Cyber Crime Investigation Department - OTL-txt

Zomo89 · 19.08.2012, 14:10

Bitte um weitere Hilfe.....

Big THX schon im Voraus

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 8/19/2012 3:56:14 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
767.00 Mb Total Physical Memory | 525.00 Mb Available Physical Memory | 68.00% Memory free
707.00 Mb Paging File | 585.00 Mb Available in Paging File | 83.00% Paging File free
Paging file location(s): C:\pagefile.sys 1152 2304 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48.83 Gb Total Space | 12.79 Gb Free Space | 26.19% Space Free | Partition Type: NTFS
Drive D: | 100.21 Gb Total Space | 70.08 Gb Free Space | 69.93% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] --  -- (TLQPAWC)
SRV - File not found [On_Demand] --  -- (COVOFHMEZQM)
SRV - [2012/08/15 09:28:35 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/21 11:18:19 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/11 05:33:26 | 000,724,376 | ---- | M] (Nokia) [On_Demand] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/07/01 04:34:24 | 000,428,200 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011/07/01 04:34:24 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/27 15:54:53 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/02/19 14:31:44 | 000,067,360 | ---- | M] (NOS Microsystems Ltd.) [On_Demand] -- C:\Programme\NOS\bin\getPlus_Helper.dll -- (getPlusHelper) getPlus(R)
SRV - [2010/01/15 08:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/23 07:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/04/22 16:16:38 | 000,068,096 | ---- | M] () [On_Demand] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2008/02/05 13:22:36 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2008/02/05 13:20:42 | 000,150,040 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2008/02/05 13:18:48 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2008/01/22 04:35:52 | 000,103,808 | ---- | M] () [Auto] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/11/29 14:50:00 | 000,254,007 | ---- | M] (Broadcom Corporation.) [Auto] -- C:\Programme\Bluetooth\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2004/09/29 06:14:36 | 000,069,632 | ---- | M] (HP) [Auto] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/06/19 18:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2002/12/17 11:26:22 | 007,520,337 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -- (MSSQL$SONY_MEDIAMGR)
SRV - [2002/12/17 11:23:30 | 000,311,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -- (SQLAgent$SONY_MEDIAMGR)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WinDriver)
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Adapter | On_Demand] --  -- (Tmserrvin)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (mferkdk)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (hwdatacard)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] --  -- (ASFWHide)
DRV - [2012/06/11 05:33:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/01/09 11:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012/01/09 11:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012/01/09 11:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012/01/09 11:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/07/01 04:34:30 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/01 04:34:29 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/05/11 06:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/06 12:08:42 | 000,055,152 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/01/27 17:53:09 | 000,005,632 | ---- | M] () [File_System | System] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2008/09/01 05:55:20 | 000,020,736 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MosIrUsb.sys -- (MosIrUsb)
DRV - [2008/04/13 14:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/02/05 22:21:48 | 000,023,832 | R--- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2008/02/05 22:21:37 | 004,658,456 | R--- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam E3500(UVC)
DRV - [2008/02/05 22:21:25 | 000,041,752 | R--- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2008/02/05 22:20:40 | 000,628,760 | R--- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS)
DRV - [2008/02/05 13:20:08 | 000,025,624 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2008/02/05 13:18:12 | 000,689,176 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006/10/17 06:19:34 | 000,271,360 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2006/10/17 06:19:34 | 000,018,048 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2006/05/31 09:36:15 | 000,002,368 | ---- | M] (AntiCracking) [Kernel | Auto] -- C:\WINDOWS\system32\SVKP.sys -- (SVKP)
DRV - [2006/03/26 08:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/03/24 12:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006/03/13 05:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/11/03 10:40:07 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2005/10/10 08:00:00 | 000,622,172 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005/10/10 08:00:00 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2005/10/10 08:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2005/10/10 08:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2005/10/10 08:00:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2005/10/10 08:00:00 | 000,006,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\viaidexp.sys -- (ViaIde)
DRV - [2004/11/29 14:34:38 | 000,023,271 | ---- | M] (Broadcom Corporation.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\btserial.sys -- (BTSERIAL)
DRV - [2004/11/29 14:34:32 | 000,222,876 | ---- | M] (Broadcom Corporation.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\btslbcsp.sys -- (BTSLBCSP)
DRV - [2004/11/29 14:34:20 | 000,148,040 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2004/11/29 14:33:14 | 001,337,850 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2004/11/29 14:31:16 | 000,030,299 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2004/11/29 14:30:44 | 000,055,320 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btwusb.sys -- (BTWUSB)
DRV - [2004/09/07 13:11:32 | 000,040,856 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\stusb2ir.sys -- (stusb2ir)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.telekom.at
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Florian_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKU\Florian_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.telekom.at
IE - HKU\Florian_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..network.proxy.type: 4
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer:  File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\bkmrksync@nokia.com: C:\Programme\Nokia\Nokia PC Suite 7\bkmrksync\ [2012/07/12 15:26:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/07/21 11:18:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/04/11 17:24:52 | 000,000,000 | ---D | M]
 
[2008/12/07 06:36:40 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mozilla\Extensions
[2011/12/12 19:30:22 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mozilla\Firefox\Profiles\qwpvw1j4.default\extensions
[2011/03/06 10:55:59 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mozilla\Firefox\Profiles\qwpvw1j4.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/12/12 19:30:22 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mozilla\Firefox\Profiles\qwpvw1j4.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/06/03 17:06:34 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mozilla\Firefox\Profiles\qwpvw1j4.default\extensions\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}
[2010/09/03 18:16:04 | 000,002,253 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\qwpvw1j4.default\searchplugins\askcom.xml
[2011/12/31 18:03:40 | 000,000,950 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\qwpvw1j4.default\searchplugins\icqplugin.xml
[2008/10/24 18:04:12 | 000,000,438 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\qwpvw1j4.default\searchplugins\imdb.xml
[2009/06/23 14:32:56 | 000,001,632 | ---- | M] () -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Mozilla\Firefox\Profiles\qwpvw1j4.default\searchplugins\live-search.xml
[2012/02/05 08:46:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- 
[2012/07/21 11:18:20 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011/11/10 00:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012/07/01 09:20:32 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/07/01 09:20:32 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/07/01 09:20:32 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/07/01 09:20:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/07/01 09:20:32 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/07/01 09:20:32 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010/09/04 11:37:10 | 000,417,887 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.0scan.com
O1 - Hosts: 127.0.0.1    0scan.com
O1 - Hosts: 127.0.0.1    1000gratisproben.com
O1 - Hosts: 127.0.0.1    www.1000gratisproben.com
O1 - Hosts: 127.0.0.1    1001namen.com
O1 - Hosts: 127.0.0.1    www.1001namen.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    www.1-2005-search.com
O1 - Hosts: 127.0.0.1    1-2005-search.com
O1 - Hosts: 14418 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found.
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Programme\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [KernelFaultCheck]  File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\Administrator_ON_C..\Run: [OnlineFestplatte] C:\Programme\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\Administrator_ON_C..\Run: [PC Suite Tray] C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\Administrator_ON_C..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\Florian_ON_C..\Run: [OnlineFestplatte] C:\Programme\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKU\Administrator_ON_C..\RunOnce: [FlashPlayerUpdate]  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Florian_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Senden an &Bluetooth - C:\Programme\Bluetooth\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Programme\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -  File not found
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -  File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Bluetooth\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1233513522796 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18 - Protocol\Handler\bwfile-8876480 {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programme\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll (Logitech Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\widimg {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:\WINDOWS\system32\BTXPPanel.dll (Broadcom Corporation.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (sockspy.dll) -  File not found
O20 - AppInit_DLLs: (sockspy.dll) -  File not found
O20 - AppInit_DLLs: (sockspy.dll) -  File not found
O20 - AppInit_DLLs: (sockspy.dll) -  File not found
O20 - AppInit_DLLs: (sockspy.dll) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/01/19 03:54:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\Shell - "" = AutoRun
O33 - MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\Shell\AutoRun\command - "" = L:\RunGame.exe
O33 - MountPoints2\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\Shell\Auto\command - "" = peztmqugv.exe
O33 - MountPoints2\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL peztmqugv.exe
O33 - MountPoints2\{6cdbfa72-5554-11db-a22e-c384fef0d553}\Shell\Auto\command - "" = npceafzsg.exe
O33 - MountPoints2\{6cdbfa72-5554-11db-a22e-c384fef0d553}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{6cdbfa72-5554-11db-a22e-c384fef0d553}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL npceafzsg.exe
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell - "" = AutoRun
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL \RECYCLER\{36436-46377-473674}\services.exe
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell\Open\CoMManD - "" = \RECYCLER\{36436-46377-473674}\services.exe
O33 - MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun
O33 - MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun
O33 - MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun
O33 - MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun
O33 - MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[975 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[12 C:\WINDOWS\Fonts\*.tmp files -> C:\WINDOWS\Fonts\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/08/19 08:42:02 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/19 08:22:51 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ism_0_llatsni.pad
[2012/08/19 08:16:59 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job
[2012/08/18 12:28:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/08/18 10:00:00 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job
[2012/08/18 09:47:44 | 000,001,629 | ---- | M] () -- C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk
[2012/08/18 09:32:28 | 000,299,640 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/18 09:30:46 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/08/18 08:55:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/15 09:28:34 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/15 09:28:34 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/08/09 15:42:03 | 000,002,527 | ---- | M] () -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Verknüpfung mit Microsoft Office Word 2003.lnk
[975 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/08/18 09:47:43 | 000,001,629 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk
[2012/08/18 09:47:40 | 004,503,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ism_0_llatsni.pad
[2012/04/09 05:32:52 | 000,005,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/14 14:07:57 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Florian\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011/03/16 04:57:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\shutdownaware.exe
[2011/03/16 04:57:29 | 000,159,790 | ---- | C] () -- C:\WINDOWS\DelKeyXP.exe
[2011/03/16 04:57:29 | 000,159,788 | ---- | C] () -- C:\WINDOWS\DelKey.exe
[2011/03/16 04:57:29 | 000,086,056 | ---- | C] () -- C:\WINDOWS\System32\drivers\CAMUSB.SYS
[2011/03/16 04:43:43 | 000,001,743 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2009/12/30 07:02:19 | 000,020,736 | R--- | C] () -- C:\WINDOWS\System32\drivers\MosIrUsb.sys
[2009/08/15 09:28:19 | 000,000,838 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\FASTWiz.html
[2009/08/10 14:54:43 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2009/08/03 09:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 09:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/01/27 18:04:00 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2009/01/27 17:16:14 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2008/12/11 13:41:25 | 000,066,482 | R--- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2008/11/12 16:14:45 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2008/10/11 13:24:35 | 000,014,852 | ---- | C] () -- C:\Programme\settings.dat
[2008/05/27 12:07:12 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2008/02/05 13:20:08 | 000,025,624 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2007/12/08 17:01:50 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2007/03/04 08:39:18 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2007/03/04 08:39:17 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2007/03/04 08:39:17 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2007/03/04 08:37:16 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007/02/07 14:00:11 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/02/07 13:59:52 | 000,107,132 | ---- | C] () -- C:\WINDOWS\UninstallFirefox.exe
[2007/02/07 13:59:32 | 000,002,878 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2006/12/24 17:28:22 | 000,005,870 | R--- | C] () -- C:\WINDOWS\GenAmvTool.INI
[2006/12/24 17:27:52 | 000,008,157 | ---- | C] () -- C:\WINDOWS\AmvPlayer.ini
[2006/12/24 17:27:52 | 000,000,170 | ---- | C] () -- C:\WINDOWS\settings.ini
[2006/12/24 17:27:51 | 000,009,279 | ---- | C] () -- C:\WINDOWS\AmvTransform.ini
[2006/12/24 17:27:51 | 000,007,207 | R--- | C] () -- C:\WINDOWS\Disktool.INI
[2006/12/24 17:27:51 | 000,006,565 | R--- | C] () -- C:\WINDOWS\fwupgrade.ini
[2006/12/24 17:27:51 | 000,003,677 | R--- | C] () -- C:\WINDOWS\SoundCon.INI
[2006/12/17 13:29:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PROTOCOL.INI
[2006/12/12 14:25:05 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2006/10/17 06:19:34 | 000,271,360 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2006/10/17 06:19:34 | 000,018,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2006/08/12 07:49:06 | 000,000,873 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2006/07/07 13:42:56 | 000,080,814 | ---- | C] () -- C:\WINDOWS\hpfins05.dat
[2006/07/07 13:42:56 | 000,001,350 | ---- | C] () -- C:\WINDOWS\hpfmdl05.dat
[2006/06/25 06:03:03 | 000,213,035 | R--- | C] () -- C:\WINDOWS\nwydll.dll
[2006/06/25 06:03:03 | 000,192,559 | R--- | C] () -- C:\WINDOWS\confignt.exe
[2006/06/25 06:03:03 | 000,172,075 | R--- | C] () -- C:\WINDOWS\nsuser.exe
[2006/06/25 06:03:03 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NetwayInstallParams.ini
[2006/05/31 09:28:39 | 000,000,077 | ---- | C] () -- C:\WINDOWS\kaiser.ini
[2006/04/10 06:52:21 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2006/03/21 12:08:26 | 000,000,040 | ---- | C] () -- C:\WINDOWS\RSoftInfo.dat
[2006/03/04 12:56:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\prestopm.INI
[2006/03/04 12:56:09 | 000,000,029 | ---- | C] () -- C:\WINDOWS\DEBUGSM.INI
[2006/03/01 14:28:24 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit.INI
[2006/02/01 10:20:06 | 000,148,480 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/01/30 14:14:16 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Pex.INI
[2006/01/30 14:11:15 | 000,000,513 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2006/01/22 10:31:11 | 000,000,107 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\default.pls
[2006/01/20 16:47:30 | 000,012,319 | ---- | C] () -- C:\WINDOWS\cdPlayer.ini
[2006/01/20 13:40:02 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2006/01/20 13:40:02 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2006/01/20 09:51:05 | 000,000,193 | ---- | C] () -- C:\WINDOWS\hpc.ini
[2006/01/19 05:07:17 | 000,013,991 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\x_dtrace_log
[2006/01/19 05:07:17 | 000,000,045 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\getfile.dat
[2006/01/19 04:48:10 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/01/19 04:18:38 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/01/19 04:01:00 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/01/19 03:51:42 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/01/19 03:46:32 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/01/19 03:45:24 | 000,299,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/10/10 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/10/10 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/10/10 08:00:00 | 000,480,968 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2005/10/10 08:00:00 | 000,462,656 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/10/10 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/10/10 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2005/10/10 08:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004653_.tmp.dll
[2005/10/10 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/10/10 08:00:00 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/10/10 08:00:00 | 000,093,860 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2005/10/10 08:00:00 | 000,080,386 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/10/10 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/10/10 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2005/10/10 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/10/10 08:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004621_.tmp.dll
[2005/10/10 08:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/10/10 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/10/10 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/10/10 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/04/28 00:22:38 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2005/04/28 00:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/04/28 00:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2005/04/27 16:38:00 | 000,372,736 | ---- | C] () -- C:\WINDOWS\System32\hpzidi01.dll
[2005/04/27 16:37:49 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\hpzids01.dll
[2004/11/29 14:44:04 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/11/14 07:56:00 | 001,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
[1999/03/03 05:39:29 | 000,036,352 | ---- | C] () -- C:\WINDOWS\hpfsched.exe
 
========== LOP Check ==========
 
[2006/01/26 10:26:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Atari
[2009/04/17 16:35:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Canon
[2009/05/09 02:47:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\DriverCure
[2006/12/28 13:00:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Ebner
[2006/03/05 09:12:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\EPSON
[2007/11/04 08:56:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Gearbox Software
[2009/02/08 17:27:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\HappyFoto
[2006/01/20 17:08:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ICQLite
[2006/07/08 05:10:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Image Zone Express
[2008/12/11 13:38:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Leadertech
[2007/10/01 13:46:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\MCMPEGEnc
[2010/02/15 12:45:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\mquadr.at
[2010/11/29 04:34:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Nokia
[2010/11/29 04:35:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\PC Suite
[2007/09/27 15:31:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Publish Providers
[2009/01/27 18:06:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Samsung
[2007/11/02 16:08:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\SecondLife
[2007/11/22 13:24:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sony
[2007/09/27 11:26:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Sony Setup
[2006/01/19 04:04:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\TuneUp Software
[2006/01/20 09:56:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Ulead Systems
[2012/02/18 10:03:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Canon
[2012/01/14 05:08:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\mquadr.at
[2012/07/12 15:42:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\Nokia
[2012/07/12 15:47:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Florian\Anwendungsdaten\PC Suite
[2007/06/11 15:12:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avg7
[2009/04/17 15:19:57 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012/05/17 04:14:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJ
[2009/10/27 14:38:23 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX
[2009/04/17 15:28:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter
[2012/08/09 15:27:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2009/04/17 16:35:24 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan
[2009/04/17 15:28:56 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenu
[2009/05/09 04:49:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverCure
[2012/07/12 15:21:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2010/02/15 12:45:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\m2backup
[2008/12/25 07:34:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier
[2010/02/15 12:46:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at
[2006/05/26 06:49:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2006/12/10 12:33:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Network Associates
[2009/05/09 02:47:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ParetoLogic
[2009/09/06 16:13:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2010/11/29 04:34:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010/05/20 08:03:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2008/12/29 16:56:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2006/01/30 14:11:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2007/07/04 10:03:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2010/02/15 12:44:54 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{121AD2BC-C528-40F6-AA74-A5E1962657DF}
[2011/01/19 05:47:51 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{392ECEAB-FD15-485B-8C44-C2C591EDECB5}
[2010/02/15 12:44:15 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{7FDC9DDA-8828-4A49-A615-2E0A4EE0F0E2}
[2010/02/09 16:17:29 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{DEC678D1-B2BE-43DD-B123-21503011D8C9}
[2012/01/06 12:15:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 346 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF
@Alternate Data Stream - 126 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1
< End of report >

--- --- ---

t'john · 19.08.2012, 18:00

Fixen mit OTLpe

Starte den unbootbaren Computer erneut mit der OTLPE-CD,
warte bis der Reatogo-X-Pe-Desktop erscheint und doppelklicke das OTLPE-Icon.

Kopiere folgendes Skript in das Textfeld unterhalb von Custom Scans/Fixes:
Sollte das mangels Internet-Verbindung nicht möglich sein,
kopiere den Text aus der folgenden Code-Box und speichere ihn als Fix.txt auf einen USB-Stick.
Schließe den USB-Stick an den Computer an und öffne Fix.txt mit dem Explorer auf dem Reatogo-Desktop.
Kopiere den Inhalt von Fix.txt in das Textfeld unterhalb von Custom Scans/Fixes:

Code:

ATTFilter

:OTL
SRV - File not found [On_Demand] -- -- (TLQPAWC) 
SRV - File not found [On_Demand] -- -- (COVOFHMEZQM) 
DRV - File not found [Kernel | On_Demand] -- -- (WinDriver) 
DRV - File not found [Kernel | On_Demand] -- -- (WDICA) 
DRV - File not found [Adapter | On_Demand] -- -- (Tmserrvin) 
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) 
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) 
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) 
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) 
DRV - File not found [Kernel | System] -- -- (PCIDump) 
DRV - File not found [Kernel | System] -- -- (mferkdk) 
DRV - File not found [Kernel | System] -- -- (lbrtfdc) 
DRV - File not found [Kernel | System] -- -- (i2omgmt) 
DRV - File not found [Kernel | On_Demand] -- -- (hwdatacard) 
DRV - File not found [Kernel | System] -- -- (Changer) 
DRV - File not found [Kernel | On_Demand] -- -- (ASFWHide) 
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie 
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\Florian_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - prefs.js..browser.search.defaultengine: "Ask.com" 
FF - prefs.js..browser.search.defaultenginename: "Ask.com" 
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q=" 
FF - prefs.js..browser.search.order.1: "Ask.com" 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163" 
FF - prefs.js..browser.search.selectedEngine: "Google" 
FF - prefs.js..browser.search.useDBForOrder: true 
FF - prefs.js..browser.startup.homepage: "http://www.google.at/" 
FF - prefs.js..network.proxy.type: 4 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found 
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: File not found 
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No CLSID value found. 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. 
O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found. 
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. 
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) 
O4 - HKLM..\Run: [KernelFaultCheck] File not found 
O4 - HKU\Administrator_ON_C..\RunOnce: [FlashPlayerUpdate] File not found 
O4 - Startup: C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 
O7 - HKU\Florian_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found 
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) 
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) 
O20 - AppInit_DLLs: (sockspy.dll) - File not found 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2006/01/19 03:54:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] 
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] 
O33 - MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\Shell - "" = AutoRun 
O33 - MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\Shell\AutoRun\command - "" = L:\RunGame.exe 
O33 - MountPoints2\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL peztmqugv.exe 
O33 - MountPoints2\{6cdbfa72-5554-11db-a22e-c384fef0d553}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{6cdbfa72-5554-11db-a22e-c384fef0d553}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL npceafzsg.exe 
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL \RECYCLER\{36436-46377-473674}\services.exe 
O33 - MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O34 - HKLM BootExecute: (autocheck autochk *) - File not found 
[975 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] 
[2005/10/10 08:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004653_.tmp.dll 
[2005/10/10 08:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004621_.tmp.dll 
@Alternate Data Stream - 346 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:05EE1EEF 
@Alternate Data Stream - 126 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:D1B5B4F1 
[2012/08/19 08:22:51 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ism_0_llatsni.pad 

[2012/08/18 09:47:44 | 000,001,629 | ---- | M] () -- C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk 

[2012/01/06 12:15:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job 
:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\OTLpe\MovedFiles\<datum_nummer.log>
Teste, ob den Computer nun wieder in den normalen Windows-Modus booten kannst und berichte.

t'john · 19.08.2012, 18:47

Fixen mit OTL

Lade (falls noch nicht vorhanden) OTL von Oldtimer herunter und speichere es auf Deinem Desktop (nicht woanders hin).

Deaktiviere etwaige Virenscanner wie Avira, Kaspersky etc.
Starte die OTL.exe.
Vista- und Windows 7-User starten mit Rechtsklick auf das Programm-Icon und wählen "Als Administrator ausführen".
Kopiere folgendes Skript in das Textfeld unterhalb von Benuterdefinierte Scans/Fixes:

Code:

ATTFilter

:OTL
SRV - File not found [On_Demand] -- -- (TLQPAWC) 
SRV - File not found [On_Demand] -- -- (COVOFHMEZQM) 
DRV - File not found [Kernel | On_Demand] -- -- (WinDriver) 
DRV - File not found [Kernel | On_Demand] -- -- (WDICA) 
DRV - File not found [Adapter | On_Demand] -- -- (Tmserrvin) 
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) 
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) 
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) 
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) 
DRV - File not found [Kernel | System] -- -- (PCIDump) 
DRV - File not found [Kernel | System] -- -- (mferkdk) 
DRV - File not found [Kernel | System] -- -- (lbrtfdc) 
DRV - File not found [Kernel | System] -- -- (i2omgmt) 
DRV - File not found [Kernel | On_Demand] -- -- (hwdatacard) 
DRV - File not found [Kernel | System] -- -- (Changer) 
DRV - File not found [Kernel | On_Demand] -- -- (ASFWHide) 
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie 
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\Florian_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - prefs.js..browser.search.defaultengine: "Ask.com" 
FF - prefs.js..browser.search.defaultenginename: "Ask.com" 
FF - prefs.js..browser.search.defaulturl: "http://search.live.com/results.aspx?FORM=IEFM1&q=" 
FF - prefs.js..browser.search.order.1: "Ask.com" 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=971163" 
FF - prefs.js..browser.search.selectedEngine: "Google" 
FF - prefs.js..browser.search.useDBForOrder: true 
FF - prefs.js..browser.startup.homepage: "http://www.google.at/" 
FF - prefs.js..network.proxy.type: 4 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found 
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: File not found 
File not found (No name found) -- 
O2 - BHO: (no name) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - No CLSID value found. 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. 
O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found. 
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found. 
O3 - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. 
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation) 
O4 - HKLM..\Run: [KernelFaultCheck] File not found 
O4 - HKU\Administrator_ON_C..\RunOnce: [FlashPlayerUpdate] File not found 
O4 - Startup: C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 
O7 - HKU\Florian_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found 
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - File not found 
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) 
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) 
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) 
O20 - AppInit_DLLs: (sockspy.dll) - File not found 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2006/01/19 03:54:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] 
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] 
O33 - MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\Shell - "" = AutoRun 
O33 - MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\Shell\AutoRun\command - "" = L:\RunGame.exe 
O33 - MountPoints2\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL peztmqugv.exe 
O33 - MountPoints2\{6cdbfa72-5554-11db-a22e-c384fef0d553}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{6cdbfa72-5554-11db-a22e-c384fef0d553}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL npceafzsg.exe 
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL \RECYCLER\{36436-46377-473674}\services.exe 
O33 - MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O33 - MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\Shell - "" = AutoRun 
O33 - MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\Shell\AutoRun\command - "" = G:\AutoRun.exe 
O34 - HKLM BootExecute: (autocheck autochk *) - File not found 
[975 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] 
[2005/10/10 08:00:00 | 000,249,270 | ---- | C] () -- C:\WINDOWS\System32\_004653_.tmp.dll 
[2005/10/10 08:00:00 | 000,022,040 | ---- | C] () -- C:\WINDOWS\System32\_004621_.tmp.dll 
@Alternate Data Stream - 346 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:05EE1EEF 
@Alternate Data Stream - 126 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:D1B5B4F1 
[2012/08/19 08:22:51 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ism_0_llatsni.pad 
[2012/08/19 08:16:59 | 000,001,098 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachine.job 
[2012/08/18 12:28:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job 
[2012/08/18 10:00:00 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\HPpromotions journeysoftware.job 
[2012/08/18 09:47:44 | 000,001,629 | ---- | M] () -- C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk 

[2012/01/06 12:15:00 | 000,000,408 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job 
:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]

Schließe alle Programme.
Klicke auf den Fix Button.
Wenn OTL einen Neustart verlangt, bitte zulassen.
Kopiere den Inhalt des Logfiles hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\_OTL\MovedFiles\<datum_nummer.log>

Hinweis für Mitleser: Obiges OTL-Script ist ausschließlich für diesen User in dieser Situtation erstellt worden.
Auf keinen Fall auf anderen Rechnern anwenden, das kann andere Systeme nachhaltig schädigen!

Zomo89 · 20.08.2012, 17:35

Hier das Logfile:

Zitat:

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\TLQPAWC deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\COVOFHMEZQM deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\WinDriver deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\WDICA deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tmserrvin deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\PDRFRAME deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\PDRELI deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\PDFRAME deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\PDCOMP deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\PCIDump deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\mferkdk deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\lbrtfdc deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\i2omgmt deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\hwdatacard deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Changer deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ASFWHide deleted successfully.
HKLM\Software\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\Florian_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
Prefs.js: "Ask.com" removed from browser.search.defaultengine
Prefs.js: "Ask.com" removed from browser.search.defaultenginename
Prefs.js: "hxxp://search.live.com/results.aspx?FORM=IEFM1&q=" removed from browser.search.defaulturl
Prefs.js: "Ask.com" removed from browser.search.order.1
Prefs.js: "chr-greentree_ff&type=971163" removed from browser.search.param.yahoo-fr
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "hxxp://www.google.at/" removed from browser.startup.homepage
Prefs.js: 4 removed from network.proxy.type
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E33CF602-D945-461A-83F0-819F76A199F8}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\Administrator_ON_C\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_USERS\Administrator_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_USERS\Administrator_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}\ not found.
Registry value HKEY_USERS\Administrator_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_USERS\Administrator_ON_C\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM Startup deleted successfully.
C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry value HKEY_USERS\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\RunOnce\\FlashPlayerUpdate deleted successfully.
C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk moved successfully.
File move failed. X:\I386\SYSTEM32\RUNDLL32.EXE scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoCDBurning deleted successfully.
Registry value HKEY_USERS\Florian_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B863453A-26C3-4e1f-A54D-A2CD196348E9}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\Florian_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
C:\WINDOWS\Downloaded Program Files\erma.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_USERS\Florian_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Florian_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Florian_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Florian_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Administrator_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\Florian_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\LocalService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\NetworkService_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_USERS\systemprofile_ON_C\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:sockspy.dll deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
File move failed. X:\AUTORUN.INF scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38e5993e-8e6e-11da-a071-e965082d7355}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38e5993e-8e6e-11da-a071-e965082d7355}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{38e5993e-8e6e-11da-a071-e965082d7355}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38e5993e-8e6e-11da-a071-e965082d7355}\ not found.
File L:\RunGame.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{587f3c4b-ccf3-11dc-a4c1-000c76590876}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL peztmqugv.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6cdbfa72-5554-11db-a22e-c384fef0d553}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6cdbfa72-5554-11db-a22e-c384fef0d553}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6cdbfa72-5554-11db-a22e-c384fef0d553}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6cdbfa72-5554-11db-a22e-c384fef0d553}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL npceafzsg.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72a211d4-5b5a-11df-99d9-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72a211d4-5b5a-11df-99d9-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72a211d4-5b5a-11df-99d9-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72a211d4-5b5a-11df-99d9-000c76590876}\ not found.
File C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL \RECYCLER\{36436-46377-473674}\services.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb106d1-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb106d1-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb106d1-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb106d1-055b-11de-94ad-000c76590876}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb10aa5-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb10aa5-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb10aa5-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb10aa5-055b-11de-94ad-000c76590876}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb10aa7-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb10aa7-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb10aa7-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb10aa7-055b-11de-94ad-000c76590876}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb10aad-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb10aad-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bfb10aad-055b-11de-94ad-000c76590876}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bfb10aad-055b-11de-94ad-000c76590876}\ not found.
File G:\AutoRun.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Session manager\\BootExecute:autocheck autochk * deleted successfully.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET11F9.tmp deleted successfully.
C:\WINDOWS\System32\SET11FA.tmp deleted successfully.
C:\WINDOWS\System32\SET11FC.tmp deleted successfully.
C:\WINDOWS\System32\SET1201.tmp deleted successfully.
C:\WINDOWS\System32\SET1205.tmp deleted successfully.
C:\WINDOWS\System32\SET120B.tmp deleted successfully.
C:\WINDOWS\System32\SET120E.tmp deleted successfully.
C:\WINDOWS\System32\SET1235.tmp deleted successfully.
C:\WINDOWS\System32\SET1257.tmp deleted successfully.
C:\WINDOWS\System32\SET125D.tmp deleted successfully.
C:\WINDOWS\System32\SET127A.tmp deleted successfully.
C:\WINDOWS\System32\SET12A1.tmp deleted successfully.
C:\WINDOWS\System32\SET12A2.tmp deleted successfully.
C:\WINDOWS\System32\SET12A4.tmp deleted successfully.
C:\WINDOWS\System32\SET12A9.tmp deleted successfully.
C:\WINDOWS\System32\SET12AD.tmp deleted successfully.
C:\WINDOWS\System32\SET12B3.tmp deleted successfully.
C:\WINDOWS\System32\SET12B6.tmp deleted successfully.
C:\WINDOWS\System32\SET12DB.tmp deleted successfully.
C:\WINDOWS\System32\SET12DD.tmp deleted successfully.
C:\WINDOWS\System32\SET12E1.tmp deleted successfully.
C:\WINDOWS\System32\SET12E2.tmp deleted successfully.
C:\WINDOWS\System32\SET12E4.tmp deleted successfully.
C:\WINDOWS\System32\SET12E9.tmp deleted successfully.
C:\WINDOWS\System32\SET12ED.tmp deleted successfully.
C:\WINDOWS\System32\SET12F3.tmp deleted successfully.
C:\WINDOWS\System32\SET12F6.tmp deleted successfully.
C:\WINDOWS\System32\SET12FF.tmp deleted successfully.
C:\WINDOWS\System32\SET1305.tmp deleted successfully.
C:\WINDOWS\System32\SET131F.tmp deleted successfully.
C:\WINDOWS\System32\SET1322.tmp deleted successfully.
C:\WINDOWS\System32\SET1342.tmp deleted successfully.
C:\WINDOWS\System32\SET1348.tmp deleted successfully.
C:\WINDOWS\System32\SET1365.tmp deleted successfully.
C:\WINDOWS\System32\SET1431.tmp deleted successfully.
C:\WINDOWS\System32\SET1433.tmp deleted successfully.
C:\WINDOWS\System32\SET1435.tmp deleted successfully.
C:\WINDOWS\System32\SET143A.tmp deleted successfully.
C:\WINDOWS\System32\SET143D.tmp deleted successfully.
C:\WINDOWS\System32\SET144A.tmp deleted successfully.
C:\WINDOWS\System32\SET144C.tmp deleted successfully.
C:\WINDOWS\System32\SET1450.tmp deleted successfully.
C:\WINDOWS\System32\SET1451.tmp deleted successfully.
C:\WINDOWS\System32\SET1458.tmp deleted successfully.
C:\WINDOWS\System32\SET1459.tmp deleted successfully.
C:\WINDOWS\System32\SET145A.tmp deleted successfully.
C:\WINDOWS\System32\SET145E.tmp deleted successfully.
C:\WINDOWS\System32\SET1460.tmp deleted successfully.
C:\WINDOWS\System32\SET1464.tmp deleted successfully.
C:\WINDOWS\System32\SET1466.tmp deleted successfully.
C:\WINDOWS\System32\SET1469.tmp deleted successfully.
C:\WINDOWS\System32\SET146C.tmp deleted successfully.
C:\WINDOWS\System32\SET1472.tmp deleted successfully.
C:\WINDOWS\System32\SET1478.tmp deleted successfully.
C:\WINDOWS\System32\SET1481.tmp deleted successfully.
C:\WINDOWS\System32\SET1482.tmp deleted successfully.
C:\WINDOWS\System32\SET1487.tmp deleted successfully.
C:\WINDOWS\System32\SET1489.tmp deleted successfully.
C:\WINDOWS\System32\SET148C.tmp deleted successfully.
C:\WINDOWS\System32\SET148D.tmp deleted successfully.
C:\WINDOWS\System32\SET148E.tmp deleted successfully.
C:\WINDOWS\System32\SET1490.tmp deleted successfully.
C:\WINDOWS\System32\SET1492.tmp deleted successfully.
C:\WINDOWS\System32\SET1493.tmp deleted successfully.
C:\WINDOWS\System32\SET1494.tmp deleted successfully.
C:\WINDOWS\System32\SET1495.tmp deleted successfully.
C:\WINDOWS\System32\SET1497.tmp deleted successfully.
C:\WINDOWS\System32\SET1498.tmp deleted successfully.
C:\WINDOWS\System32\SET1499.tmp deleted successfully.
C:\WINDOWS\System32\SET14A1.tmp deleted successfully.
C:\WINDOWS\System32\SET14A3.tmp deleted successfully.
C:\WINDOWS\System32\SET14C8.tmp deleted successfully.
C:\WINDOWS\System32\SET14CD.tmp deleted successfully.
C:\WINDOWS\System32\SET14CE.tmp deleted successfully.
C:\WINDOWS\System32\SET14E0.tmp deleted successfully.
C:\WINDOWS\System32\SET14ED.tmp deleted successfully.
C:\WINDOWS\System32\SET14FD.tmp deleted successfully.
C:\WINDOWS\System32\SET14FE.tmp deleted successfully.
C:\WINDOWS\System32\SET1501.tmp deleted successfully.
C:\WINDOWS\System32\SET1507.tmp deleted successfully.
C:\WINDOWS\System32\SET150F.tmp deleted successfully.
C:\WINDOWS\System32\SET1518.tmp deleted successfully.
C:\WINDOWS\System32\SET1520.tmp deleted successfully.
C:\WINDOWS\System32\SET1525.tmp deleted successfully.
C:\WINDOWS\System32\SET1527.tmp deleted successfully.
C:\WINDOWS\System32\SET1528.tmp deleted successfully.
C:\WINDOWS\System32\SET152A.tmp deleted successfully.
C:\WINDOWS\System32\SET152E.tmp deleted successfully.
C:\WINDOWS\System32\SET1533.tmp deleted successfully.
C:\WINDOWS\System32\SET1541.tmp deleted successfully.
C:\WINDOWS\System32\SET1545.tmp deleted successfully.
C:\WINDOWS\System32\SET154B.tmp deleted successfully.
C:\WINDOWS\System32\SET154D.tmp deleted successfully.
C:\WINDOWS\System32\SET154F.tmp deleted successfully.
C:\WINDOWS\System32\SET1553.tmp deleted successfully.
C:\WINDOWS\System32\SET1560.tmp deleted successfully.
C:\WINDOWS\System32\SET1579.tmp deleted successfully.
C:\WINDOWS\System32\SET157B.tmp deleted successfully.
C:\WINDOWS\System32\SET1583.tmp deleted successfully.
C:\WINDOWS\System32\SET1585.tmp deleted successfully.
C:\WINDOWS\System32\SET158D.tmp deleted successfully.
C:\WINDOWS\System32\SET1595.tmp deleted successfully.
C:\WINDOWS\System32\SET1599.tmp deleted successfully.
C:\WINDOWS\System32\SET159A.tmp deleted successfully.
C:\WINDOWS\System32\SET159B.tmp deleted successfully.
C:\WINDOWS\System32\SET159E.tmp deleted successfully.
C:\WINDOWS\System32\SET15A9.tmp deleted successfully.
C:\WINDOWS\System32\SET15AF.tmp deleted successfully.
C:\WINDOWS\System32\SET15B0.tmp deleted successfully.
C:\WINDOWS\System32\SET15B3.tmp deleted successfully.
C:\WINDOWS\System32\SET15B8.tmp deleted successfully.
C:\WINDOWS\System32\SET15B9.tmp deleted successfully.
C:\WINDOWS\System32\SET15BB.tmp deleted successfully.
C:\WINDOWS\System32\SET15BC.tmp deleted successfully.
C:\WINDOWS\System32\SET15BD.tmp deleted successfully.
C:\WINDOWS\System32\SET15BE.tmp deleted successfully.
C:\WINDOWS\System32\SET15C1.tmp deleted successfully.
C:\WINDOWS\System32\SET15C6.tmp deleted successfully.
C:\WINDOWS\System32\SET15C8.tmp deleted successfully.
C:\WINDOWS\System32\SET15CE.tmp deleted successfully.
C:\WINDOWS\System32\SET15D1.tmp deleted successfully.
C:\WINDOWS\System32\SET15D3.tmp deleted successfully.
C:\WINDOWS\System32\SET15D5.tmp deleted successfully.
C:\WINDOWS\System32\SET15D6.tmp deleted successfully.
C:\WINDOWS\System32\SET15D7.tmp deleted successfully.
C:\WINDOWS\System32\SET15D8.tmp deleted successfully.
C:\WINDOWS\System32\SET15DA.tmp deleted successfully.
C:\WINDOWS\System32\SET15E5.tmp deleted successfully.
C:\WINDOWS\System32\SET15E6.tmp deleted successfully.
C:\WINDOWS\System32\SET15E8.tmp deleted successfully.
C:\WINDOWS\System32\SET15EA.tmp deleted successfully.
C:\WINDOWS\System32\SET15F2.tmp deleted successfully.
C:\WINDOWS\System32\SET15F5.tmp deleted successfully.
C:\WINDOWS\System32\SET15F8.tmp deleted successfully.
C:\WINDOWS\System32\SET15FB.tmp deleted successfully.
C:\WINDOWS\System32\SET15FC.tmp deleted successfully.
C:\WINDOWS\System32\SET15FE.tmp deleted successfully.
C:\WINDOWS\System32\SET1602.tmp deleted successfully.
C:\WINDOWS\System32\SET1609.tmp deleted successfully.
C:\WINDOWS\System32\SET160E.tmp deleted successfully.
C:\WINDOWS\System32\SET1610.tmp deleted successfully.
C:\WINDOWS\System32\SET1611.tmp deleted successfully.
C:\WINDOWS\System32\SET1614.tmp deleted successfully.
C:\WINDOWS\System32\SET1617.tmp deleted successfully.
C:\WINDOWS\System32\SET1618.tmp deleted successfully.
C:\WINDOWS\System32\SET161B.tmp deleted successfully.
C:\WINDOWS\System32\SET161C.tmp deleted successfully.
C:\WINDOWS\System32\SET161E.tmp deleted successfully.
C:\WINDOWS\System32\SET1622.tmp deleted successfully.
C:\WINDOWS\System32\SET1624.tmp deleted successfully.
C:\WINDOWS\System32\SET1625.tmp deleted successfully.
C:\WINDOWS\System32\SET1626.tmp deleted successfully.
C:\WINDOWS\System32\SET162C.tmp deleted successfully.
C:\WINDOWS\System32\SET162D.tmp deleted successfully.
C:\WINDOWS\System32\SET162E.tmp deleted successfully.
C:\WINDOWS\System32\SET1633.tmp deleted successfully.
C:\WINDOWS\System32\SET1638.tmp deleted successfully.
C:\WINDOWS\System32\SET163A.tmp deleted successfully.
C:\WINDOWS\System32\SET163B.tmp deleted successfully.
C:\WINDOWS\System32\SET163C.tmp deleted successfully.
C:\WINDOWS\System32\SET163E.tmp deleted successfully.
C:\WINDOWS\System32\SET163F.tmp deleted successfully.
C:\WINDOWS\System32\SET1640.tmp deleted successfully.
C:\WINDOWS\System32\SET1642.tmp deleted successfully.
C:\WINDOWS\System32\SET1643.tmp deleted successfully.
C:\WINDOWS\System32\SET1644.tmp deleted successfully.
C:\WINDOWS\System32\SET1645.tmp deleted successfully.
C:\WINDOWS\System32\SET1646.tmp deleted successfully.
C:\WINDOWS\System32\SET1649.tmp deleted successfully.
C:\WINDOWS\System32\SET164A.tmp deleted successfully.
C:\WINDOWS\System32\SET1651.tmp deleted successfully.
C:\WINDOWS\System32\SET1652.tmp deleted successfully.
C:\WINDOWS\System32\SET1653.tmp deleted successfully.
C:\WINDOWS\System32\SET1655.tmp deleted successfully.
C:\WINDOWS\System32\SET1661.tmp deleted successfully.
C:\WINDOWS\System32\SET1662.tmp deleted successfully.
C:\WINDOWS\System32\SET1664.tmp deleted successfully.
C:\WINDOWS\System32\SET1665.tmp deleted successfully.
C:\WINDOWS\System32\SET166C.tmp deleted successfully.
C:\WINDOWS\System32\SET1671.tmp deleted successfully.
C:\WINDOWS\System32\SET1673.tmp deleted successfully.
C:\WINDOWS\System32\SET1677.tmp deleted successfully.
C:\WINDOWS\System32\SET1678.tmp deleted successfully.
C:\WINDOWS\System32\SET167A.tmp deleted successfully.
C:\WINDOWS\System32\SET1683.tmp deleted successfully.
C:\WINDOWS\System32\SET1685.tmp deleted successfully.
C:\WINDOWS\System32\SET1686.tmp deleted successfully.
C:\WINDOWS\System32\SET1687.tmp deleted successfully.
C:\WINDOWS\System32\SET1689.tmp deleted successfully.
C:\WINDOWS\System32\SET168B.tmp deleted successfully.
C:\WINDOWS\System32\SET1697.tmp deleted successfully.
C:\WINDOWS\System32\SET169D.tmp deleted successfully.
C:\WINDOWS\System32\SET169F.tmp deleted successfully.
C:\WINDOWS\System32\SET16A0.tmp deleted successfully.
C:\WINDOWS\System32\SET16A1.tmp deleted successfully.
C:\WINDOWS\System32\SET16A2.tmp deleted successfully.
C:\WINDOWS\System32\SET16A9.tmp deleted successfully.
C:\WINDOWS\System32\SET16AA.tmp deleted successfully.
C:\WINDOWS\System32\SET16B2.tmp deleted successfully.
C:\WINDOWS\System32\SET16B3.tmp deleted successfully.
C:\WINDOWS\System32\SET16B4.tmp deleted successfully.
C:\WINDOWS\System32\SET16BD.tmp deleted successfully.
C:\WINDOWS\System32\SET16BE.tmp deleted successfully.
C:\WINDOWS\System32\SET16BF.tmp deleted successfully.
C:\WINDOWS\System32\SET16C2.tmp deleted successfully.
C:\WINDOWS\System32\SET16C3.tmp deleted successfully.
C:\WINDOWS\System32\SET16C7.tmp deleted successfully.
C:\WINDOWS\System32\SET16C8.tmp deleted successfully.
C:\WINDOWS\System32\SET16CA.tmp deleted successfully.
C:\WINDOWS\System32\SET16CB.tmp deleted successfully.
C:\WINDOWS\System32\SET16CC.tmp deleted successfully.
C:\WINDOWS\System32\SET16CD.tmp deleted successfully.
C:\WINDOWS\System32\SET16CF.tmp deleted successfully.
C:\WINDOWS\System32\SET16D0.tmp deleted successfully.
C:\WINDOWS\System32\SET16D1.tmp deleted successfully.
C:\WINDOWS\System32\SET16D6.tmp deleted successfully.
C:\WINDOWS\System32\SET16E8.tmp deleted successfully.
C:\WINDOWS\System32\SET16E9.tmp deleted successfully.
C:\WINDOWS\System32\SET16EA.tmp deleted successfully.
C:\WINDOWS\System32\SET16EB.tmp deleted successfully.
C:\WINDOWS\System32\SET16EC.tmp deleted successfully.
C:\WINDOWS\System32\SET16EE.tmp deleted successfully.
C:\WINDOWS\System32\SET16F1.tmp deleted successfully.
C:\WINDOWS\System32\SET16F2.tmp deleted successfully.
C:\WINDOWS\System32\SET16FF.tmp deleted successfully.
C:\WINDOWS\System32\SET1701.tmp deleted successfully.
C:\WINDOWS\System32\SET1702.tmp deleted successfully.
C:\WINDOWS\System32\SET1703.tmp deleted successfully.
C:\WINDOWS\System32\SET170B.tmp deleted successfully.
C:\WINDOWS\System32\SET170C.tmp deleted successfully.
C:\WINDOWS\System32\SET1711.tmp deleted successfully.
C:\WINDOWS\System32\SET1714.tmp deleted successfully.
C:\WINDOWS\System32\SET1715.tmp deleted successfully.
C:\WINDOWS\System32\SET171F.tmp deleted successfully.
C:\WINDOWS\System32\SET1726.tmp deleted successfully.
C:\WINDOWS\System32\SET1727.tmp deleted successfully.
C:\WINDOWS\System32\SET1728.tmp deleted successfully.
C:\WINDOWS\System32\SET1729.tmp deleted successfully.
C:\WINDOWS\System32\SET172A.tmp deleted successfully.
C:\WINDOWS\System32\SET172F.tmp deleted successfully.
C:\WINDOWS\System32\SET1731.tmp deleted successfully.
C:\WINDOWS\System32\SET1732.tmp deleted successfully.
C:\WINDOWS\System32\SET1735.tmp deleted successfully.
C:\WINDOWS\System32\SET173C.tmp deleted successfully.
C:\WINDOWS\System32\SET173F.tmp deleted successfully.
C:\WINDOWS\System32\SET1741.tmp deleted successfully.
C:\WINDOWS\System32\SET1742.tmp deleted successfully.
C:\WINDOWS\System32\SET1745.tmp deleted successfully.
C:\WINDOWS\System32\SET1746.tmp deleted successfully.
C:\WINDOWS\System32\SET1747.tmp deleted successfully.
C:\WINDOWS\System32\SET174E.tmp deleted successfully.
C:\WINDOWS\System32\SET1754.tmp deleted successfully.
C:\WINDOWS\System32\SET1755.tmp deleted successfully.
C:\WINDOWS\System32\SET1756.tmp deleted successfully.
C:\WINDOWS\System32\SET1757.tmp deleted successfully.
C:\WINDOWS\System32\SET1759.tmp deleted successfully.
C:\WINDOWS\System32\SET175A.tmp deleted successfully.
C:\WINDOWS\System32\SET175C.tmp deleted successfully.
C:\WINDOWS\System32\SET175D.tmp deleted successfully.
C:\WINDOWS\System32\SET175E.tmp deleted successfully.
C:\WINDOWS\System32\SET1761.tmp deleted successfully.
C:\WINDOWS\System32\SET1762.tmp deleted successfully.
C:\WINDOWS\System32\SET1763.tmp deleted successfully.
C:\WINDOWS\System32\SET1769.tmp deleted successfully.
C:\WINDOWS\System32\SET176C.tmp deleted successfully.
C:\WINDOWS\System32\SET176D.tmp deleted successfully.
C:\WINDOWS\System32\SET177.tmp deleted successfully.
C:\WINDOWS\System32\SET1770.tmp deleted successfully.
C:\WINDOWS\System32\SET1773.tmp deleted successfully.
C:\WINDOWS\System32\SET1777.tmp deleted successfully.
C:\WINDOWS\System32\SET177A.tmp deleted successfully.
C:\WINDOWS\System32\SET177C.tmp deleted successfully.
C:\WINDOWS\System32\SET177E.tmp deleted successfully.
C:\WINDOWS\System32\SET177F.tmp deleted successfully.
C:\WINDOWS\System32\SET178.tmp deleted successfully.
C:\WINDOWS\System32\SET1781.tmp deleted successfully.
C:\WINDOWS\System32\SET1782.tmp deleted successfully.
C:\WINDOWS\System32\SET178B.tmp deleted successfully.
C:\WINDOWS\System32\SET17A.tmp deleted successfully.
C:\WINDOWS\System32\SET17C.tmp deleted successfully.
C:\WINDOWS\System32\SET17E.tmp deleted successfully.
C:\WINDOWS\System32\SET181.tmp deleted successfully.
C:\WINDOWS\System32\SET186.tmp deleted successfully.
C:\WINDOWS\System32\SET187.tmp deleted successfully.
C:\WINDOWS\System32\SET18A.tmp deleted successfully.
C:\WINDOWS\System32\SET18F.tmp deleted successfully.
C:\WINDOWS\System32\SET190.tmp deleted successfully.
C:\WINDOWS\System32\SET191.tmp deleted successfully.
C:\WINDOWS\System32\SET193.tmp deleted successfully.
C:\WINDOWS\System32\SET194.tmp deleted successfully.
C:\WINDOWS\System32\SET195.tmp deleted successfully.
C:\WINDOWS\System32\SET196.tmp deleted successfully.
C:\WINDOWS\System32\SET197.tmp deleted successfully.
C:\WINDOWS\System32\SET199.tmp deleted successfully.
C:\WINDOWS\System32\SET19A.tmp deleted successfully.
C:\WINDOWS\System32\SET19B.tmp deleted successfully.
C:\WINDOWS\System32\SET19E.tmp deleted successfully.
C:\WINDOWS\System32\SET1A5.tmp deleted successfully.
C:\WINDOWS\System32\SET1A6.tmp deleted successfully.
C:\WINDOWS\System32\SET1A7.tmp deleted successfully.
C:\WINDOWS\System32\SET1AA.tmp deleted successfully.
C:\WINDOWS\System32\SET1AC.tmp deleted successfully.
C:\WINDOWS\System32\SET1AE.tmp deleted successfully.
C:\WINDOWS\System32\SET1B4.tmp deleted successfully.
C:\WINDOWS\System32\SET1B7.tmp deleted successfully.
C:\WINDOWS\System32\SET1B8.tmp deleted successfully.
C:\WINDOWS\System32\SET1BA.tmp deleted successfully.
C:\WINDOWS\System32\SET1BF.tmp deleted successfully.
C:\WINDOWS\System32\SET1C0.tmp deleted successfully.
C:\WINDOWS\System32\SET1C1.tmp deleted successfully.
C:\WINDOWS\System32\SET1C2.tmp deleted successfully.
C:\WINDOWS\System32\SET1C3.tmp deleted successfully.
C:\WINDOWS\System32\SET1C9.tmp deleted successfully.
C:\WINDOWS\System32\SET1CE.tmp deleted successfully.
C:\WINDOWS\System32\SET1CF.tmp deleted successfully.
C:\WINDOWS\System32\SET1D2.tmp deleted successfully.
C:\WINDOWS\System32\SET1D5.tmp deleted successfully.
C:\WINDOWS\System32\SET1D6.tmp deleted successfully.
C:\WINDOWS\System32\SET1DD.tmp deleted successfully.
C:\WINDOWS\System32\SET1DE.tmp deleted successfully.
C:\WINDOWS\System32\SET1E0.tmp deleted successfully.
C:\WINDOWS\System32\SET1ED.tmp deleted successfully.
C:\WINDOWS\System32\SET1EE.tmp deleted successfully.
C:\WINDOWS\System32\SET1F1.tmp deleted successfully.
C:\WINDOWS\System32\SET1F3.tmp deleted successfully.
C:\WINDOWS\System32\SET1F4.tmp deleted successfully.
C:\WINDOWS\System32\SET1F5.tmp deleted successfully.
C:\WINDOWS\System32\SET1F6.tmp deleted successfully.
C:\WINDOWS\System32\SET1F7.tmp deleted successfully.
C:\WINDOWS\System32\SET206.tmp deleted successfully.
C:\WINDOWS\System32\SET20B.tmp deleted successfully.
C:\WINDOWS\System32\SET20C.tmp deleted successfully.
C:\WINDOWS\System32\SET20E.tmp deleted successfully.
C:\WINDOWS\System32\SET20F.tmp deleted successfully.
C:\WINDOWS\System32\SET210.tmp deleted successfully.
C:\WINDOWS\System32\SET212.tmp deleted successfully.
C:\WINDOWS\System32\SET213.tmp deleted successfully.
C:\WINDOWS\System32\SET217.tmp deleted successfully.
C:\WINDOWS\System32\SET218.tmp deleted successfully.
C:\WINDOWS\System32\SET21B.tmp deleted successfully.
C:\WINDOWS\System32\SET21C.tmp deleted successfully.
C:\WINDOWS\System32\SET21D.tmp deleted successfully.
C:\WINDOWS\System32\SET221.tmp deleted successfully.
C:\WINDOWS\System32\SET222.tmp deleted successfully.
C:\WINDOWS\System32\SET224.tmp deleted successfully.
C:\WINDOWS\System32\SET226.tmp deleted successfully.
C:\WINDOWS\System32\SET227.tmp deleted successfully.
C:\WINDOWS\System32\SET228.tmp deleted successfully.
C:\WINDOWS\System32\SET229.tmp deleted successfully.
C:\WINDOWS\System32\SET22A.tmp deleted successfully.
C:\WINDOWS\System32\SET22B.tmp deleted successfully.
C:\WINDOWS\System32\SET230.tmp deleted successfully.
C:\WINDOWS\System32\SET231.tmp deleted successfully.
C:\WINDOWS\System32\SET234.tmp deleted successfully.
C:\WINDOWS\System32\SET235.tmp deleted successfully.
C:\WINDOWS\System32\SET236.tmp deleted successfully.
C:\WINDOWS\System32\SET239.tmp deleted successfully.
C:\WINDOWS\System32\SET23A.tmp deleted successfully.
C:\WINDOWS\System32\SET23B.tmp deleted successfully.
C:\WINDOWS\System32\SET23D.tmp deleted successfully.
C:\WINDOWS\System32\SET23E.tmp deleted successfully.
C:\WINDOWS\System32\SET23F.tmp deleted successfully.
C:\WINDOWS\System32\SET240.tmp deleted successfully.
C:\WINDOWS\System32\SET241.tmp deleted successfully.
C:\WINDOWS\System32\SET243.tmp deleted successfully.
C:\WINDOWS\System32\SET244.tmp deleted successfully.
C:\WINDOWS\System32\SET245.tmp deleted successfully.
C:\WINDOWS\System32\SET247.tmp deleted successfully.
C:\WINDOWS\System32\SET248.tmp deleted successfully.
C:\WINDOWS\System32\SET249.tmp deleted successfully.
C:\WINDOWS\System32\SET24A.tmp deleted successfully.
C:\WINDOWS\System32\SET24B.tmp deleted successfully.
C:\WINDOWS\System32\SET24D.tmp deleted successfully.
C:\WINDOWS\System32\SET24F.tmp deleted successfully.
C:\WINDOWS\System32\SET250.tmp deleted successfully.
C:\WINDOWS\System32\SET251.tmp deleted successfully.
C:\WINDOWS\System32\SET254.tmp deleted successfully.
C:\WINDOWS\System32\SET256.tmp deleted successfully.
C:\WINDOWS\System32\SET258.tmp deleted successfully.
C:\WINDOWS\System32\SET259.tmp deleted successfully.
C:\WINDOWS\System32\SET25D.tmp deleted successfully.
C:\WINDOWS\System32\SET25E.tmp deleted successfully.
C:\WINDOWS\System32\SET260.tmp deleted successfully.
C:\WINDOWS\System32\SET261.tmp deleted successfully.
C:\WINDOWS\System32\SET262.tmp deleted successfully.
C:\WINDOWS\System32\SET264.tmp deleted successfully.
C:\WINDOWS\System32\SET265.tmp deleted successfully.
C:\WINDOWS\System32\SET266.tmp deleted successfully.
C:\WINDOWS\System32\SET267.tmp deleted successfully.
C:\WINDOWS\System32\SET268.tmp deleted successfully.
C:\WINDOWS\System32\SET26A.tmp deleted successfully.
C:\WINDOWS\System32\SET26C.tmp deleted successfully.
C:\WINDOWS\System32\SET26D.tmp deleted successfully.
C:\WINDOWS\System32\SET270.tmp deleted successfully.
C:\WINDOWS\System32\SET272.tmp deleted successfully.
C:\WINDOWS\System32\SET273.tmp deleted successfully.
C:\WINDOWS\System32\SET274.tmp deleted successfully.
C:\WINDOWS\System32\SET275.tmp deleted successfully.
C:\WINDOWS\System32\SET276.tmp deleted successfully.
C:\WINDOWS\System32\SET277.tmp deleted successfully.
C:\WINDOWS\System32\SET278.tmp deleted successfully.
C:\WINDOWS\System32\SET279.tmp deleted successfully.
C:\WINDOWS\System32\SET27A.tmp deleted successfully.
C:\WINDOWS\System32\SET27B.tmp deleted successfully.
C:\WINDOWS\System32\SET27C.tmp deleted successfully.
C:\WINDOWS\System32\SET27D.tmp deleted successfully.
C:\WINDOWS\System32\SET27E.tmp deleted successfully.
C:\WINDOWS\System32\SET27F.tmp deleted successfully.
C:\WINDOWS\System32\SET280.tmp deleted successfully.
C:\WINDOWS\System32\SET281.tmp deleted successfully.
C:\WINDOWS\System32\SET283.tmp deleted successfully.
C:\WINDOWS\System32\SET284.tmp deleted successfully.
C:\WINDOWS\System32\SET286.tmp deleted successfully.
C:\WINDOWS\System32\SET288.tmp deleted successfully.
C:\WINDOWS\System32\SET289.tmp deleted successfully.
C:\WINDOWS\System32\SET28A.tmp deleted successfully.
C:\WINDOWS\System32\SET28B.tmp deleted successfully.
C:\WINDOWS\System32\SET28C.tmp deleted successfully.
C:\WINDOWS\System32\SET28D.tmp deleted successfully.
C:\WINDOWS\System32\SET28E.tmp deleted successfully.
C:\WINDOWS\System32\SET290.tmp deleted successfully.
C:\WINDOWS\System32\SET291.tmp deleted successfully.
C:\WINDOWS\System32\SET292.tmp deleted successfully.
C:\WINDOWS\System32\SET293.tmp deleted successfully.
C:\WINDOWS\System32\SET294.tmp deleted successfully.
C:\WINDOWS\System32\SET295.tmp deleted successfully.
C:\WINDOWS\System32\SET297.tmp deleted successfully.
C:\WINDOWS\System32\SET29A.tmp deleted successfully.
C:\WINDOWS\System32\SET29B.tmp deleted successfully.
C:\WINDOWS\System32\SET29C.tmp deleted successfully.
C:\WINDOWS\System32\SET29D.tmp deleted successfully.
C:\WINDOWS\System32\SET29E.tmp deleted successfully.
C:\WINDOWS\System32\SET2A0.tmp deleted successfully.
C:\WINDOWS\System32\SET2A1.tmp deleted successfully.
C:\WINDOWS\System32\SET2A5.tmp deleted successfully.
C:\WINDOWS\System32\SET2A6.tmp deleted successfully.
C:\WINDOWS\System32\SET2A7.tmp deleted successfully.
C:\WINDOWS\System32\SET2A8.tmp deleted successfully.
C:\WINDOWS\System32\SET2A9.tmp deleted successfully.
C:\WINDOWS\System32\SET2AB.tmp deleted successfully.
C:\WINDOWS\System32\SET2AC.tmp deleted successfully.
C:\WINDOWS\System32\SET2AD.tmp deleted successfully.
C:\WINDOWS\System32\SET2AE.tmp deleted successfully.
C:\WINDOWS\System32\SET2AF.tmp deleted successfully.
C:\WINDOWS\System32\SET2B0.tmp deleted successfully.
C:\WINDOWS\System32\SET2B1.tmp deleted successfully.
C:\WINDOWS\System32\SET2B2.tmp deleted successfully.
C:\WINDOWS\System32\SET2B3.tmp deleted successfully.
C:\WINDOWS\System32\SET2B4.tmp deleted successfully.
C:\WINDOWS\System32\SET2B5.tmp deleted successfully.
C:\WINDOWS\System32\SET2B8.tmp deleted successfully.
C:\WINDOWS\System32\SET2B9.tmp deleted successfully.
C:\WINDOWS\System32\SET2BB.tmp deleted successfully.
C:\WINDOWS\System32\SET2BC.tmp deleted successfully.
C:\WINDOWS\System32\SET2BD.tmp deleted successfully.
C:\WINDOWS\System32\SET2C0.tmp deleted successfully.
C:\WINDOWS\System32\SET2C1.tmp deleted successfully.
C:\WINDOWS\System32\SET2C2.tmp deleted successfully.
C:\WINDOWS\System32\SET2C3.tmp deleted successfully.
C:\WINDOWS\System32\SET2C4.tmp deleted successfully.
C:\WINDOWS\System32\SET2C6.tmp deleted successfully.
C:\WINDOWS\System32\SET2C8.tmp deleted successfully.
C:\WINDOWS\System32\SET2CA.tmp deleted successfully.
C:\WINDOWS\System32\SET2CB.tmp deleted successfully.
C:\WINDOWS\System32\SET2CC.tmp deleted successfully.
C:\WINDOWS\System32\SET2CD.tmp deleted successfully.
C:\WINDOWS\System32\SET2CE.tmp deleted successfully.
C:\WINDOWS\System32\SET2D0.tmp deleted successfully.
C:\WINDOWS\System32\SET2D1.tmp deleted successfully.
C:\WINDOWS\System32\SET2D3.tmp deleted successfully.
C:\WINDOWS\System32\SET2D4.tmp deleted successfully.
C:\WINDOWS\System32\SET2D5.tmp deleted successfully.
C:\WINDOWS\System32\SET2D6.tmp deleted successfully.
C:\WINDOWS\System32\SET2D7.tmp deleted successfully.
C:\WINDOWS\System32\SET2D9.tmp deleted successfully.
C:\WINDOWS\System32\SET2DA.tmp deleted successfully.
C:\WINDOWS\System32\SET2DB.tmp deleted successfully.
C:\WINDOWS\System32\SET2DC.tmp deleted successfully.
C:\WINDOWS\System32\SET2DD.tmp deleted successfully.
C:\WINDOWS\System32\SET2E5.tmp deleted successfully.
C:\WINDOWS\System32\SET2E6.tmp deleted successfully.
C:\WINDOWS\System32\SET2E7.tmp deleted successfully.
C:\WINDOWS\System32\SET2EA.tmp deleted successfully.
C:\WINDOWS\System32\SET2EB.tmp deleted successfully.
C:\WINDOWS\System32\SET2EC.tmp deleted successfully.
C:\WINDOWS\System32\SET2EE.tmp deleted successfully.
C:\WINDOWS\System32\SET2EF.tmp deleted successfully.
C:\WINDOWS\System32\SET2F0.tmp deleted successfully.
C:\WINDOWS\System32\SET2F1.tmp deleted successfully.
C:\WINDOWS\System32\SET2F3.tmp deleted successfully.
C:\WINDOWS\System32\SET2F4.tmp deleted successfully.
C:\WINDOWS\System32\SET2F5.tmp deleted successfully.
C:\WINDOWS\System32\SET2F6.tmp deleted successfully.
C:\WINDOWS\System32\SET2F7.tmp deleted successfully.
C:\WINDOWS\System32\SET2F8.tmp deleted successfully.
C:\WINDOWS\System32\SET2FA.tmp deleted successfully.
C:\WINDOWS\System32\SET2FB.tmp deleted successfully.
C:\WINDOWS\System32\SET2FD.tmp deleted successfully.
C:\WINDOWS\System32\SET2FE.tmp deleted successfully.
C:\WINDOWS\System32\SET2FF.tmp deleted successfully.
C:\WINDOWS\System32\SET300.tmp deleted successfully.
C:\WINDOWS\System32\SET301.tmp deleted successfully.
C:\WINDOWS\System32\SET302.tmp deleted successfully.
C:\WINDOWS\System32\SET303.tmp deleted successfully.
C:\WINDOWS\System32\SET304.tmp deleted successfully.
C:\WINDOWS\System32\SET305.tmp deleted successfully.
C:\WINDOWS\System32\SET307.tmp deleted successfully.
C:\WINDOWS\System32\SET308.tmp deleted successfully.
C:\WINDOWS\System32\SET309.tmp deleted successfully.
C:\WINDOWS\System32\SET30B.tmp deleted successfully.
C:\WINDOWS\System32\SET30C.tmp deleted successfully.
C:\WINDOWS\System32\SET30D.tmp deleted successfully.
C:\WINDOWS\System32\SET30E.tmp deleted successfully.
C:\WINDOWS\System32\SET30F.tmp deleted successfully.
C:\WINDOWS\System32\SET310.tmp deleted successfully.
C:\WINDOWS\System32\SET311.tmp deleted successfully.
C:\WINDOWS\System32\SET312.tmp deleted successfully.
C:\WINDOWS\System32\SET313.tmp deleted successfully.
C:\WINDOWS\System32\SET314.tmp deleted successfully.
C:\WINDOWS\System32\SET315.tmp deleted successfully.
C:\WINDOWS\System32\SET316.tmp deleted successfully.
C:\WINDOWS\System32\SET318.tmp deleted successfully.
C:\WINDOWS\System32\SET319.tmp deleted successfully.
C:\WINDOWS\System32\SET31A.tmp deleted successfully.
C:\WINDOWS\System32\SET31B.tmp deleted successfully.
C:\WINDOWS\System32\SET31C.tmp deleted successfully.
C:\WINDOWS\System32\SET31D.tmp deleted successfully.
C:\WINDOWS\System32\SET31E.tmp deleted successfully.
C:\WINDOWS\System32\SET320.tmp deleted successfully.
C:\WINDOWS\System32\SET321.tmp deleted successfully.
C:\WINDOWS\System32\SET322.tmp deleted successfully.
C:\WINDOWS\System32\SET323.tmp deleted successfully.
C:\WINDOWS\System32\SET324.tmp deleted successfully.
C:\WINDOWS\System32\SET325.tmp deleted successfully.
C:\WINDOWS\System32\SET326.tmp deleted successfully.
C:\WINDOWS\System32\SET328.tmp deleted successfully.
C:\WINDOWS\System32\SET32A.tmp deleted successfully.
C:\WINDOWS\System32\SET32B.tmp deleted successfully.
C:\WINDOWS\System32\SET32C.tmp deleted successfully.
C:\WINDOWS\System32\SET32D.tmp deleted successfully.
C:\WINDOWS\System32\SET32F.tmp deleted successfully.
C:\WINDOWS\System32\SET330.tmp deleted successfully.
C:\WINDOWS\System32\SET332.tmp deleted successfully.
C:\WINDOWS\System32\SET334.tmp deleted successfully.
C:\WINDOWS\System32\SET336.tmp deleted successfully.
C:\WINDOWS\System32\SET337.tmp deleted successfully.
C:\WINDOWS\System32\SET338.tmp deleted successfully.
C:\WINDOWS\System32\SET33A.tmp deleted successfully.
C:\WINDOWS\System32\SET33B.tmp deleted successfully.
C:\WINDOWS\System32\SET33C.tmp deleted successfully.
C:\WINDOWS\System32\SET33D.tmp deleted successfully.
C:\WINDOWS\System32\SET33E.tmp deleted successfully.
C:\WINDOWS\System32\SET343.tmp deleted successfully.
C:\WINDOWS\System32\SET344.tmp deleted successfully.
C:\WINDOWS\System32\SET345.tmp deleted successfully.
C:\WINDOWS\System32\SET346.tmp deleted successfully.
C:\WINDOWS\System32\SET347.tmp deleted successfully.
C:\WINDOWS\System32\SET348.tmp deleted successfully.
C:\WINDOWS\System32\SET349.tmp deleted successfully.
C:\WINDOWS\System32\SET34B.tmp deleted successfully.
C:\WINDOWS\System32\SET34C.tmp deleted successfully.
C:\WINDOWS\System32\SET34D.tmp deleted successfully.
C:\WINDOWS\System32\SET34E.tmp deleted successfully.
C:\WINDOWS\System32\SET34F.tmp deleted successfully.
C:\WINDOWS\System32\SET351.tmp deleted successfully.
C:\WINDOWS\System32\SET352.tmp deleted successfully.
C:\WINDOWS\System32\SET353.tmp deleted successfully.
C:\WINDOWS\System32\SET354.tmp deleted successfully.
C:\WINDOWS\System32\SET355.tmp deleted successfully.
C:\WINDOWS\System32\SET356.tmp deleted successfully.
C:\WINDOWS\System32\SET357.tmp deleted successfully.
C:\WINDOWS\System32\SET359.tmp deleted successfully.
C:\WINDOWS\System32\SET35A.tmp deleted successfully.
C:\WINDOWS\System32\SET35C.tmp deleted successfully.
C:\WINDOWS\System32\SET35D.tmp deleted successfully.
C:\WINDOWS\System32\SET35E.tmp deleted successfully.
C:\WINDOWS\System32\SET35F.tmp deleted successfully.
C:\WINDOWS\System32\SET360.tmp deleted successfully.
C:\WINDOWS\System32\SET361.tmp deleted successfully.
C:\WINDOWS\System32\SET364.tmp deleted successfully.
C:\WINDOWS\System32\SET365.tmp deleted successfully.
C:\WINDOWS\System32\SET366.tmp deleted successfully.
C:\WINDOWS\System32\SET368.tmp deleted successfully.
C:\WINDOWS\System32\SET369.tmp deleted successfully.
C:\WINDOWS\System32\SET36A.tmp deleted successfully.
C:\WINDOWS\System32\SET36B.tmp deleted successfully.
C:\WINDOWS\System32\SET36C.tmp deleted successfully.
C:\WINDOWS\System32\SET36D.tmp deleted successfully.
C:\WINDOWS\System32\SET36E.tmp deleted successfully.
C:\WINDOWS\System32\SET36F.tmp deleted successfully.
C:\WINDOWS\System32\SET370.tmp deleted successfully.
C:\WINDOWS\System32\SET372.tmp deleted successfully.
C:\WINDOWS\System32\SET373.tmp deleted successfully.
C:\WINDOWS\System32\SET374.tmp deleted successfully.
C:\WINDOWS\System32\SET375.tmp deleted successfully.
C:\WINDOWS\System32\SET376.tmp deleted successfully.
C:\WINDOWS\System32\SET377.tmp deleted successfully.
C:\WINDOWS\System32\SET378.tmp deleted successfully.
C:\WINDOWS\System32\SET379.tmp deleted successfully.
C:\WINDOWS\System32\SET37A.tmp deleted successfully.
C:\WINDOWS\System32\SET37C.tmp deleted successfully.
C:\WINDOWS\System32\SET37D.tmp deleted successfully.
C:\WINDOWS\System32\SET37F.tmp deleted successfully.
C:\WINDOWS\System32\SET380.tmp deleted successfully.
C:\WINDOWS\System32\SET381.tmp deleted successfully.
C:\WINDOWS\System32\SET382.tmp deleted successfully.
C:\WINDOWS\System32\SET383.tmp deleted successfully.
C:\WINDOWS\System32\SET384.tmp deleted successfully.
C:\WINDOWS\System32\SET386.tmp deleted successfully.
C:\WINDOWS\System32\SET388.tmp deleted successfully.
C:\WINDOWS\System32\SET389.tmp deleted successfully.
C:\WINDOWS\System32\SET38A.tmp deleted successfully.
C:\WINDOWS\System32\SET38B.tmp deleted successfully.
C:\WINDOWS\System32\SET38C.tmp deleted successfully.
C:\WINDOWS\System32\SET38D.tmp deleted successfully.
C:\WINDOWS\System32\SET38F.tmp deleted successfully.
C:\WINDOWS\System32\SET390.tmp deleted successfully.
C:\WINDOWS\System32\SET391.tmp deleted successfully.
C:\WINDOWS\System32\SET392.tmp deleted successfully.
C:\WINDOWS\System32\SET393.tmp deleted successfully.
C:\WINDOWS\System32\SET396.tmp deleted successfully.
C:\WINDOWS\System32\SET397.tmp deleted successfully.
C:\WINDOWS\System32\SET398.tmp deleted successfully.
C:\WINDOWS\System32\SET39A.tmp deleted successfully.
C:\WINDOWS\System32\SET39C.tmp deleted successfully.
C:\WINDOWS\System32\SET39D.tmp deleted successfully.
C:\WINDOWS\System32\SET39E.tmp deleted successfully.
C:\WINDOWS\System32\SET3A0.tmp deleted successfully.
C:\WINDOWS\System32\SET3A1.tmp deleted successfully.
C:\WINDOWS\System32\SET3A2.tmp deleted successfully.
C:\WINDOWS\System32\SET3A3.tmp deleted successfully.
C:\WINDOWS\System32\SET3A5.tmp deleted successfully.
C:\WINDOWS\System32\SET3A7.tmp deleted successfully.
C:\WINDOWS\System32\SET3AB.tmp deleted successfully.
C:\WINDOWS\System32\SET3AC.tmp deleted successfully.
C:\WINDOWS\System32\SET3AD.tmp deleted successfully.
C:\WINDOWS\System32\SET3AF.tmp deleted successfully.
C:\WINDOWS\System32\SET3B1.tmp deleted successfully.
C:\WINDOWS\System32\SET3B2.tmp deleted successfully.
C:\WINDOWS\System32\SET3B3.tmp deleted successfully.
C:\WINDOWS\System32\SET3B4.tmp deleted successfully.
C:\WINDOWS\System32\SET3B5.tmp deleted successfully.
C:\WINDOWS\System32\SET3B6.tmp deleted successfully.
C:\WINDOWS\System32\SET3B7.tmp deleted successfully.
C:\WINDOWS\System32\SET3B8.tmp deleted successfully.
C:\WINDOWS\System32\SET3B9.tmp deleted successfully.
C:\WINDOWS\System32\SET3BA.tmp deleted successfully.
C:\WINDOWS\System32\SET3BB.tmp deleted successfully.
C:\WINDOWS\System32\SET3BC.tmp deleted successfully.
C:\WINDOWS\System32\SET3BD.tmp deleted successfully.
C:\WINDOWS\System32\SET3BE.tmp deleted successfully.
C:\WINDOWS\System32\SET3BF.tmp deleted successfully.
C:\WINDOWS\System32\SET3C0.tmp deleted successfully.
C:\WINDOWS\System32\SET3C1.tmp deleted successfully.
C:\WINDOWS\System32\SET3C2.tmp deleted successfully.
C:\WINDOWS\System32\SET3C3.tmp deleted successfully.
C:\WINDOWS\System32\SET3C4.tmp deleted successfully.
C:\WINDOWS\System32\SET3C5.tmp deleted successfully.
C:\WINDOWS\System32\SET3C6.tmp deleted successfully.
C:\WINDOWS\System32\SET3C8.tmp deleted successfully.
C:\WINDOWS\System32\SET3CA.tmp deleted successfully.
C:\WINDOWS\System32\SET3CB.tmp deleted successfully.
C:\WINDOWS\System32\SET3CC.tmp deleted successfully.
C:\WINDOWS\System32\SET3CF.tmp deleted successfully.
C:\WINDOWS\System32\SET3D0.tmp deleted successfully.
C:\WINDOWS\System32\SET3D1.tmp deleted successfully.
C:\WINDOWS\System32\SET3D2.tmp deleted successfully.
C:\WINDOWS\System32\SET3D3.tmp deleted successfully.
C:\WINDOWS\System32\SET3D4.tmp deleted successfully.
C:\WINDOWS\System32\SET3D5.tmp deleted successfully.
C:\WINDOWS\System32\SET3D6.tmp deleted successfully.
C:\WINDOWS\System32\SET3D7.tmp deleted successfully.
C:\WINDOWS\System32\SET3D8.tmp deleted successfully.
C:\WINDOWS\System32\SET3D9.tmp deleted successfully.
C:\WINDOWS\System32\SET3DC.tmp deleted successfully.
C:\WINDOWS\System32\SET3DF.tmp deleted successfully.
C:\WINDOWS\System32\SET3E0.tmp deleted successfully.
C:\WINDOWS\System32\SET3E1.tmp deleted successfully.
C:\WINDOWS\System32\SET3E2.tmp deleted successfully.
C:\WINDOWS\System32\SET3E3.tmp deleted successfully.
C:\WINDOWS\System32\SET3E5.tmp deleted successfully.
C:\WINDOWS\System32\SET3E7.tmp deleted successfully.
C:\WINDOWS\System32\SET3E8.tmp deleted successfully.
C:\WINDOWS\System32\SET3E9.tmp deleted successfully.
C:\WINDOWS\System32\SET3EA.tmp deleted successfully.
C:\WINDOWS\System32\SET3EB.tmp deleted successfully.
C:\WINDOWS\System32\SET3EC.tmp deleted successfully.
C:\WINDOWS\System32\SET3EE.tmp deleted successfully.
C:\WINDOWS\System32\SET3EF.tmp deleted successfully.
C:\WINDOWS\System32\SET3F0.tmp deleted successfully.
C:\WINDOWS\System32\SET3F1.tmp deleted successfully.
C:\WINDOWS\System32\SET3F2.tmp deleted successfully.
C:\WINDOWS\System32\SET3F4.tmp deleted successfully.
C:\WINDOWS\System32\SET3F5.tmp deleted successfully.
C:\WINDOWS\System32\SET3F6.tmp deleted successfully.
C:\WINDOWS\System32\SET3F7.tmp deleted successfully.
C:\WINDOWS\System32\SET3F8.tmp deleted successfully.
C:\WINDOWS\System32\SET3F9.tmp deleted successfully.
C:\WINDOWS\System32\SET3FA.tmp deleted successfully.
C:\WINDOWS\System32\SET3FB.tmp deleted successfully.
C:\WINDOWS\System32\SET3FC.tmp deleted successfully.
C:\WINDOWS\System32\SET3FD.tmp deleted successfully.
C:\WINDOWS\System32\SET3FE.tmp deleted successfully.
C:\WINDOWS\System32\SET3FF.tmp deleted successfully.
C:\WINDOWS\System32\SET400.tmp deleted successfully.
C:\WINDOWS\System32\SET402.tmp deleted successfully.
C:\WINDOWS\System32\SET407.tmp deleted successfully.
C:\WINDOWS\System32\SET408.tmp deleted successfully.
C:\WINDOWS\System32\SET40B.tmp deleted successfully.
C:\WINDOWS\System32\SET40C.tmp deleted successfully.
C:\WINDOWS\System32\SET40D.tmp deleted successfully.
C:\WINDOWS\System32\SET40F.tmp deleted successfully.
C:\WINDOWS\System32\SET410.tmp deleted successfully.
C:\WINDOWS\System32\SET411.tmp deleted successfully.
C:\WINDOWS\System32\SET412.tmp deleted successfully.
C:\WINDOWS\System32\SET413.tmp deleted successfully.
C:\WINDOWS\System32\SET414.tmp deleted successfully.
C:\WINDOWS\System32\SET415.tmp deleted successfully.
C:\WINDOWS\System32\SET416.tmp deleted successfully.
C:\WINDOWS\System32\SET417.tmp deleted successfully.
C:\WINDOWS\System32\SET418.tmp deleted successfully.
C:\WINDOWS\System32\SET419.tmp deleted successfully.
C:\WINDOWS\System32\SET41A.tmp deleted successfully.
C:\WINDOWS\System32\SET41C.tmp deleted successfully.
C:\WINDOWS\System32\SET41D.tmp deleted successfully.
C:\WINDOWS\System32\SET41E.tmp deleted successfully.
C:\WINDOWS\System32\SET41F.tmp deleted successfully.
C:\WINDOWS\System32\SET420.tmp deleted successfully.
C:\WINDOWS\System32\SET421.tmp deleted successfully.
C:\WINDOWS\System32\SET422.tmp deleted successfully.
C:\WINDOWS\System32\SET423.tmp deleted successfully.
C:\WINDOWS\System32\SET426.tmp deleted successfully.
C:\WINDOWS\System32\SET429.tmp deleted successfully.
C:\WINDOWS\System32\SET42B.tmp deleted successfully.
C:\WINDOWS\System32\SET42C.tmp deleted successfully.
C:\WINDOWS\System32\SET42E.tmp deleted successfully.
C:\WINDOWS\System32\SET42F.tmp deleted successfully.
C:\WINDOWS\System32\SET430.tmp deleted successfully.
C:\WINDOWS\System32\SET431.tmp deleted successfully.
C:\WINDOWS\System32\SET433.tmp deleted successfully.
C:\WINDOWS\System32\SET437.tmp deleted successfully.
C:\WINDOWS\System32\SET439.tmp deleted successfully.
C:\WINDOWS\System32\SET43B.tmp deleted successfully.
C:\WINDOWS\System32\SET43C.tmp deleted successfully.
C:\WINDOWS\System32\SET43D.tmp deleted successfully.
C:\WINDOWS\System32\SET43E.tmp deleted successfully.
C:\WINDOWS\System32\SET43F.tmp deleted successfully.
C:\WINDOWS\System32\SET440.tmp deleted successfully.
C:\WINDOWS\System32\SET441.tmp deleted successfully.
C:\WINDOWS\System32\SET442.tmp deleted successfully.
C:\WINDOWS\System32\SET443.tmp deleted successfully.
C:\WINDOWS\System32\SET444.tmp deleted successfully.
C:\WINDOWS\System32\SET445.tmp deleted successfully.
C:\WINDOWS\System32\SET446.tmp deleted successfully.
C:\WINDOWS\System32\SET447.tmp deleted successfully.
C:\WINDOWS\System32\SET448.tmp deleted successfully.
C:\WINDOWS\System32\SET44A.tmp deleted successfully.
C:\WINDOWS\System32\SET44B.tmp deleted successfully.
C:\WINDOWS\System32\SET44C.tmp deleted successfully.
C:\WINDOWS\System32\SET44D.tmp deleted successfully.
C:\WINDOWS\System32\SET44E.tmp deleted successfully.
C:\WINDOWS\System32\SET451.tmp deleted successfully.
C:\WINDOWS\System32\SET454.tmp deleted successfully.
C:\WINDOWS\System32\SET455.tmp deleted successfully.
C:\WINDOWS\System32\SET456.tmp deleted successfully.
C:\WINDOWS\System32\SET458.tmp deleted successfully.
C:\WINDOWS\System32\SET459.tmp deleted successfully.
C:\WINDOWS\System32\SET45B.tmp deleted successfully.
C:\WINDOWS\System32\SET45D.tmp deleted successfully.
C:\WINDOWS\System32\SET45E.tmp deleted successfully.
C:\WINDOWS\System32\SET45F.tmp deleted successfully.
C:\WINDOWS\System32\SET460.tmp deleted successfully.
C:\WINDOWS\System32\SET462.tmp deleted successfully.
C:\WINDOWS\System32\SET463.tmp deleted successfully.
C:\WINDOWS\System32\SET465.tmp deleted successfully.
C:\WINDOWS\System32\SET467.tmp deleted successfully.
C:\WINDOWS\System32\SET468.tmp deleted successfully.
C:\WINDOWS\System32\SET469.tmp deleted successfully.
C:\WINDOWS\System32\SET46A.tmp deleted successfully.
C:\WINDOWS\System32\SET46C.tmp deleted successfully.
C:\WINDOWS\System32\SET46E.tmp deleted successfully.
C:\WINDOWS\System32\SET46F.tmp deleted successfully.
C:\WINDOWS\System32\SET470.tmp deleted successfully.
C:\WINDOWS\System32\SET472.tmp deleted successfully.
C:\WINDOWS\System32\SET477.tmp deleted successfully.
C:\WINDOWS\System32\SET47B.tmp deleted successfully.
C:\WINDOWS\System32\SET47C.tmp deleted successfully.
C:\WINDOWS\System32\SET47F.tmp deleted successfully.
C:\WINDOWS\System32\SET480.tmp deleted successfully.
C:\WINDOWS\System32\SET481.tmp deleted successfully.
C:\WINDOWS\System32\SET482.tmp deleted successfully.
C:\WINDOWS\System32\SET483.tmp deleted successfully.
C:\WINDOWS\System32\SET484.tmp deleted successfully.
C:\WINDOWS\System32\SET486.tmp deleted successfully.
C:\WINDOWS\System32\SET488.tmp deleted successfully.
C:\WINDOWS\System32\SET489.tmp deleted successfully.
C:\WINDOWS\System32\SET48A.tmp deleted successfully.
C:\WINDOWS\System32\SET48B.tmp deleted successfully.
C:\WINDOWS\System32\SET48E.tmp deleted successfully.
C:\WINDOWS\System32\SET490.tmp deleted successfully.
C:\WINDOWS\System32\SET495.tmp deleted successfully.
C:\WINDOWS\System32\SET497.tmp deleted successfully.
C:\WINDOWS\System32\SET49C.tmp deleted successfully.
C:\WINDOWS\System32\SET49E.tmp deleted successfully.
C:\WINDOWS\System32\SET49F.tmp deleted successfully.
C:\WINDOWS\System32\SET4A1.tmp deleted successfully.
C:\WINDOWS\System32\SET4A2.tmp deleted successfully.
C:\WINDOWS\System32\SET4A9.tmp deleted successfully.
C:\WINDOWS\System32\SET4AB.tmp deleted successfully.
C:\WINDOWS\System32\SET4AC.tmp deleted successfully.
C:\WINDOWS\System32\SET4AD.tmp deleted successfully.
C:\WINDOWS\System32\SET4AE.tmp deleted successfully.
C:\WINDOWS\System32\SET4B0.tmp deleted successfully.
C:\WINDOWS\System32\SET4B2.tmp deleted successfully.
C:\WINDOWS\System32\SET4BA.tmp deleted successfully.
C:\WINDOWS\System32\SET4BE.tmp deleted successfully.
C:\WINDOWS\System32\SET4C2.tmp deleted successfully.
C:\WINDOWS\System32\SET4C6.tmp deleted successfully.
C:\WINDOWS\System32\SET4C8.tmp deleted successfully.
C:\WINDOWS\System32\SET4C9.tmp deleted successfully.
C:\WINDOWS\System32\SET4CA.tmp deleted successfully.
C:\WINDOWS\System32\SET4CE.tmp deleted successfully.
C:\WINDOWS\System32\SET4D0.tmp deleted successfully.
C:\WINDOWS\System32\SET4D1.tmp deleted successfully.
C:\WINDOWS\System32\SET4D3.tmp deleted successfully.
C:\WINDOWS\System32\SET4D4.tmp deleted successfully.
C:\WINDOWS\System32\SET4D7.tmp deleted successfully.
C:\WINDOWS\System32\SET4D9.tmp deleted successfully.
C:\WINDOWS\System32\SET4DA.tmp deleted successfully.
C:\WINDOWS\System32\SET4DC.tmp deleted successfully.
C:\WINDOWS\System32\SET4DE.tmp deleted successfully.
C:\WINDOWS\System32\SET4E0.tmp deleted successfully.
C:\WINDOWS\System32\SET4E1.tmp deleted successfully.
C:\WINDOWS\System32\SET4E2.tmp deleted successfully.
C:\WINDOWS\System32\SET4E3.tmp deleted successfully.
C:\WINDOWS\System32\SET4E4.tmp deleted successfully.
C:\WINDOWS\System32\SET4E5.tmp deleted successfully.
C:\WINDOWS\System32\SET4E6.tmp deleted successfully.
C:\WINDOWS\System32\SET4E7.tmp deleted successfully.
C:\WINDOWS\System32\SET4E9.tmp deleted successfully.
C:\WINDOWS\System32\SET4EB.tmp deleted successfully.
C:\WINDOWS\System32\SET4EC.tmp deleted successfully.
C:\WINDOWS\System32\SET4ED.tmp deleted successfully.
C:\WINDOWS\System32\SET4EF.tmp deleted successfully.
C:\WINDOWS\System32\SET4F0.tmp deleted successfully.
C:\WINDOWS\System32\SET4F2.tmp deleted successfully.
C:\WINDOWS\System32\SET4F7.tmp deleted successfully.
C:\WINDOWS\System32\SET4F8.tmp deleted successfully.
C:\WINDOWS\System32\SET4F9.tmp deleted successfully.
C:\WINDOWS\System32\SET4FB.tmp deleted successfully.
C:\WINDOWS\System32\SET4FC.tmp deleted successfully.
C:\WINDOWS\System32\SET4FE.tmp deleted successfully.
C:\WINDOWS\System32\SET500.tmp deleted successfully.
C:\WINDOWS\System32\SET503.tmp deleted successfully.
C:\WINDOWS\System32\SET504.tmp deleted successfully.
C:\WINDOWS\System32\SET506.tmp deleted successfully.
C:\WINDOWS\System32\SET508.tmp deleted successfully.
C:\WINDOWS\System32\SET50B.tmp deleted successfully.
C:\WINDOWS\System32\SET50D.tmp deleted successfully.
C:\WINDOWS\System32\SET50E.tmp deleted successfully.
C:\WINDOWS\System32\SET510.tmp deleted successfully.
C:\WINDOWS\System32\SET511.tmp deleted successfully.
C:\WINDOWS\System32\SET512.tmp deleted successfully.
C:\WINDOWS\System32\SET513.tmp deleted successfully.
C:\WINDOWS\System32\SET515.tmp deleted successfully.
C:\WINDOWS\System32\SET516.tmp deleted successfully.
C:\WINDOWS\System32\SET517.tmp deleted successfully.
C:\WINDOWS\System32\SET519.tmp deleted successfully.
C:\WINDOWS\System32\SET51A.tmp deleted successfully.
C:\WINDOWS\System32\SET51B.tmp deleted successfully.
C:\WINDOWS\System32\SET51E.tmp deleted successfully.
C:\WINDOWS\System32\SET51F.tmp deleted successfully.
C:\WINDOWS\System32\SET520.tmp deleted successfully.
C:\WINDOWS\System32\SET521.tmp deleted successfully.
C:\WINDOWS\System32\SET522.tmp deleted successfully.
C:\WINDOWS\System32\SET523.tmp deleted successfully.
C:\WINDOWS\System32\SET524.tmp deleted successfully.
C:\WINDOWS\System32\SET525.tmp deleted successfully.
C:\WINDOWS\System32\SET529.tmp deleted successfully.
C:\WINDOWS\System32\SET52C.tmp deleted successfully.
C:\WINDOWS\System32\SET52F.tmp deleted successfully.
C:\WINDOWS\System32\SET533.tmp deleted successfully.
C:\WINDOWS\System32\SET535.tmp deleted successfully.
C:\WINDOWS\System32\SET536.tmp deleted successfully.
C:\WINDOWS\System32\SET537.tmp deleted successfully.
C:\WINDOWS\System32\SET539.tmp deleted successfully.
C:\WINDOWS\System32\SET53C.tmp deleted successfully.
C:\WINDOWS\System32\SET53E.tmp deleted successfully.
C:\WINDOWS\System32\SET540.tmp deleted successfully.
C:\WINDOWS\System32\SET541.tmp deleted successfully.
C:\WINDOWS\System32\SET543.tmp deleted successfully.
C:\WINDOWS\System32\SET54F.tmp deleted successfully.
C:\WINDOWS\System32\SET553.tmp deleted successfully.
C:\WINDOWS\System32\SET554.tmp deleted successfully.
C:\WINDOWS\System32\SET559.tmp deleted successfully.
C:\WINDOWS\System32\SET55E.tmp deleted successfully.
C:\WINDOWS\System32\SET56E.tmp deleted successfully.
C:\WINDOWS\System32\SET56F.tmp deleted successfully.
C:\WINDOWS\System32\SET574.tmp deleted successfully.
C:\WINDOWS\System32\SET57E.tmp deleted successfully.
C:\WINDOWS\System32\SET580.tmp deleted successfully.
C:\WINDOWS\System32\SET587.tmp deleted successfully.
C:\WINDOWS\System32\SET588.tmp deleted successfully.
C:\WINDOWS\System32\SET589.tmp deleted successfully.
C:\WINDOWS\System32\SET58B.tmp deleted successfully.
C:\WINDOWS\System32\SET58C.tmp deleted successfully.
C:\WINDOWS\System32\SET58D.tmp deleted successfully.
C:\WINDOWS\System32\SET58E.tmp deleted successfully.
C:\WINDOWS\System32\SET590.tmp deleted successfully.
C:\WINDOWS\System32\SET592.tmp deleted successfully.
C:\WINDOWS\System32\SET593.tmp deleted successfully.
C:\WINDOWS\System32\SET594.tmp deleted successfully.
C:\WINDOWS\System32\SET597.tmp deleted successfully.
C:\WINDOWS\System32\SET599.tmp deleted successfully.
C:\WINDOWS\System32\SET59E.tmp deleted successfully.
C:\WINDOWS\System32\SET59F.tmp deleted successfully.
C:\WINDOWS\System32\SET5A5.tmp deleted successfully.
C:\WINDOWS\System32\SET5A7.tmp deleted successfully.
C:\WINDOWS\System32\SET5AB.tmp deleted successfully.
C:\WINDOWS\System32\SET5AD.tmp deleted successfully.
C:\WINDOWS\System32\SET5AE.tmp deleted successfully.
C:\WINDOWS\System32\SET5B2.tmp deleted successfully.
C:\WINDOWS\System32\SET5B5.tmp deleted successfully.
C:\WINDOWS\System32\SET5B7.tmp deleted successfully.
C:\WINDOWS\System32\SET5B8.tmp deleted successfully.
C:\WINDOWS\System32\SET5B9.tmp deleted successfully.
C:\WINDOWS\System32\SET5BA.tmp deleted successfully.
C:\WINDOWS\System32\SET5BB.tmp deleted successfully.
C:\WINDOWS\System32\SET5BD.tmp deleted successfully.
C:\WINDOWS\System32\SET5BE.tmp deleted successfully.
C:\WINDOWS\System32\SET5BF.tmp deleted successfully.
C:\WINDOWS\System32\SET5C0.tmp deleted successfully.
C:\WINDOWS\System32\SET5C1.tmp deleted successfully.
C:\WINDOWS\System32\SET5C2.tmp deleted successfully.
C:\WINDOWS\System32\SET5C3.tmp deleted successfully.
C:\WINDOWS\System32\SET5C4.tmp deleted successfully.
C:\WINDOWS\System32\SET5C5.tmp deleted successfully.
C:\WINDOWS\System32\SET5C6.tmp deleted successfully.
C:\WINDOWS\System32\SET5C8.tmp deleted successfully.
C:\WINDOWS\System32\SET5CA.tmp deleted successfully.
C:\WINDOWS\System32\SET5CB.tmp deleted successfully.
C:\WINDOWS\System32\SET5CC.tmp deleted successfully.
C:\WINDOWS\System32\SET5CD.tmp deleted successfully.
C:\WINDOWS\System32\SET5CE.tmp deleted successfully.
C:\WINDOWS\System32\SET5D1.tmp deleted successfully.
C:\WINDOWS\System32\SET5D3.tmp deleted successfully.
C:\WINDOWS\System32\SET5D4.tmp deleted successfully.
C:\WINDOWS\System32\SET5D6.tmp deleted successfully.
C:\WINDOWS\System32\SET5DA.tmp deleted successfully.
C:\WINDOWS\System32\SET5DB.tmp deleted successfully.
C:\WINDOWS\System32\SET5DC.tmp deleted successfully.
C:\WINDOWS\System32\SET5DD.tmp deleted successfully.
C:\WINDOWS\System32\SET5DE.tmp deleted successfully.
C:\WINDOWS\System32\SET5E6.tmp deleted successfully.
C:\WINDOWS\System32\SET5EC.tmp deleted successfully.
C:\WINDOWS\System32\SET5F1.tmp deleted successfully.
C:\WINDOWS\System32\SET5F4.tmp deleted successfully.
C:\WINDOWS\System32\SET5F7.tmp deleted successfully.
C:\WINDOWS\System32\SET5F9.tmp deleted successfully.
C:\WINDOWS\System32\SET5FD.tmp deleted successfully.
C:\WINDOWS\System32\SET5FF.tmp deleted successfully.
C:\WINDOWS\System32\SET600.tmp deleted successfully.
C:\WINDOWS\System32\SET604.tmp deleted successfully.
C:\WINDOWS\System32\SET605.tmp deleted successfully.
C:\WINDOWS\System32\SET609.tmp deleted successfully.
C:\WINDOWS\System32\SET60A.tmp deleted successfully.
C:\WINDOWS\System32\SET612.tmp deleted successfully.
C:\WINDOWS\System32\SET615.tmp deleted successfully.
C:\WINDOWS\System32\SET619.tmp deleted successfully.
C:\WINDOWS\System32\SET61B.tmp deleted successfully.
C:\WINDOWS\System32\SET61D.tmp deleted successfully.
C:\WINDOWS\System32\SETAA.tmp deleted successfully.
C:\WINDOWS\System32\SETAC.tmp deleted successfully.
C:\WINDOWS\System32\SETAF.tmp deleted successfully.
C:\WINDOWS\system32\_004653_.tmp.dll moved successfully.
C:\WINDOWS\system32\_004621_.tmp.dll moved successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp:05EE1EEF deleted successfully.
ADS C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp

1B5B4F1 deleted successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ism_0_llatsni.pad moved successfully.
File C:\Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk not found.
C:\WINDOWS\Tasks\1-Klick-Wartung.job moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
An internal error occurred: The system cannot find the file specified.

Please contact Microsoft Product Support Services for further help.
Additional information: Unable to open registry key for tcpip.
C:\cmd.bat deleted successfully.
C:\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 28146567 bytes
->Temporary Internet Files folder emptied: 893430669 bytes
->Java cache emptied: 145068298 bytes
->FireFox cache emptied: 429519315 bytes
->Flash cache emptied: 1087 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Florian
->Temp folder emptied: 98664771 bytes
->Temporary Internet Files folder emptied: 69769602 bytes
->Java cache emptied: 1270068 bytes
->FireFox cache emptied: 193487362 bytes
->Flash cache emptied: 1971 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2132307 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 80392535 bytes

Total Files Cleaned = 1,852.00 mb

OTLPE by OldTimer - Version 3.1.48.0 log created on 08202012_191236

t'john · 20.08.2012, 17:47

Sehr gut!

Wie laeuft der Rechner?

1. Schritt

Bitte einen Vollscan mit Malwarebytes Anti-Malware machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Malwarebytes Anti-Malware
- Anwendbar auf Windows 2000, XP, Vista und 7.
- Installiere das Programm in den vorgegebenen Pfad.
- Aktualisiere die Datenbank!
- Aktiviere "Komplett Scan durchführen" => Scan.
- Wähle alle verfügbaren Laufwerke (ausser CD/DVD) aus und starte den Scan.
- Funde bitte löschen lassen oder in Quarantäne.
- Wenn der Scan beendet ist, klicke auf "Zeige Resultate".

danach:

2. Schritt

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Search.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Zomo89 · 21.08.2012, 15:09

Hallo t'john!

Hier die gewünschte Textdatei:

Zitat:

# AdwCleaner v1.801 - Logfile created 08/21/2012 at 16:06:08
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Florian - HOME-PC
# Boot Mode : Normal
# Running from : C:\Dokumente und Einstellungen\Florian\Eigene Dateien\Downloads\adwcleaner.exe
# Option [Search]

***** [Services] *****

***** [Files / Folders] *****

Folder Found : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
File Found : C:\Programme\Mozilla FireFox\Components\AskHPRFF.js

***** [Registry] *****

Key Found : HKLM\SOFTWARE\pdfforge.org

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [1009 octets] - [21/08/2012 16:06:08]

########## EOF - C:\AdwCleaner[R1].txt - [1137 octets] ##########

Hab gleich noch eine Frage:
Welches Virenprogramm empfiehlst du?
Freeware wie zB. Avira Antivir oder doch kaufen zB. Kaspersky?????

Danke für dein Hilfe

LG Daniel

t'john · 21.08.2012, 15:22

Bitte das Malwarebytes Logfile posten!
(Reiter Logberichte)

Zomo89 · 21.08.2012, 15:26

Malwarebytes Logfile:

Zitat:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.20.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Florian :: HOME-PC [Administrator]

20.08.2012 19:36:19
mbam-log-2012-08-20 (19-36-19).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 347764
Laufzeit: 2 Stunde(n), 4 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SYSTEM\CurrentControlSet\Services\SVKP (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
D:\backup2\Dokumente und Einstellungen\Administrator\Eigene Dateien\Daniel\Stress Relief.EXE (Joke.Stressreducer) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\WINDOWS\system32\SVKP.sys (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

t'john · 21.08.2012, 17:55

Sehr gut!

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Delete.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

danach:

Malware-Scan mit Emsisoft Anti-Malware

Lade die Gratisversion von => Emsisoft Anti-Malware herunter und installiere das Programm.
Lade über Jetzt Updaten die aktuellen Signaturen herunter.
Wähle den Freeware-Modus aus.

Wähle Detail Scan und starte über den Button Scan die Überprüfung des Computers.
Am Ende des Scans nichts loeschen lassen!. Mit Klick auf Bericht speichern das Logfile auf dem Desktop speichern und hier in den Thread posten.

Anleitung: http://www.trojaner-board.de/103809-...i-malware.html

Zomo89 · 21.08.2012, 19:36

Logdatei AdwCleaner:

Zitat:

# AdwCleaner v1.801 - Logfile created 08/21/2012 at 19:47:33
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Florian - HOME-PC
# Boot Mode : Normal
# Running from : C:\Dokumente und Einstellungen\Florian\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
File Deleted : C:\Programme\Mozilla FireFox\Components\AskHPRFF.js

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\pdfforge.org

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [1138 octets] - [21/08/2012 16:06:08]
AdwCleaner[S1].txt - [1062 octets] - [21/08/2012 19:47:33]

########## EOF - C:\AdwCleaner[S1].txt - [1190 octets] ##########

die 2te folgt... ;-)

t'john · 22.08.2012, 00:18

Emsisoft Log?

Zomo89 · 02.09.2012, 21:22

etwas verspätet hier das Log-File

Zitat:

Emsisoft Anti-Malware - Version 6.6
Letztes Update: 02.09.2012 13:53:23

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
Archiv Scan: An
ADS Scan: An

Scan Beginn: 02.09.2012 13:57:28

C:\_OTL\MovedFiles\08202012_191236\C_Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk gefunden: Trojan.LNK.Reveton!E2

Gescannt 611173
Gefunden 1

Scan Ende: 02.09.2012 21:48:42
Scan Zeit: 7:51:14

C:\_OTL\MovedFiles\08202012_191236\C_Dokumente und Einstellungen\Florian\Startmenü\Programme\Autostart\ctfmon.lnk Quarantäne Trojan.LNK.Reveton!E2

Quarantäne 1

t'john · 03.09.2012, 19:32

Sehr gut!

Deinstalliere:
Emsisoft Anti-Malware

ESET Online Scanner

Vorbereitung

Schließe evtl. vorhandene externe Festplatten und/oder sonstigen Wechselmedien (z. B. evtl. vorhandene USB-Sticks) an den Rechner an.
Bitte während des Online-Scans Anti-Virus-Programm und Firewall deaktivieren.
Vista/Win7-User: Bitte den Browser unbedingt als Administrator starten.

Los geht's

Lade und starte Eset Smartinstaller
Haken setzen bei YES, I accept the Terms of Use.
Klick auf Start.
Haken setzen bei Remove found threads und Scan archives.
Klick auf Start.
Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Finish drücken.
Browser schließen.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (manchmal auch C:\Programme\Eset\log.txt) suchen und mit Deinem Editor öffnen.
Logfile hier posten.
Deinstallation: Systemsteuerung => Software => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

t'john · 24.10.2012, 08:44

Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.

21.08.2012, 15:22	#7
t'john /// Helfer-Team	Cyber Crime Investigation Department - OTL-txt Bitte das Malwarebytes Logfile posten! (Reiter Logberichte) __________________ Mfg, t'john Das TB unterstützen

22.08.2012, 00:18	#11
t'john /// Helfer-Team	Cyber Crime Investigation Department - OTL-txt Emsisoft Log? __________________ Mfg, t'john Das TB unterstützen

Cyber Crime Investigation Department - OTL-txt

Log-Analyse und Auswertung: Cyber Crime Investigation Department - OTL-txt