Versteckte Viren, aber wo?

Burak92 · 23.06.2010, 17:12

Danke für die schnelle Antwort !

Als erstens poste ich mal die Malwarebytzes-Logfile.

Zitat:

6/18/2010 23:41:39
mbam-log-2010-06-18 (23-41-39).txt

Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|)
Durchsuchte Objekte: 144636
Laufzeit: 23 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 1

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Documents and Settings\Administrator\Desktop\Yükleme\flaxp\FlashFXP v3.7.2 Build 1270\KeyGen.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

Das ist 5 Tage alt, solltet ihr neues wollen, werde ich heute den Stand von heute hierhin posten. Mein neues Betriebssystem ist fast 1 Monat alt, und schon der Kampf gegen die Viren

Das OLT-Logfile folgt ....

Burak92 · 23.06.2010, 17:19

OHL-Logfile part 1 !!

Zitat:

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 62.78 Gb Free Space | 84.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: CONAXEDITION
Current User Name: Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Documents and Settings\Administrator\Belgelerim\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Documents and Settings\Administrator\Application Data\OCS\SM\SearchAnonymizerHelper.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\RocketDock\RocketDock.exe ()
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)

========== Modules (SafeList) ==========

MOD - C:\Documents and Settings\Administrator\Belgelerim\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Program Files\RocketDock\RocketDock.dll ()

========== Win32 Services (SafeList) ==========

SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (SearchAnonymizer) -- C:\Documents and Settings\Administrator\Application Data\OCS\SM\SearchAnonymizerHelper.exe ()
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe ()
SRV - (ICQ Service) -- C:\Program Files\ICQ6Toolbar\ICQ Service.exe ()
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)

========== Driver Services (SafeList) ==========

DRV - (AvgTdiX) -- C:\WINDOWS\system32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\WINDOWS\system32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgLdx86) -- C:\WINDOWS\system32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (pavboot) -- C:\WINDOWS\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation )

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.825
FF - prefs.js..extensions.enabledItems: avg@igeared:4.504.019.002
FF - prefs.js..extensions.enabledItems: {5C46D283-ABDE-4dce-B83C-08881401921C}:2.0.6
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100503
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7.3
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:1.1.2
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="

FF - HKLM\software\mozilla\Firefox\extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG9\Firefox [2010/06/19 14:26:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\extensions\\avg@igeared: C:\Program Files\AVG\AVG9\Toolbar\Firefox\avg@igeared [2010/06/19 10:37:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/05/02 20:03:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/14 10:10:13 | 000,000,000 | ---D | M]

[2010/05/02 20:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2010/06/22 19:35:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\extensions
[2010/06/19 10:52:26 | 000,000,000 | ---D | M] (Google Shortcuts) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}
[2010/05/24 18:09:17 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/06/16 15:57:32 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010/06/19 10:52:26 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010/06/19 10:52:26 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010/05/22 23:27:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/19 10:52:26 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/06/16 16:01:25 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\searchplugins\icqplugin-1.xml
[2010/05/12 18:40:06 | 000,001,042 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\searchplugins\icqplugin.xml
[2010/05/24 00:27:08 | 000,000,616 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\searchplugins\{072499D9-FD14-460A-8712-447BE28C6508}.xml
[2010/05/24 00:27:07 | 000,000,601 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\searchplugins\{2ADCAF4C-D1FA-416A-A3D0-82A7EA53418A}.xml
[2010/05/24 00:27:07 | 000,000,642 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\0y8zzl9w.default\searchplugins\{651D4E95-8BAF-4A76-A383-CB9C9861A54F}.xml
[2010/06/22 09:55:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/24 00:27:07 | 000,000,848 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/05/24 00:27:07 | 000,000,729 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/05/24 00:27:07 | 000,000,716 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/05/24 00:27:07 | 000,000,803 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/05/24 00:27:07 | 000,000,703 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2001/11/22 16:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRemoteRecursiveEvents = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMMyPictures = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStrCmpLogical = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O8 - Extra context menu item: Easy-WebPrint Add To Print List - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint High Speed Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Preview - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint Print - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop Components:1 (Geçerli Giriş Sayfam) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010/04/30 16:53:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{a689cdd9-77ee-11df-a824-0013d3b323b7}\Shell\AutoRun\command - "" = l61yyp.exe
O33 - MountPoints2\{a689cdd9-77ee-11df-a824-0013d3b323b7}\Shell\open\Command - "" = l61yyp.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/06/23 17:26:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\dwhelper
[2010/06/22 09:55:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Search Settings
[2010/06/22 09:54:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\pdfforge
[2010/06/21 23:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2010/06/21 23:52:28 | 000,000,000 | ---D | C] -- C:\Program Files\pdfforge Toolbar
[2010/06/21 23:49:39 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCTL.OCX
[2010/06/21 23:49:39 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCOMCT2.OCX
[2010/06/21 23:49:39 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMAPI32.OCX
[2010/06/21 23:49:37 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCMCDE.DLL
[2010/06/21 23:49:37 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VB6DE.DLL
[2010/06/21 23:49:37 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSCC2DE.DLL
[2010/06/21 23:49:36 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSMPIDE.DLL
[2010/06/21 23:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2010/06/21 22:21:49 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Administrator\Recent
[2010/06/21 21:43:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/06/21 21:43:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
[2010/06/21 21:43:12 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2010/06/21 21:39:40 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/06/21 21:39:39 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/06/21 21:39:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/21 15:24:31 | 000,306,688 | ---- | C] (InstallShield Software Corporation ) -- C:\WINDOWS\IsUn0407.exe
[2010/06/21 15:24:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\WINDOWS
[2010/06/19 11:07:56 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\System32\drivers\pavboot.sys
[2010/06/19 10:43:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\AVG Security Toolbar
[2010/06/19 10:37:50 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/06/19 10:37:49 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/06/19 10:37:41 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/06/19 10:37:40 | 000,029,584 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/06/19 10:37:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg
[2010/06/19 10:37:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
[2010/06/19 02:28:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Belgelerim\Yeni Klasör
[2010/06/18 22:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
[2010/06/18 22:51:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/06/18 12:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
[2010/06/18 12:23:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Apple Computer
[2010/06/18 12:23:05 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2010/06/18 12:23:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/06/18 12:22:53 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/06/18 12:22:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/06/18 12:22:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple
[2010/06/18 12:22:05 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/06/18 12:22:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/06/18 02:15:00 | 000,000,000 | ---D | C] -- C:\Program Files\DreamBoxEdit
[2010/06/17 20:31:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Yükleme
[2010/06/17 16:00:49 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/06/16 15:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\ICQ7.2
[2010/06/16 00:19:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Uniblue
[2010/06/16 00:14:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\OpenCandy
[2010/06/16 00:14:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\OpenCandy
[2010/06/16 00:14:41 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2010/06/15 22:45:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\TeamViewer
[2010/06/15 22:45:30 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010/06/14 22:56:05 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Desktop\Mp3
[2010/06/09 18:08:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Belgelerim\Dokumente
[2010/06/09 17:59:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2010/06/09 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/06/09 17:58:56 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/06/09 17:58:03 | 000,000,000 | ---D | C] -- C:\Program Files\Carambis
[2010/06/09 17:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
[2010/06/09 17:42:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2010/06/09 17:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SendTo
[2010/06/09 17:06:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\forms
[2010/06/09 17:06:06 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Messaging
[2010/06/09 17:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/06/09 16:26:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\.thumbnails
[2010/06/06 13:35:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2010/06/06 13:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft IntelliPoint
[2010/06/06 13:33:24 | 000,000,000 | ---D | C] -- C:\f09bdc3d600355b379
[2010/05/25 21:06:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Octoshape
[2010/05/24 18:19:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\KodakGallery
[2010/05/24 18:18:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Skinux
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/06/23 18:09:44 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\prvlcl.dat
[2010/06/23 17:54:03 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/06/23 17:54:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/06/23 17:53:58 | 502,845,440 | -HS- | M] () -- C:\hiberfil.sys
[2010/06/23 17:27:34 | 002,359,296 | -H-- | M] () -- C:\Documents and Settings\Administrator\NTUSER.DAT
[2010/06/23 17:27:34 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\Administrator\ntuser.ini
[2010/06/23 17:23:55 | 061,357,259 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/06/23 01:03:24 | 003,236,224 | -H-- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\IconCache.db
[2010/06/21 22:43:41 | 000,049,152 | ---- | M] () -- C:\WINDOWS\outlook.pst
[2010/06/21 22:43:09 | 000,000,866 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/06/21 22:43:01 | 000,008,178 | ---- | M] () -- C:\WINDOWS\extend.dat
[2010/06/21 15:21:43 | 000,002,736 | ---- | M] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/06/19 12:24:47 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2010/06/19 12:24:45 | 000,029,584 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2010/06/19 10:37:50 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll
[2010/06/19 10:37:41 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2010/06/19 10:37:40 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/06/18 12:23:12 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/06/18 12:22:18 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/18 11:49:41 | 000,000,157 | -H-- | M] () -- C:\Documents and Settings\Administrator\Desktop\.~lock.yeni serverler ay lar.doc#
[2010/06/18 07:35:43 | 000,120,872 | ---- | M] () -- C:\WINDOWS\System32\MSForms.TWD
[2010/06/16 01:11:03 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\winscp.rnd
[2010/06/16 00:15:32 | 000,000,767 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[2010/06/14 15:33:03 | 000,000,140 | ---- | M] () -- C:\WINDOWS\SwLoader_OCTAGON_German-DE_Ver_1.012.INI
[2010/06/09 17:34:22 | 000,015,348 | ---- | M] () -- C:\WINDOWS\Administrator.acl
[2010/06/09 17:08:57 | 000,593,920 | -H-- | M] () -- C:\ffastun0.ffx
[2010/06/09 17:08:57 | 000,106,496 | -H-- | M] () -- C:\ffastun.ffl
[2010/06/09 17:08:57 | 000,053,248 | -H-- | M] () -- C:\ffastun.ffo
[2010/06/09 17:08:57 | 000,004,917 | -H-- | M] () -- C:\ffastun.ffa
[2010/06/09 17:07:28 | 000,005,691 | ---- | M] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/06/09 17:07:20 | 000,000,022 | ---- | M] () -- C:\WINDOWS\exchng.ini
[2010/06/09 17:07:18 | 000,004,348 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/09 17:07:18 | 000,000,634 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/06/09 17:07:13 | 000,069,632 | ---- | M] () -- C:\WINDOWS\System32\system.mdw
[2010/06/06 13:37:10 | 000,024,232 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2010/06/06 13:36:49 | 000,149,200 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/02 13:45:50 | 000,000,573 | ---- | M] () -- C:\WINDOWS\eReg.dat
[2010/05/24 19:36:15 | 001,884,160 | R--- | M] () -- C:\Documents and Settings\All Users\Belgeler\ESBK.mbb
[2010/05/24 19:36:15 | 001,063,936 | R--- | M] () -- C:\Documents and Settings\All Users\Belgeler\ESBK.mb
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/06/22 23:16:02 | 502,845,440 | -HS- | C] () -- C:\hiberfil.sys
[2010/06/21 23:49:39 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010/06/21 22:43:01 | 000,008,178 | ---- | C] () -- C:\WINDOWS\extend.dat
[2010/06/21 15:21:43 | 000,002,736 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2010/06/19 19:19:43 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\prvlcl.dat
[2010/06/19 10:37:40 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm
[2010/06/19 10:37:31 | 061,357,259 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm
[2010/06/18 12:23:12 | 000,001,854 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/06/18 12:22:18 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/06/18 11:49:41 | 000,000,157 | -H-- | C] () -- C:\Documents and Settings\Administrator\Desktop\.~lock.yeni serverler ay lar.doc#
[2010/06/18 07:35:43 | 000,120,872 | ---- | C] () -- C:\WINDOWS\System32\MSForms.TWD
[2010/06/16 00:15:32 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryBooster.lnk
[2010/06/16 00:14:58 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\winscp.rnd
[2010/06/14 15:33:03 | 000,000,140 | ---- | C] () -- C:\WINDOWS\SwLoader_OCTAGON_German-DE_Ver_1.012.INI
[2010/06/10 14:49:59 | 000,049,152 | ---- | C] () -- C:\WINDOWS\outlook.pst
[2010/06/09 17:34:22 | 000,015,348 | ---- | C] () -- C:\WINDOWS\Administrator.acl
[2010/06/09 17:08:57 | 000,593,920 | -H-- | C] () -- C:\ffastun0.ffx
[2010/06/09 17:08:57 | 000,053,248 | -H-- | C] () -- C:\ffastun.ffo
[2010/06/09 17:08:57 | 000,004,917 | -H-- | C] () -- C:\ffastun.ffa
[2010/06/09 17:07:41 | 000,106,496 | -H-- | C] () -- C:\ffastun.ffl
[2010/06/09 17:07:20 | 000,000,022 | ---- | C] () -- C:\WINDOWS\exchng.ini
[2010/06/09 17:07:18 | 000,005,691 | ---- | C] () -- C:\WINDOWS\System32\mapisvc.inf
[2010/06/09 17:07:17 | 000,000,634 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/06/09 17:07:13 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\system.mdw
[2010/06/02 13:45:50 | 000,000,573 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/05/24 18:18:53 | 001,884,160 | R--- | C] () -- C:\Documents and Settings\All Users\Belgeler\ESBK.mbb
[2010/05/24 18:18:53 | 001,063,936 | R--- | C] () -- C:\Documents and Settings\All Users\Belgeler\ESBK.mb
[2010/05/07 10:17:28 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\CNMVS7L.DLL
[2010/04/30 19:38:02 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2010/04/30 16:54:16 | 000,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2010/04/30 16:48:44 | 000,000,147 | ---- | C] () -- C:\WINDOWS\System32\cpuz.ini
[2008/05/05 11:48:48 | 000,000,296 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/03/25 13:05:24 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\lang-1055.dll
[1996/12/14 00:00:00 | 000,025,600 | ---- | C] () -- C:\WINDOWS\System32\VADE232.DLL
[1996/12/14 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\ODBCSTF.DLL
[1996/12/14 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1996/12/14 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL

ist aber schon viel

Burak92 · 23.06.2010, 17:21

OHL-Logfile part 2

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 6/23/2010 18:14:22 - Run 1
OTL by OldTimer - Version 3.2.6.1     Folder = C:\Documents and Settings\Administrator\Belgelerim\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 0000041f | Country: Türkiye | Language: TRK | Date Format: M/d/yyyy
 
479.00 Mb Total Physical Memory | 170.00 Mb Available Physical Memory | 35.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 63.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.52 Gb Total Space | 62.78 Gb Free Space | 84.24% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: CONAXEDITION
Current User Name: Administrator
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE ()
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 ()
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 ()
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 ()
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 ()
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" ()
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 ()
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 ()
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 1
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- File not found
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ7.1\ICQ.exe" = C:\Program Files\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- File not found
"C:\Program Files\ICQ7.1\aolload.exe" = C:\Program Files\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- File not found
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Rockstar Games\Midnight Club II Demo\mc2_demo.exe" = C:\Program Files\Rockstar Games\Midnight Club II Demo\mc2_demo.exe:*:Enabled:mc2_demo -- ()
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Documents and Settings\Administrator\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Administrator\Application Data\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client -- (Octoshape ApS)
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\WinSCP\WinSCP.exe" = C:\Program Files\WinSCP\WinSCP.exe:*:Enabled:WinSCP: SFTP, FTP and SCP client -- (Martin Prikryl)
"C:\Program Files\ICQ7.2\ICQ.exe" = C:\Program Files\ICQ7.2\ICQ.exe:*:Enabled:ICQ7.2 -- (ICQ, LLC.)
"C:\Program Files\ICQ7.2\aolload.exe" = C:\Program Files\ICQ7.2\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Documents and Settings\Administrator\Desktop\Hauptmenü\Controllcenter\AZ.exe" = C:\Documents and Settings\Administrator\Desktop\Hauptmenü\Controllcenter\AZ.exe:*:Enabled:Dreambox Control Center -- (BernyR)
"C:\Documents and Settings\Administrator\Desktop\Controllcenter\AZ.exe" = C:\Documents and Settings\Administrator\Desktop\Controllcenter\AZ.exe:*:Enabled:Dreambox Control Center -- File not found
"C:\Documents and Settings\Administrator\Desktop\Yükleme\DreamUP_1_3_3_5.exe" = C:\Documents and Settings\Administrator\Desktop\Yükleme\DreamUP_1_3_3_5.exe:*:Enabled:DreamUP_1_3_3_5 -- File not found
"C:\Documents and Settings\Administrator\Desktop\DreamUP_1_3_3_5.exe" = C:\Documents and Settings\Administrator\Desktop\DreamUP_1_3_3_5.exe:*:Enabled:DreamUP_1_3_3_5 -- File not found
"C:\Program Files\FlashFXP\FlashFXP.exe" = C:\Program Files\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3 -- (IniCom Networks, Inc.)
"C:\Documents and Settings\Administrator\Desktop\DreamUP_1.3.3.5\DreamUP_1_3_3_5.exe" = C:\Documents and Settings\Administrator\Desktop\DreamUP_1.3.3.5\DreamUP_1_3_3_5.exe:*:Disabled:DreamUP_1_3_3_5 -- File not found
"C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.)
"C:\Documents and Settings\Administrator\Desktop\DreamUP_1_3_3_4\DreamUP_1_3_3_4\DreamUP.exe" = C:\Documents and Settings\Administrator\Desktop\DreamUP_1_3_3_4\DreamUP_1_3_3_4\DreamUP.exe:*:Enabled:DreamUP -- File not found
"C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX00.750\DCC_E2.exe" = C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX00.750\DCC_E2.exe:*:Enabled:Dreambox Control Center -- File not found
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{02BC140F-504C-4DB5-B581-FD2920BBE363}" = Midnight Club II Demo
"{0CB9668D-F979-4F31-B8B8-67FE90F929F8}" = Bonjour
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{542068F1-9AAE-4E1B-8ACA-094FE03728BE}" = Carambis Driver Updater
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{5791B7D3-8B34-4218-9750-6A8E45D0AD32}" = pdfforge Toolbar v1.1.2
"{5C209D68-1411-4725-8CDE-1676A85E083E}_is1" = ICQ Contact Revealer 1.0
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}" = Microsoft IntelliPoint 7.1
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Extreme Graphics 2 Driver
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AFAC914D-9E83-4A89-8ABE-427521C82CCF}" = Safari
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2D328BE-45AD-4D92-96F9-2151490A203E}" = Apple Application Support
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{BA4DF4C3-196E-4128-969A-00996B5A46F8}" = Canon MP500
"{C1A80F67-656F-4DF3-A6C4-DE18A47477C5}_is1" = ICQ Away Reader 1.4
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare Software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Acrobat 4.0" = Adobe Acrobat 4.0
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AVG9Uninstall" = AVG Free 9.0
"CCleaner" = CCleaner
"DivX Setup.divx.com" = DivX-Setup
"DreamBoxEdit" = DreamBoxEdit -- The one and only settings editor for your Dreambox
"Easy-PhotoPrint" = Canon Utilities Easy-PhotoPrint
"Easy-WebPrint" = Easy-WebPrint
"ICQToolbar" = ICQ Toolbar
"IsoBuster_is1" = IsoBuster 2.7
"MakeISO right click extensions" = MakeISO right click extensions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MP Navigator 2.0" = Canon MP Navigator 2.0
"Office8.0" = Microsoft Office 97, Professional Edition
"Robin Hood: The Legend Of Sherwood" = Robin Hood: The Legend Of Sherwood
"RocketDock_is1" = RocketDock 1.3.5
"SearchAnonymizer" = SearchAnonymizer
"TeamViewer 5" = TeamViewer 5
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"winscp3_is1" = WinSCP 4.2.7
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape Streaming Services" = Octoshape Streaming Services
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 4/30/2010 09:54:14 | Computer Name = CONAXEDITION | Source = PerfNet | ID = 2004
Description = Sunucu hizmeti açılamıyor. Suınucu performans  verileri döndürülemeyecek.
 Döndürülen hata kodu,  DWORD 0 verisinde.
 
Error - 5/7/2010 03:10:02 | Computer Name = CONAXEDITION | Source = MsiInstaller | ID = 11305
Description = Product: OmniPage SE -- Error 1305.Error reading from file C:\Program
 Files\ScanSoft\OmniPageSE2.0\Guide BRA.pdf.  Verify that the file exists and that
 you can access it.
 
Error - 5/7/2010 03:11:26 | Computer Name = CONAXEDITION | Source = MsiInstaller | ID = 11305
Description = Product: OmniPage SE -- Error 1305.Error reading from file C:\Program
 Files\ScanSoft\OmniPageSE2.0\Guide BRA.pdf.  Verify that the file exists and that
 you can access it.
 
Error - 5/7/2010 03:12:21 | Computer Name = CONAXEDITION | Source = MsiInstaller | ID = 11305
Description = Product: OmniPage SE -- Error 1305.Error reading from file C:\Program
 Files\ScanSoft\OmniPageSE2.0\Guide BRA.pdf.  Verify that the file exists and that
 you can access it.
 
Error - 5/7/2010 03:13:19 | Computer Name = CONAXEDITION | Source = MsiInstaller | ID = 11305
Description = Product: OmniPage SE -- Error 1305.Error reading from file C:\Program
 Files\ScanSoft\OmniPageSE2.0\Guide BRA.pdf.  Verify that the file exists and that
 you can access it.
 
Error - 5/7/2010 03:15:11 | Computer Name = CONAXEDITION | Source = MsiInstaller | ID = 11305
Description = Product: OmniPage SE -- Error 1305.Error reading from file C:\Program
 Files\ScanSoft\OmniPageSE2.0\Guide BRA.pdf.  Verify that the file exists and that
 you can access it.
 
Error - 5/7/2010 03:16:02 | Computer Name = CONAXEDITION | Source = MsiInstaller | ID = 11305
Description = Product: OmniPage SE -- Error 1305.Error reading from file C:\Program
 Files\ScanSoft\OmniPageSE2.0\Guide BRA.pdf.  Verify that the file exists and that
 you can access it.
 
Error - 5/7/2010 03:16:49 | Computer Name = CONAXEDITION | Source = MsiInstaller | ID = 11305
Description = Product: OmniPage SE -- Error 1305.Error reading from file C:\Program
 Files\ScanSoft\OmniPageSE2.0\Guide BRA.pdf.  Verify that the file exists and that
 you can access it.
 
[ System Events ]
Error - 6/13/2010 12:38:39 | Computer Name = CONAXEDITION | Source = SideBySide | ID = 16842811
Description = Generate Activation Context tarafından başarılamayan C:\Program Files\RocketDock\RocketDock.dll.
Başvuru
 hata iletisi: İşlem başarıyla tamamlandı.  .
 
Error - 6/16/2010 03:22:54 | Computer Name = CONAXEDITION | Source = Ntfs | ID = 262199
Description = Diskteki dosya sistemi yapısı bozuk ve kullanılamaz durumda.  C: birimindeki
 chkdsk yardımcı programını çalıştırın.
 
Error - 6/18/2010 16:15:43 | Computer Name = CONAXEDITION | Source = sptd | ID = 262148
Description = Sürücü,  için kullandığı veri yapılarında bir iç hata belirledi.
 
Error - 6/18/2010 16:15:53 | Computer Name = CONAXEDITION | Source = DCOM | ID = 10005
Description = DCOM EventSystem hizmetini "" değişkenleriyle başlatmaya çalışırken
 "%1084" hatasını aldı  ve sunucuyu çalıştıramadı:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 6/18/2010 16:15:56 | Computer Name = CONAXEDITION | Source = DCOM | ID = 10005
Description = DCOM netman hizmetini "" değişkenleriyle başlatmaya çalışırken "%1084"
 hatasını aldı  ve sunucuyu çalıştıramadı:  {BA126AE5-2166-11D1-B1D0-00805FC1270E}
 
Error - 6/18/2010 16:41:57 | Computer Name = CONAXEDITION | Source = DCOM | ID = 10005
Description = DCOM EventSystem hizmetini "" değişkenleriyle başlatmaya çalışırken
 "%1084" hatasını aldı  ve sunucuyu çalıştıramadı:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 6/22/2010 15:28:32 | Computer Name = CONAXEDITION | Source = DCOM | ID = 10005
Description = DCOM EventSystem hizmetini "" değişkenleriyle başlatmaya çalışırken
 "%1084" hatasını aldı  ve sunucuyu çalıştıramadı:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error - 6/22/2010 15:28:36 | Computer Name = CONAXEDITION | Source = DCOM | ID = 10005
Description = DCOM netman hizmetini "" değişkenleriyle başlatmaya çalışırken "%1084"
 hatasını aldı  ve sunucuyu çalıştıramadı:  {BA126AE5-2166-11D1-B1D0-00805FC1270E}
 
Error - 6/22/2010 15:29:38 | Computer Name = CONAXEDITION | Source = DCOM | ID = 10005
Description = DCOM StiSvc hizmetini "" değişkenleriyle başlatmaya çalışırken "%1084"
 hatasını aldı  ve sunucuyu çalıştıramadı:  {A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error - 6/22/2010 16:15:01 | Computer Name = CONAXEDITION | Source = DCOM | ID = 10005
Description = DCOM EventSystem hizmetini "" değişkenleriyle başlatmaya çalışırken
 "%1084" hatasını aldı  ve sunucuyu çalıştıramadı:  {1BE1F766-5536-11D1-B726-00C04FB926AF}
 
 
< End of report >

--- --- ---

Also ich habe hier kein überblick, hoffe ihr findet was verdächtiges !
Danke !

Versteckte Viren, aber wo?

Log-Analyse und Auswertung: Versteckte Viren, aber wo?