-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a7fde9e0-032f-11dc-a355-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a7fde9e0-032f-11dc-a355-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a7fde9ec-032f-11dc-a355-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a802b24f-032f-11dc-841f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a92cb271-032f-11dc-ae64-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a92f160f-032f-11dc-b5ea-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a92f160f-032f-11dc-b5ea-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a92f161b-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a92f161b-032f-11dc-a5fd-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a92f16a1-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a92f16a4-032f-11dc-a5fd-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a92f16a4-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a93179f4-032f-11dc-92d6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9317a80-032f-11dc-8c55-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9317a9a-032f-11dc-a197-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9317abf-032f-11dc-a197-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9317abf-032f-11dc-a197-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9317b99-032f-11dc-8e4e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a933dc38-032f-11dc-b027-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a933dd0d-032f-11dc-9251-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a933ddeb-032f-11dc-ad3a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a933df41-032f-11dc-b28b-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9363f3e-032f-11dc-b7c7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a936411f-032f-11dc-b804-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a936411f-032f-11dc-b804-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9364166-032f-11dc-901f-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9364166-032f-11dc-901f-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a938a3b0-032f-11dc-9be1-001bfc0845cf}\Shell\Auto\command - "" = K:\auto.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a938a3b0-032f-11dc-9be1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\auto.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9ced79a-032f-11dc-b483-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{a9d1384c-032f-11dc-9bd3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{aa650c41-032f-11dc-89fa-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\AutoRun\command - "" = L:\RECYCLER.exe F:\> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\Explore\command - "" = L:\RECYCLER.exe F:\> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\Open\command - "" = L:\RECYCLER.exe F:\> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{aafd9e08-032f-11dc-90ae-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{aafd9e08-032f-11dc-90ae-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{aafda28a-032f-11dc-91b3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{afd2d5a6-1d83-11e1-b6a7-001bfc0845cf}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{afd2d5a6-1d83-11e1-b6a7-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{b8ae5f20-032f-11dc-a2ca-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{b8ae5f20-032f-11dc-a2ca-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba782168-032f-11dc-99fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba78241f-032f-11dc-b9f6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba78241f-032f-11dc-b9f6-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\AutoRun\command - "" = System\Security\DriveGuard.exe -run> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\Explore\Command - "" = System\Security\DriveGuard.exe -run> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\Open\Command - "" = System\Security\DriveGuard.exe -run> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\AuToplaY\comMAnD - "" = hyaj.pif> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\AutoRun\command - "" = hyaj.pif> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\exPlore\CoMMand - "" = hyaj.pif> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\opeN\command - "" = hyaj.pif> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{bce1a841-032f-11dc-8e23-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{bce1a841-032f-11dc-8e23-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{cd0cdea7-5f6b-11dc-ab81-001bfc0845cf}\Shell\AutoRun\command - "" = .\Highspeed drivers.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d4619373-678a-11dc-adda-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d80c664a-6b4e-11dc-9992-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d80c664a-6b4e-11dc-9992-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\F\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\F\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\I\Shell\1\Command - "" = I:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\I\Shell\2\Command - "" = I:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\I\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\K\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\L\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a> in the current context!
Error: Unable to interpret <O33 - MountPoints2\N\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\N\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\P\Shell\1\Command - "" = P:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\P\Shell\2\Command - "" = P:\Recycle.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\P\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycle.exe> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *) -  File not found> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012/01/23 03:43:33 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\Alle\AppData\Roaming\dwlGina3.dll> in the current context!
Error: Unable to interpret <[2012/01/23 03:14:23 | 000,363,008 | ---- | C] (Pinnacle Systems) -- C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe> in the current context!
Error: Unable to interpret <[2012/01/17 03:56:53 | 000,000,000 | ---D | C] -- C:\Users\Alle\Desktop\TIP> in the current context!
Error: Unable to interpret <[2012/01/17 03:35:50 | 000,000,000 | ---D | C] -- C:\Users\Alle\AppData\Roaming\Apple Computer> in the current context!
Error: Unable to interpret <[2012/01/11 05:59:13 | 000,000,000 | ---D | C] -- C:\Users\Alle\Desktop\SCHÄFER cd> in the current context!
Error: Unable to interpret <[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012/01/23 05:52:20 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat> in the current context!
Error: Unable to interpret <[2012/01/23 05:52:20 | 000,291,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2012/01/23 05:52:20 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat> in the current context!
Error: Unable to interpret <[2012/01/23 05:52:20 | 000,034,978 | ---- | M] () -- C:\Windows\System32\perfc009.dat> in the current context!
Error: Unable to interpret <[2012/01/23 05:48:07 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012/01/23 05:48:07 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2012/01/23 05:47:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2012/01/23 03:43:33 | 000,095,744 | ---- | M] (Kassl GmbH) -- C:\Users\Alle\AppData\Roaming\dwlGina3.dll> in the current context!
Error: Unable to interpret <[2012/01/23 03:14:20 | 000,363,008 | ---- | M] (Pinnacle Systems) -- C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe> in the current context!
Error: Unable to interpret <[2012/01/23 03:13:48 | 087,231,418 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm> in the current context!
Error: Unable to interpret <[2012/01/20 11:23:33 | 000,272,928 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm> in the current context!
Error: Unable to interpret <[2012/01/17 04:50:40 | 000,207,872 | ---- | M] () -- C:\Users\Alle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context!
Error: Unable to interpret <[2012/01/17 03:35:33 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn> in the current context!
Error: Unable to interpret <[2012/01/17 03:35:33 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for> in the current context!
Error: Unable to interpret <[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2012/01/17 03:35:33 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn> in the current context!
Error: Unable to interpret <[2012/01/17 03:35:33 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for> in the current context!
Error: Unable to interpret <[2011/10/19 10:58:03 | 000,000,680 | ---- | C] () -- C:\Users\Alle\AppData\Local\d3d9caps.dat> in the current context!
Error: Unable to interpret <[2011/10/08 07:55:22 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol> in the current context!
Error: Unable to interpret <[2010/04/26 12:04:56 | 000,010,752 | ---- | C] () -- C:\Windows\System32\KOBJUT_L.DLL> in the current context!
Error: Unable to interpret <[2010/01/27 06:59:00 | 000,010,752 | ---- | C] () -- C:\Windows\System32\KOBJUJ_L.DLL> in the current context!
Error: Unable to interpret <[2007/11/15 06:57:00 | 000,013,312 | ---- | C] () -- C:\Windows\System32\KOBJUA_L.DLL> in the current context!
Error: Unable to interpret <[2007/09/07 11:01:23 | 000,000,182 | ---- | C] () -- C:\Windows\System32\EBPPORT.DAT> in the current context!
Error: Unable to interpret <[2007/09/03 04:31:16 | 000,434,176 | ---- | C] () -- C:\Windows\System32\CNQL3203.DLL> in the current context!
Error: Unable to interpret <[2007/09/03 03:58:23 | 000,207,872 | ---- | C] () -- C:\Users\Alle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context!
Error: Unable to interpret <[2007/08/06 13:34:31 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat> in the current context!
Error: Unable to interpret <[2007/08/06 13:34:29 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat> in the current context!
Error: Unable to interpret <[2007/08/06 05:00:53 | 000,135,168 | ---- | C] () -- C:\Windows\System32\property.dll> in the current context!
Error: Unable to interpret <[2007/05/16 00:15:22 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini> in the current context!
Error: Unable to interpret <[2007/05/15 19:21:37 | 000,143,360 | ---- | C] () -- C:\Windows\System32\PF1800LC.Dll> in the current context!
Error: Unable to interpret <[2007/05/15 19:21:37 | 000,049,152 | ---- | C] () -- C:\Windows\System32\PWiaExt.dll> in the current context!
Error: Unable to interpret <[2007/05/15 19:21:37 | 000,010,624 | ---- | C] () -- C:\Windows\System32\GENEUSB.SYS> in the current context!
Error: Unable to interpret <[2007/05/15 19:21:37 | 000,010,624 | ---- | C] () -- C:\Windows\System32\drivers\GENEUSB.SYS> in the current context!
Error: Unable to interpret <[2007/05/15 19:21:36 | 000,155,648 | ---- | C] () -- C:\Windows\System32\daspi32u.dll> in the current context!
Error: Unable to interpret <[2007/05/15 19:21:36 | 000,106,496 | ---- | C] () -- C:\Windows\System32\IO_PORT.DLL> in the current context!
Error: Unable to interpret <[2007/05/15 19:21:36 | 000,102,400 | ---- | C] () -- C:\Windows\System32\FVC.DLL> in the current context!
Error: Unable to interpret <[2007/05/15 19:21:36 | 000,032,768 | ---- | C] () -- C:\Windows\System32\SQ1394.DLL> in the current context!
Error: Unable to interpret <[2007/05/15 19:21:36 | 000,000,234 | ---- | C] () -- C:\Windows\Scanner.ini> in the current context!
Error: Unable to interpret <[2007/05/15 19:18:16 | 000,000,000 | ---- | C] () -- C:\Users\Alle\AppData\Roaming\wklnhst.dat> in the current context!
Error: Unable to interpret <[2007/05/15 18:54:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll> in the current context!
Error: Unable to interpret <[2007/05/15 18:54:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll> in the current context!
Error: Unable to interpret <[2007/05/15 18:54:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll> in the current context!
Error: Unable to interpret <[2007/05/15 18:54:23 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll> in the current context!
Error: Unable to interpret <[2007/05/15 18:54:23 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll> in the current context!
Error: Unable to interpret <[2006/11/02 10:38:05 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat> in the current context!
Error: Unable to interpret <[2006/11/02 10:38:05 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat> in the current context!
Error: Unable to interpret <[2006/11/02 10:38:05 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat> in the current context!
Error: Unable to interpret <[2006/11/02 10:38:05 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat> in the current context!
Error: Unable to interpret <[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2006/11/02 07:44:53 | 000,395,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT> in the current context!
Error: Unable to interpret <[2006/11/02 05:33:01 | 000,291,936 | ---- | C] () -- C:\Windows\System32\perfh009.dat> in the current context!
Error: Unable to interpret <[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat> in the current context!
Error: Unable to interpret <[2006/11/02 05:33:01 | 000,034,978 | ---- | C] () -- C:\Windows\System32\perfc009.dat> in the current context!
Error: Unable to interpret <[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat> in the current context!
Error: Unable to interpret <[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll> in the current context!
Error: Unable to interpret <[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat> in the current context!
Error: Unable to interpret <[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin> in the current context!
Error: Unable to interpret <[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT> in the current context!
Error: Unable to interpret <[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini> in the current context!
Error: Unable to interpret <[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat> in the current context!
Error: Unable to interpret <[2006/11/02 02:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin> in the current context!
Error: Unable to interpret <[2006/11/02 02:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin> in the current context!
Error: Unable to interpret <[2006/08/11 02:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011/10/06 10:34:55 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\AVG2012> in the current context!
Error: Unable to interpret <[2007/05/15 21:17:12 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\Canon> in the current context!
Error: Unable to interpret <[2007/05/16 03:06:56 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\EFSoftware> in the current context!
Error: Unable to interpret <[2011/10/06 07:50:37 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\GetRightToGo> in the current context!
Error: Unable to interpret <[2007/05/15 19:23:23 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\PIE> in the current context!
Error: Unable to interpret <[2007/09/05 06:53:11 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\T-DSL SpeedManager> in the current context!
Error: Unable to interpret <[2007/05/15 21:28:33 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\Template> in the current context!
Error: Unable to interpret <[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten> in the current context!
Error: Unable to interpret <[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data> in the current context!
Error: Unable to interpret <[2011/10/07 02:48:55 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG2012> in the current context!
Error: Unable to interpret <[2011/10/06 10:27:40 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files> in the current context!
Error: Unable to interpret <[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop> in the current context!
Error: Unable to interpret <[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents> in the current context!
Error: Unable to interpret <[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente> in the current context!
Error: Unable to interpret <[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten> in the current context!
Error: Unable to interpret <[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites> in the current context!
Error: Unable to interpret <[2012/01/23 03:13:54 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData> in the current context!
Error: Unable to interpret <[2007/05/15 18:35:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Phase One> in the current context!
Error: Unable to interpret <[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu> in the current context!
Error: Unable to interpret <[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü> in the current context!
Error: Unable to interpret <[2007/09/05 06:53:14 | 000,000,000 | ---D | M] -- C:\ProgramData\T-DSL SpeedManager> in the current context!
Error: Unable to interpret <[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates> in the current context!
Error: Unable to interpret <[2012/01/18 04:59:49 | 000,000,000 | ---D | M] -- C:\ProgramData\tmp> in the current context!
Error: Unable to interpret <[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen> in the current context!
Error: Unable to interpret <[2012/01/23 03:41:09 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << End of report >
--- --- ---
> in the current context!

OTLPE by OldTimer - Version 3.1.48.0 log created on 01232012_160309

Alt 23.01.2012, 16:13   #9
markusg
/// Malware-holic
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


ne du hast das otl log reinkopiert und nicht das script aus post 2
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2012, 16:36   #10
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


Ich depp
Gut das hat jetzt alles geklappt, er fährt hoch, bzw ich hoffe es. Das hat schon vorher extrem lange gedauert. Ich melde mich hoffentlich mit hochgefahrenem Rechner )

Alt 23.01.2012, 17:22   #11
markusg
/// Malware-holic
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


hi,
kannst mir gleich mal bitte sagen, wie viele externe datenträger, wie zb externe festplatten und usb sticks du hast.
da sind ziemlich viele von infiziert.
dein pc hat auch noch nie updates gesehen, warum nicht?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2012, 17:31   #12
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


Das war bislang eine Insel, der in einem geschützen Netzwerk hing, das haben wir erweitert, und da hab ich dann versucht alle Updates zu installieren. Das aber hat nicht hingehauen. Eigentlich sollte der Rechner wieder vom netz. Da aber meine Kunden in den PC immer auch ihre Daten reinstecken, kann der Virus auch von ausserhalb kommen. Am Samstag hat meine Kollegin gesagt , hätte sie von einem Fremden Stick eine Warnung erhalten, sich aber nichts gedacht. Dieser Rechner wird, wenn er dann wieder läuft, vom Internet genommen. Ich habe alles übers Netzwerk benutzt, allerdings nur einseitig.
Der Rechner konnte nicht von den anderen Rechner benutzt /bzw es konnte kein Zugriff von anderen Rechnern aus dem Netzwerk erfolgen.
Womit teste ich den Rest am besten? Wobei da über all Norton Antivirus drauf ist, und die haben alle keinen Internetzugang.

Im moment läuft das hochfahren noch, also er "Repariert" sich selbst.. Hoffentlich, naja an die Daten käme ich ja zu not immer drann...
Geändert von Bonnhai (23.01.2012 um 17:39 Uhr)

Alt 23.01.2012, 17:41   #13
markusg
/// Malware-holic
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


ich würd das system neu aufsetzen an dem teil haben schon viele infizierte sticks gesteckt und ihr verbreitet mit dem teil dann infektionen auf usb sticks von kunden etc.
das archiv hätte ich dann aber trotzdem gern.
sind eure andern pcs auch so schlecht mit updates versorgt?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2012, 17:44   #14
markusg
/// Malware-holic
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


und was dann unbedingt gemacht werden muss, autorun deaktivieren die funktion ist gefährlich da man so malware weiter geben kann bzw erst bekommt.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.01.2012, 17:45   #15
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


Nein, der Rest ist "Up to Date" ich denke dann auch das ich diesen PC nach Datenrettung neu aufspiele, ich hoffe ich find meine PC Unterlagen


Das Die Log Datei kommt, wenn er dann mal hochgefahren ist!#
Keine Ahnung wie lange das dauert!

Antwort
Seite 1 von 2 1 2

Themen zu Ebenso Probleme mit DWLGINA3.dll
.dll, avg, bho, cdrom, defender, disabletaskmgr, explorer, firefox, format, generic, home, logfile, microsoft, nvidia, pdf, realtek, registry, rundll, scan, security, software, starten, symantec, ups, vista, winlogon, wscript.exe


« Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer | Trojaner Meldung: JS Redirector KP bei Aufruf Kontaktanfrage in Homepage »


Ähnliche Themen: Ebenso Probleme mit DWLGINA3.dll


  1. Werbung poppt in neuen Tabs auf und ebenso springen auf Werbefenster auf
    Plagegeister aller Art und deren Bekämpfung - 19.02.2015 (15)
  2. Internet extrem langsam, TaskMgr & RegEdit deaktiviert, Sicherheitscenter ebenso.
    Plagegeister aller Art und deren Bekämpfung - 09.07.2014 (13)
  3. Ebenso großen Dank an Schrauber
    Lob, Kritik und Wünsche - 07.05.2014 (0)
  4. Avg durch Gruppenrichtlinie blockiert. Ebenso Malewarebytes
    Plagegeister aller Art und deren Bekämpfung - 28.04.2014 (7)
  5. Windows 7: Fake Mail von DHL geöffnet und Anhang ebenso
    Plagegeister aller Art und deren Bekämpfung - 24.01.2014 (17)
  6. ebenso infiziert, xp 48 stunden etc....
    Log-Analyse und Auswertung - 16.01.2013 (19)
  7. BKA-/Bundespolizei-Trojaner ebenso ...
    Log-Analyse und Auswertung - 31.03.2012 (1)
  8. Can not find dwlgina3.dll Bitte um Hilfe
    Log-Analyse und Auswertung - 12.02.2012 (3)
  9. can not find dwlgina3.dll
    Log-Analyse und Auswertung - 03.02.2012 (33)
  10. dwlgina3.dll, vista startet nicht mehr
    Log-Analyse und Auswertung - 31.01.2012 (5)
  11. dwlgina3.dll wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (22)
  12. can not find dwlgina3.dll. windows 7 startet nicht.
    Plagegeister aller Art und deren Bekämpfung - 24.01.2012 (7)
  13. dwlgina3.dll a not found
    Plagegeister aller Art und deren Bekämpfung - 22.01.2012 (3)
  14. Windows 7: can not find dwlgina3.dll
    Log-Analyse und Auswertung - 11.01.2012 (5)
  15. Internet Explorer öffnet sich von allein, ebenso Fenster mit Werbung
    Log-Analyse und Auswertung - 04.05.2010 (4)
  16. Pc hackt firefox ebenso
    Plagegeister aller Art und deren Bekämpfung - 06.04.2009 (0)
  17. Antivirus streikt, Drucker ebenso - Logfile!
    Log-Analyse und Auswertung - 20.02.2006 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ebenso Probleme mit DWLGINA3.dll - Hallo ich hab Probleme wegen nicht gefundener DWLGina3.dll kann nicht in den abgesichterten Modus, kann kein Recovery starten, Das ist ist die Datei mit OTLPE erstellt, ich weiß nicht weiter. - Ebenso Probleme mit DWLGINA3.dll...
Archiv
Du betrachtest: Ebenso Probleme mit DWLGINA3.dll auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27