Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Ebenso Probleme mit DWLGINA3.dll

Ebenso Probleme mit DWLGINA3.dll


Log-Analyse und Auswertung: Ebenso Probleme mit DWLGINA3.dll

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 23.01.2012, 12:15   #1
Bonnhai
 
Ebenso Probleme mit DWLGINA3.dll - Standard

Ebenso Probleme mit DWLGINA3.dll


Hallo ich hab Probleme wegen nicht gefundener DWLGina3.dll
kann nicht in den abgesichterten Modus, kann kein Recovery starten,

Das ist ist die Datei mit OTLPE erstellt, ich weiß nicht weiter.
Kan geholfne werden?


OTL logfile created on: 1/23/2012 12:02:14 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Windows Vista (TM) Home Basic (Version = 6.0.6000) - Type = System
Internet Explorer (Version = 7.0.6000.16473)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 2.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.10 Gb Total Space | 86.49 Gb Free Space | 58.40% Space Free | Partition Type: NTFS
Drive M: | 73.07 Gb Total Space | 55.26 Gb Free Space | 75.63% Space Free | Partition Type: NTFS
Drive N: | 7.47 Gb Total Space | 4.24 Gb Free Space | 56.71% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001

========== Win32 Services (SafeList) ==========

SRV - [2011/10/12 01:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/02 00:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2007/08/06 11:33:45 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/15 20:58:19 | 001,251,720 | ---- | M] () [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2006/12/08 03:52:04 | 000,204,800 | ---- | M] (Fujitsu Siemens Computers) [Auto] -- C:\FirstSteps\OnlineDiagnostic\TestManager\TestHandler.exe -- (TestHandler)
SRV - [2006/10/24 17:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2006/10/24 17:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2006/10/24 17:08:20 | 000,107,624 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2006/10/13 10:29:12 | 000,049,296 | ---- | M] (Symantec Corporation) [On_Demand] -- C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2006/09/20 13:05:16 | 000,046,736 | ---- | M] (Symantec Corporation) [Auto] -- C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- (SymAppCore)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand] -- -- (TSMPacket)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand] -- -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand] -- -- (NAVEX15)
DRV - File not found [Kernel | On_Demand] -- -- (NAVENG)
DRV - File not found [Kernel | On_Demand] -- -- (IpInIp)
DRV - File not found [Kernel | System] -- -- (IDSvix86)
DRV - [2011/10/07 01:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/10/04 01:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/09/13 00:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 00:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/10 19:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/10 19:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/10 19:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/07/10 19:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2008/07/23 09:17:16 | 000,023,936 | ---- | M] (Phase One A/S) [Kernel | On_Demand] -- C:\Windows\System32\drivers\p1c1394.sys -- (P1C1394)
DRV - [2007/11/30 16:57:12 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/11/30 16:57:12 | 000,279,088 | ---- | M] (Symantec Corporation) [File_System | System] -- C:\Windows\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/11/30 16:57:12 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/10/30 12:55:44 | 000,037,936 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMNDISV.SYS -- (SYMNDISV)
DRV - [2007/10/30 12:55:38 | 000,191,536 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Windows\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2007/10/30 12:55:34 | 000,027,696 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2007/10/30 12:55:28 | 000,039,856 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2007/10/30 12:55:20 | 000,145,968 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2007/10/30 12:55:14 | 000,012,848 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2007/06/25 06:37:24 | 000,084,480 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/06/13 14:28:11 | 002,600,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2007/06/13 14:28:11 | 002,600,448 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/05/15 20:59:00 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/04/03 11:25:22 | 000,025,984 | ---- | M] (Generic Provider.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xVGAUSB.sys -- (xVGAUSB) USB2.0 VGA DEVICE(USB)
DRV - [2007/04/03 09:53:12 | 000,047,872 | ---- | M] (JMicron Technology Corp.) [Kernel | Disabled] -- C:\Windows\system32\drivers\jraid.sys -- (JRAID)
DRV - [2007/03/30 09:15:08 | 000,243,456 | ---- | M] (Generic Provider.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xVGAMINI.sys -- (xVGAMINI)
DRV - [2007/03/30 09:12:52 | 000,242,816 | ---- | M] (Generic Provider.) [Kernel | On_Demand] -- C:\Windows\System32\drivers\xMrMINI.sys -- (xMrMINI)
DRV - [2006/11/05 20:00:00 | 000,387,432 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2006/11/05 20:00:00 | 000,102,760 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2006/10/30 04:22:26 | 000,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006/07/14 07:55:34 | 000,105,088 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled] -- C:\Windows\system32\drivers\nvatabus.sys -- (nvatabus)
DRV - [2006/02/07 12:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot] -- C:\Windows\System32\drivers\JGOGO.sys -- (JGOGO)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Alle_ON_C\Software\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\Alle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Alle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.2.1:80
IE - HKU\Alle_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = 192.168.2.1




========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "hxxp://www.t-online.de/"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\System32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/12/23 03:15:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/14 05:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/10/05 08:42:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alle\AppData\Roaming\Mozilla\Extensions
[2011/10/05 08:41:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
File not found (No name found) --
[2011/12/23 03:15:26 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2012/01/14 05:34:04 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/28 20:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/09/28 20:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/28 20:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011/09/28 20:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/09/28 20:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/09/28 20:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBHO.dll (Symantec Corporation)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll (Symantec Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [Cl3XeOQ7Sj1b8lr] C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O4 - HKLM..\Run: [Mxvgautil] C:\Windows\System32\mxvgautil.exe (Generic Provider)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\Alle_ON_C..\Run: [Cl3XeOQ7Sj1b8lr] C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O4 - HKU\LocalService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\NetworkService_ON_C..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\Alle_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Alle_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\NetworkService_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\systemprofile_ON_C\Software\Policies\Microsoft\Internet Explorer\Recovery present
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.2
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe) - C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O20 - HKU\Alle_ON_C Winlogon: Shell - (C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe) - C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe (Pinnacle Systems)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{06914c50-6bf6-11dc-b3a7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{09d3049c-0338-11dc-9754-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d3049c-0338-11dc-9754-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d304c5-0338-11dc-9616-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{09d30523-0338-11dc-949b-001bfc0845cf}\Shell\AutoRun\command - "" = Menu.exe
O33 - MountPoints2\{09d30627-0338-11dc-960e-001bfc0845cf}\Shell\AutoRun\command - "" = K:\RECYCLER\recycld.exe
O33 - MountPoints2\{09d30627-0338-11dc-960e-001bfc0845cf}\Shell\open\command - "" = K:\RECYCLER\recycld.exe
O33 - MountPoints2\{09d55604-0338-11dc-ad9f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{09d55604-0338-11dc-ad9f-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\1\Command - "" = K:\.\RECYCLER\Lcass.exe
O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\2\Command - "" = K:\.\RECYCLER\Lcass.exe
O33 - MountPoints2\{09d5573d-0338-11dc-9d92-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\.\RECYCLER\Lcass.exe
O33 - MountPoints2\{09d5574a-0338-11dc-bada-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d5574a-0338-11dc-bada-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9b3-0338-11dc-a83d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9b3-0338-11dc-a83d-001bfc0845cf}\Shell\Open(&0)\command - "" = Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9f1-0338-11dc-a696-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09d7b9f1-0338-11dc-a696-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{09dc7f47-0338-11dc-ab2b-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0a6dff73-0338-11dc-9393-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a6dff73-0338-11dc-9393-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a6dff97-0338-11dc-9393-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a6dff97-0338-11dc-9393-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a705018-0338-11dc-b6e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a705018-0338-11dc-b6e6-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a72b1ab-0338-11dc-8bc8-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a72b1ab-0338-11dc-8bc8-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a940397-0338-11dc-940e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a940397-0338-11dc-940e-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a9403e3-0338-11dc-940e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0a9403e3-0338-11dc-940e-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0afd0bff-0338-11dc-98e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0afd0bff-0338-11dc-98e6-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0afd0d16-0338-11dc-b6b9-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0afd0d16-0338-11dc-b6b9-001bfc0845cf}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{0afd0d6d-0338-11dc-98e6-001bfc0845cf}\Shell\AutoRun\command - "" = NADFOLDER\autorun.exe
O33 - MountPoints2\{0afd0d6d-0338-11dc-98e6-001bfc0845cf}\Shell\open\command - "" = NADFOLDER\autorun.exe
O33 - MountPoints2\{0b068451-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL O:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b068451-0338-11dc-a7d1-001bfc0845cf}\Shell\Open(&0)\command - "" = O:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0684a8-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0684a8-0338-11dc-a7d1-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0684ad-0338-11dc-a7d1-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b0684ad-0338-11dc-a7d1-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0b08e77c-0338-11dc-a1c5-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b08e77c-0338-11dc-a1c5-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0b0b4776-0338-11dc-b80a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0b4776-0338-11dc-b80a-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b0b4796-0338-11dc-b80a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\copy.exe
O33 - MountPoints2\{0b127204-0338-11dc-a111-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b127204-0338-11dc-a111-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b1272fd-0338-11dc-814a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0b127326-0338-11dc-863f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b127326-0338-11dc-863f-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0b1738b3-0338-11dc-a829-001bfc0845cf}\Shell\AutoRun\command - "" = N:\mranjm.exe
O33 - MountPoints2\{0b1738b3-0338-11dc-a829-001bfc0845cf}\Shell\open\Command - "" = N:\mranjm.exe
O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b173a80-0338-11dc-a6ef-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\Auto\command - "" = N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\explore\Command - "" = N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d64-0338-11dc-b20f-001bfc0845cf}\Shell\open\Command - "" = N:\activexdebugger32.exe f
O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0b199d7a-0338-11dc-8f37-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0b2314b5-0338-11dc-99f0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b2314b5-0338-11dc-99f0-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b980492-0338-11dc-bbf0-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b980492-0338-11dc-bbf0-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0b9804b6-0338-11dc-8021-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0b9a6738-0338-11dc-b49f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b9a6738-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{0b9a675a-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Q:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9a675a-0338-11dc-b49f-001bfc0845cf}\Shell\Open(&0)\command - "" = Q:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9a675d-0338-11dc-b49f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0b9a675d-0338-11dc-b49f-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{0b9cc817-0338-11dc-af73-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9cc817-0338-11dc-af73-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9cc886-0338-11dc-b3f3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9cc886-0338-11dc-b3f3-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9f1a2c-0338-11dc-bbb9-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0b9f1a2c-0338-11dc-bbb9-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0ba17c8d-0338-11dc-8110-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0ba64127-0338-11dc-8f03-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\Recycled\ctfmon.exe
O33 - MountPoints2\{0ba64127-0338-11dc-8f03-001bfc0845cf}\Shell\Open(&0)\command - "" = M:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\AutoRun\command - "" = N:\ -- File not found
O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\explore\Command - "" = WScript.exe .\autorun.vbs
O33 - MountPoints2\{0bab095f-0338-11dc-9f41-001bfc0845cf}\Shell\open\Command - "" = WScript.exe .\autorun.vbs
O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bad6951-0338-11dc-81b6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bad6b21-0338-11dc-839b-001bfc0845cf}\Shell\AutoRun\command - "" = N:\setupSNK.exe
O33 - MountPoints2\{0bad6b26-0338-11dc-839b-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0bad6b26-0338-11dc-839b-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafcfcb-0338-11dc-aac4-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bafd04a-0338-11dc-8505-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bafd04f-0338-11dc-8505-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0bafd04f-0338-11dc-8505-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe
O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb23267-0338-11dc-8e72-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bb2340d-0338-11dc-8f04-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0bb2340d-0338-11dc-8f04-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0bb48669-0338-11dc-9597-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0bb6e939-0338-11dc-9899-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\copy.exe
O33 - MountPoints2\{0bb6e985-0338-11dc-95f9-001bfc0845cf}\Shell\AutoRun\command - "" = N:\TrekStor/menu.exe
O33 - MountPoints2\{0bb6e9dd-0338-11dc-96fb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RuNdLl32.EXE .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
O33 - MountPoints2\{0bbbac67-0338-11dc-8abb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bbbac67-0338-11dc-8abb-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bbe0e6b-0338-11dc-b66d-001bfc0845cf}\Shell\AutoRun\command - "" = N:\urDrive.exe
O33 - MountPoints2\{0bc06f19-0338-11dc-a2f2-001bfc0845cf}\Shell\AutoRun\command - "" = F:\RunClubSanDisk.exe
O33 - MountPoints2\{0bc06f1a-0338-11dc-8629-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc06f1a-0338-11dc-8629-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\1\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\2\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0bc06fa1-0338-11dc-a3f7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycle.exe
O33 - MountPoints2\{0bc06fbc-0338-11dc-a3f7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc06fbc-0338-11dc-a3f7-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc2cf10-0338-11dc-bf4c-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc2cf10-0338-11dc-bf4c-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc5312e-0338-11dc-88cb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc5312e-0338-11dc-88cb-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc53374-0338-11dc-9961-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0bc53374-0338-11dc-9961-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c32fe0a-0338-11dc-b5c3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c32fe0a-0338-11dc-b5c3-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c355e59-0338-11dc-b0e1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c355e59-0338-11dc-b0e1-001bfc0845cf}\Shell\Open(&0)\command - "" = P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c355ea9-0338-11dc-bbbf-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0c355eac-0338-11dc-bbbf-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0c355eac-0338-11dc-bbbf-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe
O33 - MountPoints2\{0c37c303-0338-11dc-b022-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0c37c303-0338-11dc-b022-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{0c3a12d4-0338-11dc-9dd5-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0c3a12d4-0338-11dc-9dd5-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0c3c74f2-0338-11dc-b079-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\nvda\nvda.exe
O33 - MountPoints2\{0c3c74f2-0338-11dc-b079-001bfc0845cf}\Shell\nvda\command - "" = N:\nvda\nvda.exe
O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4602e1-0338-11dc-a720-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d79-0338-11dc-afdd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0c4d1d9f-0338-11dc-b85a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\AutoRun\command - "" = N:\PISTOLATO\kalibar.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\explore\command - "" = N:\PISTOLATO\\kalibar.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\Install\command - "" = N:\PISTOLATO\\kalibar.exe
O33 - MountPoints2\{0c4d2b19-0338-11dc-b159-001bfc0845cf}\Shell\open\command - "" = N:\PISTOLATO\\kalibar.exe
O33 - MountPoints2\{0c4f8113-0338-11dc-9636-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{0c5442a2-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5442a2-0338-11dc-acd0-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5442d9-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe
O33 - MountPoints2\{0c5442d9-0338-11dc-acd0-001bfc0845cf}\Shell\open\command - "" = driver\S-1-4-89-654352344-54323413-6452342-4545\service.exe
O33 - MountPoints2\{0c5442f3-0338-11dc-acd0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5442f3-0338-11dc-acd0-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a35c-0338-11dc-bea7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\copy.exe
O33 - MountPoints2\{0c56a4fe-0338-11dc-8058-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a4fe-0338-11dc-8058-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a535-0338-11dc-9839-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c56a535-0338-11dc-9839-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\1\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\2\Command - "" = F:\Recycle.exe
O33 - MountPoints2\{0c590539-0338-11dc-bbb0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycle.exe
O33 - MountPoints2\{0c5b652f-0338-11dc-9528-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5b652f-0338-11dc-9528-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5b654c-0338-11dc-bd49-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5b654c-0338-11dc-bd49-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5dc7dc-0338-11dc-aa5f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0c5dc7dc-0338-11dc-aa5f-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\AutoRun\command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\Explore\Command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{0ce815eb-0338-11dc-baeb-001bfc0845cf}\Shell\Open\Command - "" = N:\System\Security\DriveGuard.exe -- [2008/04/19 19:31:34 | 000,212,584 | RHS- | M] (Microsoft Corporation)
O33 - MountPoints2\{0ce81609-0338-11dc-9506-001bfc0845cf}\Shell\AutoRun\command - "" = N:\Menu.exe
O33 - MountPoints2\{0cef3a1f-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cef3a1f-0338-11dc-a34d-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a25-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0cef3a28-0338-11dc-a34d-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0cef3a28-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cef3a2d-0338-11dc-a34d-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0cf3fc86-0338-11dc-b214-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fc86-0338-11dc-b214-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd3a-0338-11dc-891a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd3a-0338-11dc-891a-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd46-0338-11dc-891a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fd46-0338-11dc-891a-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0cf3fe28-0338-11dc-98ff-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0cf65e3d-0338-11dc-9a76-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0cf65e3d-0338-11dc-9a76-001bfc0845cf}\Shell\Open(&0)\command - "" = P:\Recycled\ctfmon.exe
O33 - MountPoints2\{0d700513-0338-11dc-9108-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0d700513-0338-11dc-9108-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe
O33 - MountPoints2\{0d80adaa-0338-11dc-8199-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0d80adaa-0338-11dc-8199-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{0e08997e-0338-11dc-8297-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e08997e-0338-11dc-8297-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e089984-0338-11dc-8297-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e089984-0338-11dc-8297-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e1e051e-0338-11dc-952f-001bfc0845cf}\Shell\AutoRun\command - "" = N:\hm1bfpuj.exe
O33 - MountPoints2\{0e1e051e-0338-11dc-952f-001bfc0845cf}\Shell\open\Command - "" = N:\hm1bfpuj.exe
O33 - MountPoints2\{0e252b56-0338-11dc-9b24-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL G:\Recycled\ctfmon.exe
O33 - MountPoints2\{0e252b56-0338-11dc-9b24-001bfc0845cf}\Shell\Open(&0)\command - "" = G:\Recycled\ctfmon.exe
O33 - MountPoints2\{0eaac122-0338-11dc-9a0e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0eaac122-0338-11dc-9a0e-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f4cd3a0-0338-11dc-a38f-001bfc0845cf}\Shell\Auto\command - "" = auto.exe
O33 - MountPoints2\{0f4cd3a0-0338-11dc-a38f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe
O33 - MountPoints2\{0f4f344c-0338-11dc-a690-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f4f344c-0338-11dc-a690-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f5655f9-0338-11dc-99c3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0f5655f9-0338-11dc-99c3-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{0fd4c115-0338-11dc-8f1b-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0fd4c115-0338-11dc-8f1b-001bfc0845cf}\Shell\AutoRun\command - "" = Q:\LaunchU3.exe -a
O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{0fe0a456-0338-11dc-a8c6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{0fe56952-0338-11dc-94c0-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{0fe56952-0338-11dc-94c0-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{0feeed94-0338-11dc-a2d6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycled\ctfmon.exe
O33 - MountPoints2\{0feeed94-0338-11dc-a2d6-001bfc0845cf}\Shell\Open(&0)\command - "" = I:\Recycled\ctfmon.exe
O33 - MountPoints2\{111fda2b-6a6c-11dc-96bc-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{122da34e-0338-11dc-bc53-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{123255a9-0338-11dc-abe2-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{123255a9-0338-11dc-abe2-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{14924d88-0338-11dc-8dab-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{14924d88-0338-11dc-8dab-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{1aa6c9b7-5ae0-11dc-91ff-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{1bb244b4-0338-11dc-a2ce-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{1bb244b4-0338-11dc-a2ce-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{1c487aea-0338-11dc-b8f8-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{1c487aea-0338-11dc-b8f8-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{1c54544d-0338-11dc-b0f0-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{1c54544d-0338-11dc-b0f0-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{1ce11129-0338-11dc-88eb-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\copy.exe
O33 - MountPoints2\{207f8b14-3b62-11e1-b7e5-001bfc0845cf}\Shell\AutoRun\command - "" = RunClubSanDisk.exe
O33 - MountPoints2\{301e9c7f-5ddd-11dc-8a59-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{3697343b-36aa-11e1-b081-001bfc0845cf}\Shell\AutoRun\command - "" = N:\RunClubSanDisk.exe
O33 - MountPoints2\{37a30b32-2ba4-11e1-b955-001bfc0845cf}\Shell\AutoRun\command - "" = N:\autorun.bat
O33 - MountPoints2\{5491d992-3a9a-11e1-8bbb-001bfc0845cf}\Shell\AutoRun\command - "" = N:\RunClubSanDisk.exe
O33 - MountPoints2\{71cd1a52-ff9f-11e0-8abe-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{71cd1a52-ff9f-11e0-8abe-001bfc0845cf}\Shell\AutoRun\command - "" = P:\LaunchU3.exe -a
O33 - MountPoints2\{a762ef5d-032f-11dc-a971-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a7fde9e0-032f-11dc-a355-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{a7fde9e0-032f-11dc-a355-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{a7fde9ec-032f-11dc-a355-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL M:\copy.exe
O33 - MountPoints2\{a802b24f-032f-11dc-841f-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a92cb271-032f-11dc-ae64-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a92f160f-032f-11dc-b5ea-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f160f-032f-11dc-b5ea-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f161b-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f161b-032f-11dc-a5fd-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a92f16a1-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs
O33 - MountPoints2\{a92f16a4-032f-11dc-a5fd-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{a92f16a4-032f-11dc-a5fd-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{a93179f4-032f-11dc-92d6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9317a80-032f-11dc-8c55-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9317a9a-032f-11dc-a197-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9317abf-032f-11dc-a197-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{a9317abf-032f-11dc-a197-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{a9317b99-032f-11dc-8e4e-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933dc38-032f-11dc-b027-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933dd0d-032f-11dc-9251-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933ddeb-032f-11dc-ad3a-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{a933df41-032f-11dc-b28b-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9363f3e-032f-11dc-b7c7-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a936411f-032f-11dc-b804-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a936411f-032f-11dc-b804-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{a9364166-032f-11dc-901f-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{a9364166-032f-11dc-901f-001bfc0845cf}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{a938a3b0-032f-11dc-9be1-001bfc0845cf}\Shell\Auto\command - "" = K:\auto.exe
O33 - MountPoints2\{a938a3b0-032f-11dc-9be1-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\auto.exe
O33 - MountPoints2\{a9ced79a-032f-11dc-b483-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{a9d1384c-032f-11dc-9bd3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{aa650c41-032f-11dc-89fa-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\AutoRun\command - "" = L:\RECYCLER.exe F:\
O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\Explore\command - "" = L:\RECYCLER.exe F:\
O33 - MountPoints2\{aa676e05-032f-11dc-b19c-001bfc0845cf}\Shell\Open\command - "" = L:\RECYCLER.exe F:\
O33 - MountPoints2\{aafd9e08-032f-11dc-90ae-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{aafd9e08-032f-11dc-90ae-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{aafda28a-032f-11dc-91b3-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{afd2d5a6-1d83-11e1-b6a7-001bfc0845cf}\Shell - "" = AutoRun
O33 - MountPoints2\{afd2d5a6-1d83-11e1-b6a7-001bfc0845cf}\Shell\AutoRun\command - "" = N:\LaunchU3.exe -a
O33 - MountPoints2\{b8ae5f20-032f-11dc-a2ca-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{b8ae5f20-032f-11dc-a2ca-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\{ba782168-032f-11dc-99fd-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\copy.exe
O33 - MountPoints2\{ba78241f-032f-11dc-b9f6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\{ba78241f-032f-11dc-b9f6-001bfc0845cf}\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\AutoRun\command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\Explore\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ba7ce90a-032f-11dc-900a-001bfc0845cf}\Shell\Open\Command - "" = System\Security\DriveGuard.exe -run
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\AuToplaY\comMAnD - "" = hyaj.pif
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\AutoRun\command - "" = hyaj.pif
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\exPlore\CoMMand - "" = hyaj.pif
O33 - MountPoints2\{ba81af59-032f-11dc-9f92-001bfc0845cf}\Shell\opeN\command - "" = hyaj.pif
O33 - MountPoints2\{bce1a841-032f-11dc-8e23-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\{bce1a841-032f-11dc-8e23-001bfc0845cf}\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\{cd0cdea7-5f6b-11dc-ab81-001bfc0845cf}\Shell\AutoRun\command - "" = .\Highspeed drivers.exe
O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\1\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\2\Command - "" = N:\Recycle.exe
O33 - MountPoints2\{d20197c8-60fd-11dc-90e6-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycle.exe
O33 - MountPoints2\{d4619373-678a-11dc-adda-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe
O33 - MountPoints2\{d80c664a-6b4e-11dc-9992-001bfc0845cf}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Recycled\ctfmon.exe
O33 - MountPoints2\{d80c664a-6b4e-11dc-9992-001bfc0845cf}\Shell\Open(&0)\command - "" = K:\Recycled\ctfmon.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\Recycled\ctfmon.exe
O33 - MountPoints2\F\Shell\Open(&0)\command - "" = F:\Recycled\ctfmon.exe
O33 - MountPoints2\I\Shell\1\Command - "" = I:\Recycle.exe
O33 - MountPoints2\I\Shell\2\Command - "" = I:\Recycle.exe
O33 - MountPoints2\I\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\Recycle.exe
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\N\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL N:\Recycled\ctfmon.exe
O33 - MountPoints2\N\Shell\Open(&0)\command - "" = N:\Recycled\ctfmon.exe
O33 - MountPoints2\P\Shell\1\Command - "" = P:\Recycle.exe
O33 - MountPoints2\P\Shell\2\Command - "" = P:\Recycle.exe
O33 - MountPoints2\P\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL P:\Recycle.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/23 03:43:33 | 000,095,744 | ---- | C] (Kassl GmbH) -- C:\Users\Alle\AppData\Roaming\dwlGina3.dll
[2012/01/23 03:14:23 | 000,363,008 | ---- | C] (Pinnacle Systems) -- C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe
[2012/01/17 03:56:53 | 000,000,000 | ---D | C] -- C:\Users\Alle\Desktop\TIP
[2012/01/17 03:35:50 | 000,000,000 | ---D | C] -- C:\Users\Alle\AppData\Roaming\Apple Computer
[2012/01/11 05:59:13 | 000,000,000 | ---D | C] -- C:\Users\Alle\Desktop\SCHÄFER cd
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/23 05:52:20 | 000,641,106 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/01/23 05:52:20 | 000,291,936 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/23 05:52:20 | 000,116,500 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/01/23 05:52:20 | 000,034,978 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/23 05:48:07 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/23 05:48:07 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/23 05:47:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/23 03:43:33 | 000,095,744 | ---- | M] (Kassl GmbH) -- C:\Users\Alle\AppData\Roaming\dwlGina3.dll
[2012/01/23 03:14:20 | 000,363,008 | ---- | M] (Pinnacle Systems) -- C:\Users\Alle\AppData\Roaming\5u4hw45eu.exe
[2012/01/23 03:13:48 | 087,231,418 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/01/20 11:23:33 | 000,272,928 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/01/17 04:50:40 | 000,207,872 | ---- | M] () -- C:\Users\Alle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/17 03:35:33 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2012/01/17 03:35:33 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/17 03:35:33 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2012/01/17 03:35:33 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2011/10/19 10:58:03 | 000,000,680 | ---- | C] () -- C:\Users\Alle\AppData\Local\d3d9caps.dat
[2011/10/08 07:55:22 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/26 12:04:56 | 000,010,752 | ---- | C] () -- C:\Windows\System32\KOBJUT_L.DLL
[2010/01/27 06:59:00 | 000,010,752 | ---- | C] () -- C:\Windows\System32\KOBJUJ_L.DLL
[2007/11/15 06:57:00 | 000,013,312 | ---- | C] () -- C:\Windows\System32\KOBJUA_L.DLL
[2007/09/07 11:01:23 | 000,000,182 | ---- | C] () -- C:\Windows\System32\EBPPORT.DAT
[2007/09/03 04:31:16 | 000,434,176 | ---- | C] () -- C:\Windows\System32\CNQL3203.DLL
[2007/09/03 03:58:23 | 000,207,872 | ---- | C] () -- C:\Users\Alle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/06 13:34:31 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007/08/06 13:34:29 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2007/08/06 05:00:53 | 000,135,168 | ---- | C] () -- C:\Windows\System32\property.dll
[2007/05/16 00:15:22 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2007/05/15 19:21:37 | 000,143,360 | ---- | C] () -- C:\Windows\System32\PF1800LC.Dll
[2007/05/15 19:21:37 | 000,049,152 | ---- | C] () -- C:\Windows\System32\PWiaExt.dll
[2007/05/15 19:21:37 | 000,010,624 | ---- | C] () -- C:\Windows\System32\GENEUSB.SYS
[2007/05/15 19:21:37 | 000,010,624 | ---- | C] () -- C:\Windows\System32\drivers\GENEUSB.SYS
[2007/05/15 19:21:36 | 000,155,648 | ---- | C] () -- C:\Windows\System32\daspi32u.dll
[2007/05/15 19:21:36 | 000,106,496 | ---- | C] () -- C:\Windows\System32\IO_PORT.DLL
[2007/05/15 19:21:36 | 000,102,400 | ---- | C] () -- C:\Windows\System32\FVC.DLL
[2007/05/15 19:21:36 | 000,032,768 | ---- | C] () -- C:\Windows\System32\SQ1394.DLL
[2007/05/15 19:21:36 | 000,000,234 | ---- | C] () -- C:\Windows\Scanner.ini
[2007/05/15 19:18:16 | 000,000,000 | ---- | C] () -- C:\Users\Alle\AppData\Roaming\wklnhst.dat
[2007/05/15 18:54:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2007/05/15 18:54:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2007/05/15 18:54:23 | 000,001,025 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2007/05/15 18:54:23 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2007/05/15 18:54:23 | 000,000,073 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2006/11/02 10:38:05 | 000,641,106 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006/11/02 10:38:05 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006/11/02 10:38:05 | 000,116,500 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006/11/02 10:38:05 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006/11/02 07:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:44:53 | 000,395,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:33:01 | 000,291,936 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,034,978 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/11/02 02:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006/11/02 02:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006/08/11 02:52:02 | 000,012,288 | ---- | C] () -- C:\Windows\System32\EvOnlDiag.dll

========== LOP Check ==========

[2011/10/06 10:34:55 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\AVG2012
[2007/05/15 21:17:12 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\Canon
[2007/05/16 03:06:56 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\EFSoftware
[2011/10/06 07:50:37 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\GetRightToGo
[2007/05/15 19:23:23 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\PIE
[2007/09/05 06:53:11 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\T-DSL SpeedManager
[2007/05/15 21:28:33 | 000,000,000 | ---D | M] -- C:\Users\Alle\AppData\Roaming\Template
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2011/10/07 02:48:55 | 000,000,000 | ---D | M] -- C:\ProgramData\AVG2012
[2011/10/06 10:27:40 | 000,000,000 | -H-D | M] -- C:\ProgramData\Common Files
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2012/01/23 03:13:54 | 000,000,000 | ---D | M] -- C:\ProgramData\MFAData
[2007/05/15 18:35:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Phase One
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2007/09/05 06:53:14 | 000,000,000 | ---D | M] -- C:\ProgramData\T-DSL SpeedManager
[2006/11/02 07:59:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/01/18 04:59:49 | 000,000,000 | ---D | M] -- C:\ProgramData\tmp
[2007/09/01 07:31:48 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2012/01/23 03:41:09 | 000,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========


< End of report >

 

Themen zu Ebenso Probleme mit DWLGINA3.dll
.dll, avg, bho, cdrom, defender, disabletaskmgr, explorer, firefox, format, generic, home, logfile, microsoft, nvidia, pdf, realtek, registry, rundll, scan, security, software, starten, symantec, ups, vista, winlogon, wscript.exe


« Seit ein paar tagen geht das Fenster aufmachen in Mozila so langsam und lädt immer | Trojaner Meldung: JS Redirector KP bei Aufruf Kontaktanfrage in Homepage »


Ähnliche Themen: Ebenso Probleme mit DWLGINA3.dll


  1. Werbung poppt in neuen Tabs auf und ebenso springen auf Werbefenster auf
    Plagegeister aller Art und deren Bekämpfung - 19.02.2015 (15)
  2. Internet extrem langsam, TaskMgr & RegEdit deaktiviert, Sicherheitscenter ebenso.
    Plagegeister aller Art und deren Bekämpfung - 09.07.2014 (13)
  3. Ebenso großen Dank an Schrauber
    Lob, Kritik und Wünsche - 07.05.2014 (0)
  4. Avg durch Gruppenrichtlinie blockiert. Ebenso Malewarebytes
    Plagegeister aller Art und deren Bekämpfung - 28.04.2014 (7)
  5. Windows 7: Fake Mail von DHL geöffnet und Anhang ebenso
    Plagegeister aller Art und deren Bekämpfung - 24.01.2014 (17)
  6. ebenso infiziert, xp 48 stunden etc....
    Log-Analyse und Auswertung - 16.01.2013 (19)
  7. BKA-/Bundespolizei-Trojaner ebenso ...
    Log-Analyse und Auswertung - 31.03.2012 (1)
  8. Can not find dwlgina3.dll Bitte um Hilfe
    Log-Analyse und Auswertung - 12.02.2012 (3)
  9. can not find dwlgina3.dll
    Log-Analyse und Auswertung - 03.02.2012 (33)
  10. dwlgina3.dll, vista startet nicht mehr
    Log-Analyse und Auswertung - 31.01.2012 (5)
  11. dwlgina3.dll wurde nicht gefunden
    Plagegeister aller Art und deren Bekämpfung - 26.01.2012 (22)
  12. can not find dwlgina3.dll. windows 7 startet nicht.
    Plagegeister aller Art und deren Bekämpfung - 24.01.2012 (7)
  13. dwlgina3.dll a not found
    Plagegeister aller Art und deren Bekämpfung - 22.01.2012 (3)
  14. Windows 7: can not find dwlgina3.dll
    Log-Analyse und Auswertung - 11.01.2012 (5)
  15. Internet Explorer öffnet sich von allein, ebenso Fenster mit Werbung
    Log-Analyse und Auswertung - 04.05.2010 (4)
  16. Pc hackt firefox ebenso
    Plagegeister aller Art und deren Bekämpfung - 06.04.2009 (0)
  17. Antivirus streikt, Drucker ebenso - Logfile!
    Log-Analyse und Auswertung - 20.02.2006 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ebenso Probleme mit DWLGINA3.dll - Hallo ich hab Probleme wegen nicht gefundener DWLGina3.dll kann nicht in den abgesichterten Modus, kann kein Recovery starten, Das ist ist die Datei mit OTLPE erstellt, ich weiß nicht weiter. - Ebenso Probleme mit DWLGINA3.dll...
Archiv
Du betrachtest: Ebenso Probleme mit DWLGINA3.dll auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131