Trojaner-Board - 100 Euro Trojaner WIN xp 64 bit

Hallo

Habe OTL PE zum laufen bekommen aber beim scan zeigt er schon Fehler an.

OTLPE:OTLPE:exe -Bad Image

Log file habe ich erstellt nachdem ich die Meldung immer weiter geklickt habe.

INIT:

INITLOG

Date: Sun 06/24/2012
Time: 12:56:20.42

[RAM initialization]
- 12:56:20.43: Start
- ReFormated=true
- Compressed=false
- 12:56:20.45: Starting RAMDRV Data Transfer
- Decompressing 7z SFX: X:\SFX\profiles-7z.exe
- Decompressing 7z SFX: X:\SFX\shortcuts-7z.exe to "B:\Documents and Settings"
- Decompressing 7z SFX: "X:\SFX\commonappdata-7z.exe" to "B:\Documents and Settings\All Users\Application Data"
- 12:56:22.50: RamDrv Data transfer completed

[PnP Hardware Detection]
- 12:56:23.28 Start
Detection : basic
Detection Cmd : bartpe -pnp
- 12:56:24.01 Running "bartpe -pnp "
Found Device: PCI\VEN_10DE&DEV_0568&SUBSYS_82E81043&REV_A1\3&2411E6FE&0&0C
PCI standard RAM Controller
Found Device: PCI\VEN_10DE&DEV_0614&SUBSYS_14661462&REV_A2\4&3117C7BB&0&0080
No DriverNodes found for device.
Found Device: PCI\VEN_10DE&DEV_0751&SUBSYS_82E81043&REV_A1\3&2411E6FE&0&0A
PCI standard RAM Controller
Found Device: PCI\VEN_10DE&DEV_0752&SUBSYS_82E81043&REV_A1\3&2411E6FE&0&09
No DriverNodes found for device.
Found Device: PCI\VEN_10DE&DEV_0753&SUBSYS_82E81043&REV_A2\3&2411E6FE&0&0B
No DriverNodes found for device.
Found Device: PCI\VEN_10DE&DEV_0754&SUBSYS_82E81043&REV_A2\3&2411E6FE&0&00
PCI standard RAM Controller
Found Device: PCI\VEN_10DE&DEV_0760&SUBSYS_82E81043&REV_A2\3&2411E6FE&0&50
NVIDIA nForce Networking Controller
Found Device: PCI\VEN_10DE&DEV_0774&SUBSYS_82FE1043&REV_A1\3&2411E6FE&0&38
No DriverNodes found for device.
Found Device: USB\VID_1395&PID_0002&MI_00\6&39EAA8F8&0&0000
No DriverNodes found for device.
- 12:56:35.18 Completed

[Display Settings]
- Current Settings : [1024x768, 32 bits @ 1 Hz]
- Settings requested : [1024x768, 32 bits @ 85 Hz]
- No matching display mode found.
- Trying: qres.exe /x:1024 /y:768

[Networking]
- 12:56:37.23: Start

Use PENetCFG : false
Use NetConfig : false
Sharing : false
RAS Services : false
Wireless Services : false

- 12:56:37.35: Setting Computer Name (Reatogo, NONE)
- 12:56:37.93: Setting Administrator Pass
The command completed successfully.

- 12:56:38.53: Installing Tcp/Ip protocol
OK
- 12:56:42.04: Installing MSClient protocol
OK
- 12:56:43.82: Starting Tcp/IP service

The TCP/IP Protocol Driver service was started successfully.

OK
- 12:56:44.35: Starting DHCP service
The DHCP Client service is starting.
The DHCP Client service was started successfully.

OK
- 12:56:46.85: Starting NLA service
The Network Location Awareness (NLA) service is starting.
The Network Location Awareness (NLA) service was started successfully.

OK
- 12:56:49.04: Starting LMHOSTS service
The TCP/IP NetBIOS Helper service is starting.
The TCP/IP NetBIOS Helper service was started successfully.

OK
- 12:56:51.15 Network Configuration Completed
Fixing IE path in StartMenuInternet

[Shortcut Creation]
- 12:57:11.92: Begin
- 12:57:12.04: End

OTL:
OTL logfile created on: 6/24/2012 1:01:26 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Microsoft Windows XP Service Pack 2 (Version = 5.2.3790) - Type = SYSTEM
Internet Explorer (Version = 6.0.3790.3959)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy

2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 85.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): [Binary data over 100 bytes]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107.41 Gb Total Space | 20.95 Gb Free Space | 19.51% Space Free | Partition Type: NTFS
Drive D: | 596.17 Gb Total Space | 477.42 Gb Free Space | 80.08% Space Free | Partition Type: NTFS
Drive E: | 47.00 Gb Total Space | 25.98 Gb Free Space | 55.28% Space Free | Partition Type: NTFS
Drive F: | 78.46 Gb Total Space | 76.35 Gb Free Space | 97.32% Space Free | Partition Type: NTFS
Drive G: | 3.72 Gb Total Space | 2.85 Gb Free Space | 76.46% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/05/08 09:15:02 | 000,185,856 | ---- | M] () [Auto] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV:64bit: - [2012/03/06 20:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/02/09 23:17:36 | 000,186,176 | ---- | M] (NVIDIA Corporation) [Auto] -- C:\WINDOWS\system32\nvsvc64.exe -- (NVSvc)
SRV:64bit: - [2007/02/18 11:01:10 | 000,659,968 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV:64bit: - [2007/02/17 01:05:28 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV:64bit: - [2007/02/17 00:59:48 | 000,113,152 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV:64bit: - [2007/02/17 00:56:32 | 000,231,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV:64bit: - [2007/02/17 00:55:42 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV:64bit: - [2007/02/17 00:54:26 | 000,224,256 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV:64bit: - [2007/02/17 00:54:26 | 000,224,256 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV:64bit: - [2007/02/17 00:53:58 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV:64bit: - [2007/02/17 00:41:30 | 000,794,112 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV:64bit: - [2007/02/17 00:40:04 | 000,160,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV:64bit: - [2007/02/17 00:40:04 | 000,160,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV:64bit: - [2007/02/17 00:38:26 | 000,057,344 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV:64bit: - [2007/02/17 00:17:20 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV:64bit: - [2007/02/17 00:17:14 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV:64bit: - [2007/02/17 00:03:14 | 000,285,184 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007/02/17 00:03:10 | 001,051,648 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV:64bit: - [2005/03/25 04:00:00 | 000,049,664 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV:64bit: - [2005/03/25 04:00:00 | 000,034,816 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV:64bit: - [2005/03/25 04:00:00 | 000,031,744 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV:64bit: - [2005/03/25 04:00:00 | 000,029,696 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV:64bit: - [2005/03/25 04:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV:64bit: - [2005/03/25 04:00:00 | 000,008,704 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2012/06/19 13:44:42 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/05/03 05:42:46 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/03/28 00:24:54 | 001,148,632 | ---- | M] (Crawler.com) [Auto] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2012/02/28 11:38:54 | 002,343,816 | ---- | M] (LogMeIn Inc.) [Auto] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012/02/14 10:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [Disabled] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012/02/10 00:12:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Disabled] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2010/11/30 08:49:22 | 000,075,136 | ---- | M] () [Disabled] -- C:\WINDOWS\SysWow64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/08/23 15:44:00 | 003,983,992 | ---- | M] (INCA Internet Co., Ltd.) [Disabled] -- C:\WINDOWS\SysWow64\GameMon.des -- (npggsvc)
SRV - [2010/03/18 08:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 09:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 08:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/11/06 08:24:54 | 000,282,728 | ---- | M] (NVIDIA) [Disabled] -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe -- (UpdateCenterService)
SRV - [2009/11/06 08:13:20 | 000,276,584 | ---- | M] (NVIDIA) [Auto] -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe -- (nTuneService)
SRV - [2008/07/25 05:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/02/17 00:44:20 | 000,077,312 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/06 14:15:10 | 000,038,632 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\taphss.sys -- (taphss)
DRV:64bit: - [2011/03/18 09:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 09:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2011/02/24 13:21:10 | 006,640,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTKHDA64.SYS -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV:64bit: - [2011/02/12 16:02:29 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/06/25 13:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF) WinPcap Packet Driver (NPF)
DRV:64bit: - [2010/06/23 12:44:41 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/11/18 02:19:00 | 001,801,304 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambft64.sys -- (Ambfilt64)
DRV:64bit: - [2009/11/18 02:17:00 | 001,861,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monft64.sys -- (Monfilt64)
DRV:64bit: - [2009/09/16 02:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tap0901t.sys -- (tap0901t) TAP-Win32 Adapter V9 (Tunngle)
DRV:64bit: - [2009/09/15 08:59:30 | 000,042,088 | ---- | M] (NVIDIA Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvoclk64.sys -- (nvoclk64)
DRV:64bit: - [2009/08/07 17:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\sandra.sys -- (SANDRA)
DRV:64bit: - [2009/03/18 10:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/01/29 00:38:08 | 000,074,496 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV:64bit: - [2008/01/29 00:38:08 | 000,034,304 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV:64bit: - [2008/01/21 05:45:00 | 000,008,192 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2007/08/14 21:00:00 | 000,709,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fxusbase.sys -- (fxusbase)
DRV:64bit: - [2007/08/14 21:00:00 | 000,105,472 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avmcowan.sys -- (AVMCOWAN)
DRV:64bit: - [2007/02/17 01:00:34 | 000,081,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV:64bit: - [2007/02/17 00:50:28 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV:64bit: - [2007/02/17 00:38:26 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV:64bit: - [2007/02/17 00:31:08 | 000,156,672 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV:64bit: - [2007/02/17 00:30:56 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV:64bit: - [2007/02/17 00:22:26 | 000,240,128 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV:64bit: - [2007/02/17 00:17:20 | 000,244,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV:64bit: - [2007/02/17 00:17:14 | 000,415,232 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV:64bit: - [2007/02/17 00:03:34 | 000,106,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV:64bit: - [2007/02/16 21:02:16 | 000,187,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV:64bit: - [2007/02/16 20:59:12 | 000,147,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV:64bit: - [2007/02/16 20:55:52 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV:64bit: - [2007/02/16 20:03:24 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394)
DRV:64bit: - [2006/10/18 23:00:38 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2005/03/25 04:00:00 | 000,123,904 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV:64bit: - [2005/03/25 04:00:00 | 000,072,704 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (imapi)
DRV:64bit: - [2005/03/25 04:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV:64bit: - [2005/03/25 04:00:00 | 000,013,312 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\cdad10ba.sys -- (CdaD10BA)
DRV:64bit: - [2005/03/25 04:00:00 | 000,013,312 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\cdac15ba.sys -- (CdaC15BA)
DRV:64bit: - [2005/03/25 04:00:00 | 000,009,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV:64bit: - [2005/03/24 13:25:38 | 000,086,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV:64bit: - [2005/03/24 13:24:04 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV:64bit: - [2005/03/24 13:21:30 | 000,092,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394)
DRV:64bit: - [2005/03/24 13:20:08 | 000,204,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV:64bit: - [2005/03/24 13:12:02 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV:64bit: - [2005/03/24 13:11:56 | 000,188,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2010/05/26 20:43:00 | 000,014,648 | ---- | M] () [Kernel | On_Demand] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2005/03/25 04:00:00 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\SysWow64\mnmdd.dll -- (mnmdd)
DRV - [2005/03/25 04:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\SysWow64\winsock.dll -- (Winsock)
DRV - [2005/01/03 20:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\SysWow64\npptNT2.sys -- (NPPTNT2)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=SnapdoSoftonic&dpid=SnapdoSoftonic&co=DE&userid=7116eef5-9d0d-44fa-a0ae-f691a2849749&searchtype=ds&q={searchTerms}
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=SnapdoSoftonic&dpid=SnapdoSoftonic&co=DE&userid=7116eef5-9d0d-44fa-a0ae-f691a2849749&searchtype=hp
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=SnapdoSoftonic&dpid=SnapdoSoftonic&co=DE&userid=7116eef5-9d0d-44fa-a0ae-f691a2849749&searchtype=ds&q={searchTerms}
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=SnapdoSoftonic&dpid=SnapdoSoftonic&co=DE&userid=7116eef5-9d0d-44fa-a0ae-f691a2849749&searchtype=ds&q={searchTerms}
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://mystart.incredibar.com/mb165/?loc=IB_DS&a=6OyEPEReOF&&i=26&search="
FF - prefs.js..network.proxy.http: "212.7.210.88"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\WINDOWS\SysWOW64\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012/06/13 10:34:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/03/17 05:42:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/05/03 05:42:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/20 15:46:58 | 000,000,000 | ---D | M]

[2011/01/01 20:26:31 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
[2012/06/14 08:01:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\amaklac8.default\extensions
[2011/02/12 16:02:19 | 000,002,059 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\amaklac8.default\searchplugins\daemon-search.xml
[2012/06/13 10:34:41 | 000,002,203 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\amaklac8.default\searchplugins\MyStart Search.xml
[2012/04/20 16:11:19 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/10/10 11:50:58 | 000,000,000 | ---D | M] (Babylon) -- C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com
File not found (No name found) --
() (No name found) -- C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\AMAKLAC8.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/05/03 05:42:46 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/03 00:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/03/18 06:50:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/10 11:50:52 | 000,002,288 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/03/18 06:50:52 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/18 06:50:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/03/09 10:53:04 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2012/03/18 06:50:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/03/18 06:50:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/03/18 06:50:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2005/03/25 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - File not found
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3:64bit: - HKU\Administrator_ON_C\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [MSIAfterburner] C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe ()
O4 - HKU\Administrator_ON_C..\Run: [yrisi.exe] C:\Documents and Settings\Administrator\Application Data\Lukyr\yrisi.exe ()
O4 - HKU\LocalService_ON_C..\RunOnce: [tscuninstall] File not found
O4 - HKU\NetworkService_ON_C..\RunOnce: [tscuninstall] File not found
O4 - HKU\UpdatusUser_ON_C..\RunOnce: [tscuninstall] File not found
O4 - Startup: C:\Documents and Settings\Administrator\Application Data\Gslqicfa\povyjrvj.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: =
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\UpdatusUser_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O9:64bit: - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UIHost - (%SystemRoot%\system32\logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: System - (lsass.exe) - File not found
O20:64bit: - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\dimsntfy: DllName - dimsntfy.dll - C:\WINDOWS\System32\dimsntfy.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - File not found
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - File not found
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - File not found
O21:64bit: - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21:64bit: - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O24 - Desktop WallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: B:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O27 - HKLM IFEO\msconfig.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\regedit.exe: Debugger - P9KDMF.EXE File not found
O27 - HKLM IFEO\taskmgr.exe: Debugger - P9KDMF.EXE File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/07 01:00:07 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{b4ad3687-36a1-11e0-995f-00235482d525}\Shell - "" = AutoRun
O33 - MountPoints2\{b4ad3687-36a1-11e0-995f-00235482d525}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{b4ad3687-36a1-11e0-995f-00235482d525}\Shell\AutoRun\command - "" = G:\MLLaunch.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/06/22 07:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Gslqicfa
[2012/06/21 09:57:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashStrike_at
[2012/06/19 18:04:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap
[2012/06/19 18:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2012/06/16 17:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Lukyr
[2012/06/16 17:00:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Ifsozi
[2012/06/15 10:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\CCGold
[2012/06/15 10:27:17 | 000,000,000 | ---D | C] -- C:\Games
[2012/06/15 10:16:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eusing Free Registry Cleaner
[2012/06/15 10:16:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
[2012/06/14 07:56:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/06/13 12:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\FileOpen
[2012/06/13 12:31:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\FileOpen
[2012/06/13 11:27:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\ABBYY
[2012/06/13 11:09:57 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 6.0
[2012/06/13 11:09:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 6.0
[2012/06/13 10:48:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ABBYY
[2012/06/13 10:44:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ABBYY
[2012/06/13 10:42:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Smartbar
[2012/06/13 10:41:27 | 000,000,000 | ---D | C] -- C:\Temp
[2012/06/13 10:34:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Scan2PDF
[2012/06/13 10:34:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Scan2PDF
[2012/06/13 10:34:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Scan2PDF
[2012/06/13 10:34:46 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012/06/11 17:35:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Mana 32
[2012/06/11 17:34:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\BMW Treffen
[2012/06/11 06:11:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\EPSON
[2012/06/07 07:00:02 | 000,044,032 | ---- | C] (Xifon) -- C:\Documents and Settings\Administrator\Desktop\MW3sa Reporting tool.exe
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/06/24 05:48:52 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/24 05:48:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/22 07:13:22 | 000,058,880 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Gslqicfa\povyjrvj.exe
[2012/06/19 18:09:42 | 020,813,862 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Nuddn.bmp
[2012/06/19 18:04:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap
[2012/06/19 18:04:15 | 000,000,156 | ---- | M] () -- C:\WINDOWS\SysWow64\-1
[2012/06/18 19:32:34 | 000,001,478 | ---- | M] () -- C:\WINDOWS\basscad.ini
[2012/06/18 19:21:36 | 000,189,654 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\12W3_MAN.pdf
[2012/06/18 14:29:04 | 001,094,585 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MW3sa_reporting_tool(1).zip
[2012/06/17 20:00:02 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-PRIVAT-MANA-Administrator.job
[2012/06/15 10:16:43 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Eusing Free Registry Cleaner.lnk
[2012/06/13 13:44:30 | 005,977,691 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Unbenannt 1.odt
[2012/06/13 12:57:55 | 001,520,361 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt-1.jpg
[2012/06/13 12:54:58 | 021,063,251 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt-1.psd
[2012/06/13 12:39:56 | 005,441,090 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt 1.odt
[2012/06/13 11:06:36 | 374,873,708 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ABBYY_FR11_PE_TRIAL_ESD.exe
[2012/06/13 10:35:28 | 000,118,916 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\alex.pdf
[2012/06/13 10:34:54 | 000,000,447 | ---- | M] () -- C:\user.js
[2012/06/13 10:34:48 | 000,000,660 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Scan2PDF.lnk
[2012/06/13 10:34:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\Scan2PDF
[2012/06/11 06:50:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON
[2012/06/09 14:14:31 | 000,022,325 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\uh44337,1289465820,22muffi_schlumpf.jpg
[2012/06/07 06:59:27 | 000,848,610 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\MW3sa_reporting_tool.zip
[2012/06/03 10:57:50 | 000,044,032 | ---- | M] (Xifon) -- C:\Documents and Settings\Administrator\Desktop\MW3sa Reporting tool.exe
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\SysWow64\*.tmp files -> C:\WINDOWS\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/06/19 18:09:41 | 020,813,862 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Nuddn.bmp
[2012/06/19 18:04:14 | 000,000,156 | ---- | C] () -- C:\WINDOWS\SysWow64\-1
[2012/06/18 19:21:36 | 000,189,654 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\12W3_MAN.pdf
[2012/06/18 14:45:38 | 001,094,585 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MW3sa_reporting_tool(1).zip
[2012/06/15 10:16:43 | 000,000,770 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Eusing Free Registry Cleaner.lnk
[2012/06/13 13:44:27 | 005,977,691 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Unbenannt 1.odt
[2012/06/13 12:57:49 | 001,520,361 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt-1.jpg
[2012/06/13 12:54:56 | 021,063,251 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt-1.psd
[2012/06/13 12:39:51 | 005,441,090 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Unbenannt 1.odt
[2012/06/13 11:01:47 | 374,873,708 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\ABBYY_FR11_PE_TRIAL_ESD.exe
[2012/06/13 10:35:28 | 000,118,916 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\alex.pdf
[2012/06/13 10:34:53 | 000,000,447 | ---- | C] () -- C:\user.js
[2012/06/13 10:34:48 | 000,000,660 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Scan2PDF.lnk
[2012/06/09 14:14:31 | 000,022,325 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\uh44337,1289465820,22muffi_schlumpf.jpg
[2012/06/07 08:52:24 | 000,848,610 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\MW3sa_reporting_tool.zip
[2012/03/09 04:41:33 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2012/02/03 16:01:15 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysWow64\rtvcvfw32.dll
[2011/12/14 11:59:51 | 000,001,324 | ---- | C] () -- C:\WINDOWS\SysWow64\d3d9caps.dat
[2011/10/06 15:46:42 | 000,001,478 | ---- | C] () -- C:\WINDOWS\basscad.ini
[2011/09/30 06:43:55 | 000,059,392 | R--- | C] () -- C:\WINDOWS\SysWow64\streamhlp.dll
[2011/09/28 11:44:14 | 000,179,271 | ---- | C] () -- C:\WINDOWS\SysWow64\xlive.dll.cat
[2011/09/16 12:18:57 | 000,006,736 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2011/09/02 05:43:08 | 000,000,864 | ---- | C] () -- C:\Documents and Settings\Administrator\.recently-used.xbel
[2011/08/28 05:57:34 | 011,165,696 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Sandra.mdb
[2011/08/25 10:00:18 | 000,077,312 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunace26.dll
[2011/08/25 10:00:17 | 000,162,304 | ---- | C] () -- C:\WINDOWS\SysWow64\ztvunrar36.dll
[2011/08/25 10:00:17 | 000,153,088 | ---- | C] () -- C:\WINDOWS\SysWow64\UNRAR3.dll
[2011/08/25 10:00:17 | 000,075,264 | ---- | C] () -- C:\WINDOWS\SysWow64\unacev2.dll
[2011/08/01 03:35:16 | 000,000,030 | ---- | C] () -- C:\Program Files (x86)\Exiferupdate.ini
[2011/07/13 13:15:35 | 000,000,103 | ---- | C] () -- C:\WINDOWS\wiso.ini
[2011/03/08 08:50:45 | 000,044,136 | ---- | C] () -- C:\WINDOWS\CPLUTL64.EXE
[2011/02/20 15:51:02 | 000,015,873 | ---- | C] () -- C:\WINDOWS\SysWow64\Inetde.dll
[2011/02/16 08:27:11 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\SysWow64\ezsidmv.dat
[2010/12/01 09:13:04 | 000,008,832 | ---- | C] () -- C:\Program Files (x86)\MainTmp.RPT
[2010/07/17 11:02:38 | 000,000,213 | ---- | C] () -- C:\WINDOWS\SYNOP.INI
[2010/07/17 11:02:37 | 000,000,304 | ---- | C] () -- C:\WINDOWS\WDISPLAY.INI
[2010/06/28 13:57:24 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2010/06/25 13:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\SysWow64\pthreadVC.dll
[2010/06/23 13:58:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Access.dat
[2010/06/16 15:50:39 | 000,000,307 | ---- | C] () -- C:\WINDOWS\game.ini
[2010/06/08 19:14:10 | 000,024,576 | R--- | C] () -- C:\WINDOWS\SysWow64\AsIO.dll
[2010/06/08 19:14:10 | 000,014,392 | R--- | C] () -- C:\WINDOWS\SysWow64\drivers\AsIO.sys
[2010/06/07 10:00:10 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\chrtmp
[2010/06/07 06:24:13 | 000,271,200 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2010/06/07 06:23:39 | 000,075,136 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2010/06/07 01:11:14 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/07 01:08:23 | 000,024,059 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2010/06/07 01:08:23 | 000,010,296 | ---- | C] () -- C:\WINDOWS\SysWow64\drivers\ASUSHWIO.SYS
[2010/06/07 01:04:06 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/06 17:49:57 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/06 16:16:29 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2008/10/07 08:33:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\SysWow64\nview.dll
[2008/10/07 08:33:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\SysWow64\nvwimg.dll
[2007/02/18 11:05:48 | 000,276,992 | ---- | C] () -- C:\WINDOWS\SysWow64\sbe.dll
[2007/02/18 11:05:46 | 001,274,880 | ---- | C] () -- C:\WINDOWS\SysWow64\quartz.dll
[2007/02/18 11:05:46 | 000,512,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qedit.dll
[2007/02/18 11:05:46 | 000,385,536 | ---- | C] () -- C:\WINDOWS\SysWow64\qdvd.dll
[2007/02/18 11:05:46 | 000,279,040 | ---- | C] () -- C:\WINDOWS\SysWow64\qdv.dll
[2007/02/18 11:05:46 | 000,192,512 | ---- | C] () -- C:\WINDOWS\SysWow64\qcap.dll
[2007/02/18 11:05:40 | 000,355,112 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2007/02/18 11:05:34 | 000,062,464 | ---- | C] () -- C:\WINDOWS\SysWow64\mciqtz32.dll
[2007/02/18 11:05:28 | 000,396,288 | ---- | C] () -- C:\WINDOWS\SysWow64\encdec.dll
[2007/02/18 11:05:24 | 000,061,440 | ---- | C] () -- C:\WINDOWS\SysWow64\devenum.dll
[2007/02/18 11:05:20 | 000,072,704 | ---- | C] () -- C:\WINDOWS\SysWow64\amstream.dll
[2005/03/25 04:00:00 | 000,733,696 | ---- | C] () -- C:\WINDOWS\SysWow64\qedwipes.dll
[2005/03/25 04:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2005/03/25 04:00:00 | 000,498,205 | ---- | C] () -- C:\WINDOWS\SysWow64\dxmasf.dll
[2005/03/25 04:00:00 | 000,199,168 | ---- | C] () -- C:\WINDOWS\SysWow64\ir32_32.dll
[2005/03/25 04:00:00 | 000,114,688 | ---- | C] () -- C:\WINDOWS\SysWow64\msencode.dll
[2005/03/25 04:00:00 | 000,082,432 | ---- | C] () -- C:\WINDOWS\SysWow64\ieencode.dll
[2005/03/25 04:00:00 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\dvdplay.exe
[2005/03/25 04:00:00 | 000,046,907 | ---- | C] () -- C:\WINDOWS\mib.bin
[2005/03/25 04:00:00 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysWow64\tsd32.dll
[2005/03/25 04:00:00 | 000,014,336 | ---- | C] () -- C:\WINDOWS\SysWow64\msdmo.dll
[2005/03/25 04:00:00 | 000,012,498 | ---- | C] () -- C:\WINDOWS\SysWow64\append.exe
[2005/03/25 04:00:00 | 000,004,126 | ---- | C] () -- C:\WINDOWS\SysWow64\msdxmlc.dll
[2005/03/25 04:00:00 | 000,001,129 | ---- | C] () -- C:\WINDOWS\SysWow64\vwipxspx.exe

========== LOP Check ==========

[2011/10/19 19:04:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\.purple
[2010/06/08 09:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ashampoo
[2011/05/07 04:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Azureus
[2011/10/10 11:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Babylon
[2012/06/17 13:20:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BOM
[2011/03/20 20:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Command & Conquer 3 Kanes Rache
[2011/03/10 20:13:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Command & Conquer 3 Tiberium Wars
[2011/10/30 11:50:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Cyad
[2010/06/23 12:48:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DAEMON Tools Lite
[2012/06/13 12:31:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Downloaded Installations
[2011/09/16 12:27:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoft
[2011/09/16 12:27:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\DVDVideoSoftIEHelpers
[2011/05/20 17:10:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EFSoftware
[2011/02/28 16:37:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\elsterformular
[2012/06/11 06:11:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\EPSON
[2011/03/05 14:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Eumex 2220
[2012/06/13 12:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\FileOpen
[2011/12/14 14:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\GameScanner
[2012/06/22 07:13:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Gslqicfa
[2011/09/02 05:43:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\gtk-2.0
[2011/10/09 19:07:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICQ
[2012/06/22 19:18:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Ifsozi
[2011/05/24 10:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\jpg-Illuminator
[2012/06/16 17:00:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Lukyr
[2011/12/18 17:44:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Nitro PDF
[2010/08/04 09:20:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
[2012/06/13 10:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Scan2PDF
[2012/04/20 16:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Spyware Terminator
[2011/09/30 06:49:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TrojanHunter
[2012/04/23 13:55:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TS3Client
[2012/04/03 10:13:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Tunngle
[2011/10/29 15:55:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Uqelox
[2012/04/03 08:28:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Age of Empires 3
[2010/06/08 09:49:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ashampoo
[2011/09/30 06:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/10/10 11:50:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012/02/29 10:41:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Bitstream
[2011/07/13 13:15:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Buhl Data Service GmbH
[2010/06/23 12:44:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2011/07/11 12:39:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\elsterformular
[2011/05/24 09:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2011/03/05 13:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Eumex 2220
[2012/06/13 12:31:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FileOpen
[2010/06/07 05:31:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameScanner
[2010/06/07 13:16:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2011/05/16 11:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro PDF
[2012/02/29 12:38:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2012/04/20 16:11:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2011/08/25 10:01:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/09/30 06:48:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TrojanHunter
[2010/06/23 13:58:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tunngle
[2011/12/18 19:02:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebTemp
[2012/06/15 10:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{6AD8E59C-250C-4201-B5BA-56ADEF76FF46}
[2012/06/22 19:45:15 | 000,032,540 | ---- | M] () -- C:\WINDOWS\Tasks\SchedLgU.Txt

========== Purity Check ==========

< End of report >

Hoffe jemand kann mir dabei helfen. Vielen lieben Dank schon mal im vorraus.
MFG Mana