[doppelt] GEMA Virus nach XP-Security-Entfernung auf unsicherem System eingefangen.
Hallo, hab mir den GEMA-Virus eingefangen, nachdem ich schon wie in diesem Thread( http://www.trojaner-board.de/108328-...ntfernung.html) beschrieben ein noch unsauberes System nach erfolgreicher XP-Security-Entfernung hatte. Dummerweise habe ich meinen Laptop bereits bevor der User 'cosinus' mir helfen wollte weiterhin mit Adminrechten mit dem Internet verbunden und mir halt den GEMA-Virus eingefangen.
Nun habe ich den GEMA-Virus bereits nach dieser Anleitung vom User 'markusg' bis zum Schritt des OTL-Logfiles bekämpft, hier ist das logile: Code:
OTL logfile created on: 2/2/2012 7:03:13 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Programme
Drive C: | 21.41 Gb Total Space | 9.31 Gb Free Space | 43.49% Space Free | Partition Type: FAT32
Drive D: | 444.33 Gb Total Space | 296.19 Gb Free Space | 66.66% Space Free | Partition Type: NTFS
Drive E: | 3.68 Gb Total Space | 0.63 Gb Free Space | 17.00% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - [2010/02/19 07:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/02/10 10:01:49 | 000,116,104 | ---- | M] () [Auto] -- D:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2006/04/07 08:54:06 | 000,191,016 | ---- | M] (AVIRA GmbH) [Auto] -- D:\Programme\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2006/04/05 07:03:55 | 000,034,344 | ---- | M] (Avira GmbH) [Auto] -- D:\Programme\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2005/04/03 17:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- D:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (USBCCID)
DRV - File not found [Kernel | On_Demand] -- -- (USBAAPL)
DRV - File not found [Kernel | On_Demand] -- -- (Rts516xIR)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [File_System | Boot] -- -- (Lbd)
DRV - File not found [Kernel | On_Demand] -- -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2011/01/03 03:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/01/03 03:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011/01/03 03:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/12/21 00:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/11/11 18:10:52 | 000,100,456 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\nvhda32.sys -- (NVHDA)
DRV - [2010/02/20 12:26:30 | 000,682,232 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled] -- D:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/06/17 03:17:42 | 000,041,856 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\fspad_xp32.sys -- (fspad_xp32)
DRV - [2009/06/05 02:16:32 | 000,142,336 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008/10/31 03:38:08 | 004,942,336 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/07/31 01:17:22 | 000,157,696 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\RTS5121.sys -- (RSUSBSTOR)
DRV - [2008/07/24 10:37:16 | 000,991,656 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\btkrnl.sys -- (BTKRNL)
DRV - [2008/07/24 10:37:10 | 000,156,816 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\btwdndis.sys -- (BTWDNDIS)
DRV - [2008/05/30 04:46:12 | 000,534,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\btaudio.sys -- (btaudio)
DRV - [2008/05/19 07:49:14 | 000,625,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\rt2860.sys -- (RT80x86)
DRV - [2008/04/13 18:10:48 | 000,062,976 | ---- | M] () [Kernel | System] -- D:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/03/10 11:18:42 | 000,057,384 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\btwhid.sys -- (btwhid)
DRV - [2008/02/04 10:57:44 | 000,037,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand] -- D:\WINDOWS\system32\drivers\btport.sys -- (BTDriver)
DRV - [2007/01/04 03:15:08 | 000,009,336 | ---- | M] (hxxp://www.internals.com) [Kernel | On_Demand] -- D:\WINDOWS\system32\WinIo.sys -- (WINIO)
DRV - [2006/02/22 10:21:21 | 000,007,168 | ---- | M] (H+BEDV Datentechnik GmbH) [Kernel | System] -- D:\Programme\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2005/12/07 07:58:27 | 000,026,112 | ---- | M] (H+BEDV Datentechnik GmbH) [File_System | On_Demand] -- D:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2003/12/27 13:42:12 | 000,137,216 | ---- | M] ( ) [Kernel | Boot] -- D:\WINDOWS\system32\drivers\d344bus.sys -- (d344bus)
DRV - [2003/12/26 19:38:10 | 000,005,248 | ---- | M] ( ) [Kernel | Disabled] -- D:\WINDOWS\System32\Drivers\d344prt.sys -- (d344prt)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Pilki_ON_D\Software\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\Pilki_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKU\Pilki_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: D:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: D:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/01/09 12:58:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/01/16 03:36:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Programme\Mozilla Sunbird\components [2011/01/12 07:17:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Programme\Mozilla Sunbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2011/09/12 04:03:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
[2011/11/09 13:21:39 | 000,000,000 | ---D | M] (No name found) -- D:\Programme\Mozilla Firefox\extensions
[2011/06/11 13:21:18 | 000,000,000 | ---D | M] (Skype extension) -- D:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/01/09 12:58:50 | 000,121,816 | ---- | M] (Mozilla Foundation) -- D:\Programme\mozilla firefox\components\browsercomps.dll
[2011/05/03 21:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- D:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011/10/06 03:25:05 | 000,001,392 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/10/06 03:25:05 | 000,002,252 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\bing.xml
[2011/10/06 03:25:05 | 000,001,153 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011/07/16 05:58:25 | 000,002,048 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\fcmdSrch.xml
[2011/10/06 03:25:05 | 000,006,805 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/10/06 03:25:05 | 000,001,178 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/10/06 03:25:05 | 000,001,105 | ---- | M] () -- D:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
Hosts file not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe ARM] D:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] D:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] D:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] D:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [avgnt] D:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CanonMyPrinter] D:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] D:\Programme\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [fspuip] D:\Programme\FSP\fspuip.exe (Sentelic Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [lZoxBNSHVhEHmPm] File not found
O4 - HKLM..\Run: [NvCplDaemon] D:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] D:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] D:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Reset.exe] D:\Programme\Realtek\USB2.0 Card Reader Software\Reset.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] D:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SwitchBoard] D:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\.DEFAULT..\Run: [lZoxBNSHVhEHmPm] File not found
O4 - HKU\Pilki_ON_D..\Run: [KiesHelper] D:\Programme\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\Pilki_ON_D..\Run: [KiesPDLR] D:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\Pilki_ON_D..\Run: [KiesTrayAgent] D:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\Pilki_ON_D..\Run: [RegistryBooster] D:\Programme\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKU\Pilki_ON_D..\Run: [Thunderbird] D:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
O4 - HKU\Pilki_ON_D..\Run: [Xvid] D:\Programme\Xvid\CheckUpdate.exe ()
O4 - Startup: D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\BTTray.lnk = D:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Pilki_2_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Pilki_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Pilki_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Pilki_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - D:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - File not found
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1266325311718 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.10.0.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - D:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (\h4w5eu5zy.exe) - File not found
O20 - HKU\.DEFAULT Winlogon: Shell - (\h4w5eu5zy.exe) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/02/16 06:47:09 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - File not found - -- [ FAT32 ]
O32 - AutoRun File - [2010/02/16 06:47:09 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offlinebrowsingpaket
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer-Hilfe
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsererweiterungen
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - Zugang zu MSN Site
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - %SystemRoot%\system32\ie4uinit.exe
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML-Datenbindung
ActiveX: {9fifpUZu-lMgV-SS47-n9xf-Sq0m6clNReba} -
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer-Hauptschriftarten
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML-Hilfe
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: AutorunsDisabled -
NetSvcs: 6to4 - File not found
NetSvcs: EventSystem - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
========== Files/Folders - Created Within 30 Days ==========
[2012/01/21 13:21:58 | 000,483,328 | ---- | C] (IObit ) -- D:\h4w5eu5zy.exe
[2012/01/20 10:43:51 | 000,000,000 | RH-D | C] -- D:\Dokumente und Einstellungen\Pilki\Recent
[2012/01/19 16:55:10 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Dokumente und Einstellungen\Pilki\Desktop\OTL.exe
[2012/01/17 05:22:43 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki\Desktop\Sport Tiedje
[2012/01/17 03:54:56 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Lokale Einstellungen\Anwendungsdaten\Adobe
[2012/01/17 03:54:53 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Lokale Einstellungen\Anwendungsdaten\FSP
[2012/01/17 03:54:52 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Anwendungsdaten\Adobe
[2012/01/17 03:54:42 | 000,000,000 | R--D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Eigene Dateien\Eigene Musik
[2012/01/17 03:54:42 | 000,000,000 | R--D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Eigene Dateien
[2012/01/17 03:54:42 | 000,000,000 | R--D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Eigene Dateien\Eigene Bilder
[2012/01/17 03:54:30 | 000,000,000 | --SD | C] -- D:\Dokumente und Einstellungen\Pilki_2\Anwendungsdaten\Microsoft
[2012/01/17 03:54:30 | 000,000,000 | --SD | C] -- D:\Dokumente und Einstellungen\Pilki_2\Cookies
[2012/01/17 03:54:30 | 000,000,000 | RH-D | C] -- D:\Dokumente und Einstellungen\Pilki_2\SendTo
[2012/01/17 03:54:30 | 000,000,000 | RH-D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Recent
[2012/01/17 03:54:30 | 000,000,000 | RH-D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Anwendungsdaten
[2012/01/17 03:54:30 | 000,000,000 | R--D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Startmenü\Programme\Zubehör
[2012/01/17 03:54:30 | 000,000,000 | R--D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Startmenü
[2012/01/17 03:54:30 | 000,000,000 | R--D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Favoriten
[2012/01/17 03:54:30 | 000,000,000 | R--D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Startmenü\Programme\Autostart
[2012/01/17 03:54:30 | 000,000,000 | -H-D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Vorlagen
[2012/01/17 03:54:30 | 000,000,000 | -H-D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Netzwerkumgebung
[2012/01/17 03:54:30 | 000,000,000 | -H-D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Lokale Einstellungen
[2012/01/17 03:54:30 | 000,000,000 | -H-D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Druckumgebung
[2012/01/17 03:54:30 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012/01/17 03:54:30 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Anwendungsdaten\Macromedia
[2012/01/17 03:54:30 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki_2\Desktop
[2012/01/16 19:32:35 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012/01/16 19:32:33 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys
[2012/01/16 19:32:33 | 000,000,000 | ---D | C] -- D:\Programme\Malwarebytes' Anti-Malware
[2012/01/16 19:24:38 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- D:\Dokumente und Einstellungen\Pilki\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/16 16:10:55 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AntiVir PersonalEdition Classic
[2012/01/16 16:10:53 | 000,057,344 | ---- | C] (H+BEDV Datentechnik GmbH) -- D:\WINDOWS\System32\avsda.dll
[2012/01/16 16:10:53 | 000,032,768 | ---- | C] (AVIRA GmbH) -- D:\WINDOWS\System32\drivers\avgntdd.sys
[2012/01/16 16:10:53 | 000,014,848 | ---- | C] (H+BEDV Datentechnik GmbH) -- D:\WINDOWS\System32\drivers\avgntmgr.sys
[2012/01/16 16:10:52 | 000,000,000 | ---D | C] -- D:\Programme\AntiVir PersonalEdition Classic
[2012/01/16 16:10:52 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
[2012/01/16 14:51:22 | 000,000,000 | ---D | C] -- D:\Program Files
[2012/01/16 14:49:56 | 000,185,560 | ---- | C] (PC Tools) -- D:\WINDOWS\System32\drivers\PCTSD.sys
[2012/01/16 14:49:56 | 000,000,000 | ---D | C] -- D:\Programme\Gemeinsame Dateien\PC Tools
[2012/01/16 14:49:42 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2012/01/16 14:49:40 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki\Anwendungsdaten\TestApp
[2012/01/16 14:49:40 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Tools
[2012/01/16 14:37:16 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2012/01/16 14:37:15 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Adobe
[2012/01/16 03:59:05 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki\Lokale Einstellungen\Anwendungsdaten\SanctionedMedia
[2012/01/08 12:09:08 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki\Desktop\Prüfungsfragen
[2012/01/08 12:08:56 | 000,000,000 | ---D | C] -- D:\Dokumente und Einstellungen\Pilki\Desktop\die RICHTIGEN Folien!!
[2011/06/11 13:17:42 | 000,137,216 | ---- | C] ( ) -- D:\WINDOWS\System32\drivers\d344bus.sys
[2011/06/11 13:17:42 | 000,005,248 | ---- | C] ( ) -- D:\WINDOWS\System32\drivers\d344prt.sys
[2010/02/16 08:39:48 | 000,047,360 | ---- | C] (VSO Software) -- D:\Dokumente und Einstellungen\Pilki\Anwendungsdaten\pcouffin.sys
[5 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[3 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/02 12:16:57 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat
[2012/02/02 12:16:40 | 000,000,256 | ---- | M] () -- D:\WINDOWS\tasks\RegistryBooster.job
[2012/02/02 12:16:39 | 000,002,206 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl
[2012/01/21 14:51:00 | 000,001,088 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/21 13:51:00 | 000,001,084 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/21 13:21:54 | 000,483,328 | ---- | M] (IObit ) -- D:\h4w5eu5zy.exe
[2012/01/21 06:07:02 | 000,252,080 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2012/01/21 06:07:02 | 000,000,001 | ---- | M] () -- D:\WINDOWS\System32\nvdrssel.bin
[2012/01/21 06:07:01 | 000,252,080 | ---- | M] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2012/01/20 10:44:13 | 000,517,634 | ---- | M] () -- D:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-796845957-706699826-725345543-1002-0.dat
[2012/01/20 10:44:13 | 000,258,954 | ---- | M] () -- D:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012/01/20 06:38:46 | 000,119,741 | ---- | M] () -- D:\Dokumente und Einstellungen\Pilki\Desktop\Wulffs-Nachfolger_01.jpg
[2012/01/20 04:50:42 | 000,020,168 | ---- | M] () -- D:\Dokumente und Einstellungen\Pilki\Desktop\gmer+otl.zip
[2012/01/19 18:50:57 | 000,302,592 | ---- | M] () -- D:\Dokumente und Einstellungen\Pilki\Desktop\nld8su5s.exe
[2012/01/19 18:26:29 | 000,000,046 | ---- | M] () -- D:\Dokumente und Einstellungen\Pilki\defogger_reenable
[2012/01/19 18:09:40 | 000,106,496 | ---- | M] () -- D:\Dokumente und Einstellungen\Pilki\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/01/19 16:55:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Dokumente und Einstellungen\Pilki\Desktop\OTL.exe
[2012/01/19 16:54:51 | 000,050,477 | ---- | M] () -- D:\Dokumente und Einstellungen\Pilki\Desktop\Defogger.exe
[2012/01/19 08:27:00 | 000,000,484 | ---- | M] () -- D:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2012/01/17 03:54:49 | 000,000,079 | ---- | M] () -- D:\Dokumente und Einstellungen\Pilki_2\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf
[2012/01/16 19:32:36 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012/01/16 19:28:17 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Games
[2012/01/16 19:25:03 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- D:\Dokumente und Einstellungen\Pilki\Desktop\mbam-setup-1.60.0.1800.exe
[2012/01/16 18:07:58 | 000,009,005 | ---- | M] () -- D:\Dokumente und Einstellungen\Pilki\Anwendungsdaten\f4b4b8c4
[2012/01/16 18:07:58 | 000,008,981 | ---- | M] () -- D:\Dokumente und Einstellungen\Pilki\Lokale Einstellungen\Anwendungsdaten\6679b8ed
[2012/01/16 18:07:58 | 000,008,949 | ---- | M] () -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9b0278d5
[2012/01/16 16:10:55 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AntiVir PersonalEdition Classic
[2012/01/16 14:50:18 | 000,632,458 | ---- | M] () -- D:\WINDOWS\System32\drivers\Cat.DB
[2012/01/16 14:40:37 | 000,000,664 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat
[2012/01/16 03:36:23 | 000,001,804 | ---- | M] () -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader 9.lnk
[5 D:\WINDOWS\*.tmp files -> D:\WINDOWS\*.tmp -> ]
[3 D:\WINDOWS\System32\*.tmp files -> D:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/20 06:38:46 | 000,119,741 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Desktop\Wulffs-Nachfolger_01.jpg
[2012/01/20 04:50:42 | 000,020,168 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Desktop\gmer+otl.zip
[2012/01/19 18:50:57 | 000,302,592 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Desktop\nld8su5s.exe
[2012/01/19 18:26:15 | 000,000,046 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\defogger_reenable
[2012/01/19 16:54:51 | 000,050,477 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Desktop\Defogger.exe
[2012/01/17 03:54:50 | 000,000,718 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki_2\Startmenü\Programme\Outlook Express.lnk
[2012/01/17 03:54:49 | 000,000,079 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki_2\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf
[2012/01/17 03:54:46 | 000,000,772 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki_2\Startmenü\Programme\Windows Media Player.lnk
[2012/01/17 03:54:30 | 000,001,599 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki_2\Startmenü\Programme\Remoteunterstützung.lnk
[2012/01/16 15:15:42 | 000,032,768 | ---- | C] () -- D:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2012/01/16 14:50:00 | 000,632,458 | ---- | C] () -- D:\WINDOWS\System32\drivers\Cat.DB
[2012/01/16 03:59:06 | 000,009,005 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Anwendungsdaten\f4b4b8c4
[2012/01/16 03:59:06 | 000,008,981 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Lokale Einstellungen\Anwendungsdaten\6679b8ed
[2012/01/16 03:59:06 | 000,008,949 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\9b0278d5
[2012/01/16 03:36:23 | 000,001,804 | ---- | C] () -- D:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader 9.lnk
[2011/12/04 16:38:36 | 000,252,080 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb0.bin
[2011/12/04 16:38:34 | 000,252,080 | ---- | C] () -- D:\WINDOWS\System32\nvdrsdb1.bin
[2011/12/04 16:38:34 | 000,000,001 | ---- | C] () -- D:\WINDOWS\System32\nvdrssel.bin
[2011/12/04 16:38:09 | 002,292,678 | ---- | C] () -- D:\WINDOWS\System32\nvdata.bin
[2011/10/13 15:49:18 | 000,000,035 | ---- | C] () -- D:\WINDOWS\WorldBuilder.INI
[2011/09/23 19:07:26 | 000,354,816 | ---- | C] () -- D:\WINDOWS\System32\psisdecd.dll
[2011/09/22 14:16:08 | 000,060,680 | ---- | C] () -- D:\WINDOWS\War3Unin.dat
[2011/07/16 10:56:46 | 000,645,632 | ---- | C] () -- D:\WINDOWS\System32\xvidcore.dll
[2011/07/16 10:56:46 | 000,240,640 | ---- | C] () -- D:\WINDOWS\System32\xvidvfw.dll
[2011/05/01 12:16:30 | 000,000,064 | ---- | C] () -- D:\WINDOWS\System32\rp_stats.dat
[2011/05/01 12:16:30 | 000,000,044 | ---- | C] () -- D:\WINDOWS\System32\rp_rules.dat
[2011/04/18 18:46:18 | 000,517,634 | ---- | C] () -- D:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-796845957-706699826-725345543-1002-0.dat
[2011/04/18 18:46:18 | 000,258,954 | ---- | C] () -- D:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011/04/16 09:43:54 | 000,000,034 | ---- | C] () -- D:\WINDOWS\cdplayer.ini
[2011/03/08 07:41:06 | 000,030,568 | ---- | C] () -- D:\WINDOWS\MusiccityDownload.exe
[2011/03/08 07:41:04 | 000,974,848 | ---- | C] () -- D:\WINDOWS\System32\cis-2.4.dll
[2011/03/08 07:41:04 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/03/08 07:41:04 | 000,065,536 | ---- | C] () -- D:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/03/08 07:41:04 | 000,057,344 | ---- | C] () -- D:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/01/08 11:24:12 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat
[2010/11/06 06:49:42 | 000,027,648 | ---- | C] () -- D:\WINDOWS\System32\AVSredirect.dll
[2010/07/23 08:44:18 | 000,165,376 | ---- | C] () -- D:\WINDOWS\System32\unrar.dll
[2010/04/21 13:50:54 | 000,000,664 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat
[2010/04/10 13:32:27 | 000,000,049 | ---- | C] () -- D:\WINDOWS\NeroDigital.ini
[2010/03/04 11:03:07 | 000,019,553 | ---- | C] () -- D:\WINDOWS\hpqins13.dat
[2010/02/20 17:49:16 | 000,160,109 | ---- | C] () -- D:\WINDOWS\hpoins14.dat.temp
[2010/02/20 17:49:16 | 000,002,000 | ---- | C] () -- D:\WINDOWS\hpomdl14.dat.temp
[2010/02/20 12:47:01 | 000,000,982 | ---- | C] () -- D:\WINDOWS\eReg.dat
[2010/02/16 19:09:14 | 000,069,632 | ---- | C] () -- D:\WINDOWS\uinst001.exe
[2010/02/16 18:54:31 | 000,018,808 | -H-- | C] () -- D:\WINDOWS\System32\mlfcache.dat
[2010/02/16 15:36:40 | 000,106,496 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/16 11:03:32 | 000,000,056 | -H-- | C] () -- D:\WINDOWS\System32\ezsidmv.dat
[2010/02/16 09:03:07 | 000,000,124 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\default.pls
[2010/02/16 08:39:48 | 000,087,608 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Anwendungsdaten\inst.exe
[2010/02/16 08:39:48 | 000,007,887 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Anwendungsdaten\pcouffin.cat
[2010/02/16 08:39:48 | 000,001,144 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Anwendungsdaten\pcouffin.inf
[2010/02/16 08:39:48 | 000,001,027 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Anwendungsdaten\EasyToolz.ini
[2010/02/16 08:39:48 | 000,000,000 | ---- | C] () -- D:\Dokumente und Einstellungen\Pilki\Anwendungsdaten\AVSDVDPlayer.m3u
[2010/02/16 07:15:07 | 000,073,728 | ---- | C] () -- D:\WINDOWS\System32\RtNicProp32.dll
[2010/02/16 07:09:59 | 000,000,276 | ---- | C] () -- D:\WINDOWS\System32\drivers\SamSfPa.dat
[2010/02/16 06:48:58 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat
[2010/02/16 06:37:59 | 000,004,161 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI
[2010/02/16 06:36:56 | 003,640,928 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT
[2010/01/20 19:00:02 | 000,667,136 | ---- | C] () -- D:\WINDOWS\System32\OGACheckControl.dll
[2008/07/30 04:55:02 | 002,854,912 | ---- | C] () -- D:\WINDOWS\System32\btwicons.dll
[2004/08/03 16:12:38 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\dcache.bin
[2004/08/03 15:57:54 | 000,024,576 | ---- | C] () -- D:\WINDOWS\LINKINFO.dll
[2004/08/03 13:59:54 | 000,062,976 | ---- | C] () -- D:\WINDOWS\System32\drivers\cdrom.sys
[2004/08/02 05:20:40 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat
[2003/12/27 13:43:24 | 000,068,608 | ---- | C] () -- D:\WINDOWS\daemon.dll
[2001/11/14 07:56:00 | 001,802,240 | ---- | C] () -- D:\WINDOWS\System32\lcppn21.dll
[2001/08/23 05:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin
[2001/08/23 05:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat
[2001/08/23 05:00:00 | 000,424,408 | ---- | C] () -- D:\WINDOWS\System32\perfh007.dat
[2001/08/23 05:00:00 | 000,411,822 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat
[2001/08/23 05:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat
[2001/08/23 05:00:00 | 000,269,480 | ---- | C] () -- D:\WINDOWS\System32\perfi007.dat
[2001/08/23 05:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat
[2001/08/23 05:00:00 | 000,073,724 | ---- | C] () -- D:\WINDOWS\System32\perfc007.dat
[2001/08/23 05:00:00 | 000,060,884 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat
[2001/08/23 05:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin
[2001/08/23 05:00:00 | 000,034,478 | ---- | C] () -- D:\WINDOWS\System32\perfd007.dat
[2001/08/23 05:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat
[2001/08/23 05:00:00 | 000,004,463 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat
[2001/08/23 05:00:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat
[1997/06/14 02:56:08 | 000,056,832 | ---- | C] () -- D:\WINDOWS\System32\iyvu9_32.dll
========== LOP Check ==========
[2011/09/24 03:38:16 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Age of Empires 3
[2012/01/19 16:11:08 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AntiVir PersonalEdition Classic
[2010/11/16 07:40:56 | 000,000,000 | -H-D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011/11/28 13:28:02 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJ
[2011/11/22 15:29:27 | 000,000,000 | -H-D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEPPEX
[2011/04/06 10:34:19 | 000,000,000 | -H-D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter
[2012/01/17 03:55:12 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2011/04/06 07:40:45 | 000,000,000 | -H-D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan
[2011/04/06 10:35:07 | 000,000,000 | -H-D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenu
[2011/04/13 18:34:39 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2011/02/21 14:42:00 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2011/04/13 19:02:45 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2012/01/16 19:33:42 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2010/02/16 14:08:31 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2011/04/12 08:17:14 | 000,000,000 | -H-D | M] -- D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{DE8EABB5-1C85-4410-A68D-79BD8A4518F4}
[2012/01/19 08:27:00 | 000,000,484 | ---- | M] () -- D:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2012/02/02 12:16:40 | 000,000,256 | ---- | M] () -- D:\WINDOWS\Tasks\RegistryBooster.job
[2010/07/23 08:32:15 | 000,000,272 | ---- | M] () -- D:\WINDOWS\Tasks\videopadSevenDays.job
[2010/07/26 08:32:01 | 000,000,272 | ---- | M] () -- D:\WINDOWS\Tasks\videopadShakeIcon.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012/01/17 03:54:49 | 000,000,000 | -H-D | M] -- D:\Config.Msi
[2012/01/17 03:54:30 | 000,000,000 | ---D | M] -- D:\Dokumente und Einstellungen
[2010/02/16 07:02:50 | 000,000,000 | ---D | M] -- D:\Intel
[2011/03/17 05:34:19 | 000,000,000 | ---D | M] -- D:\My Documents
[2011/12/19 01:45:44 | 000,000,000 | ---D | M] -- D:\Neuer Ordner
[2011/12/04 16:36:06 | 000,000,000 | ---D | M] -- D:\NVIDIA
[2012/01/16 14:51:22 | 000,000,000 | ---D | M] -- D:\Program Files
[2012/01/17 03:54:11 | 000,000,000 | R--D | M] -- D:\Programme
[2010/02/16 10:19:48 | 000,000,000 | -HSD | M] -- D:\RECYCLER
[2012/01/17 03:54:11 | 000,000,000 | -HSD | M] -- D:\System Volume Information
[2011/12/04 15:59:08 | 000,000,000 | ---D | M] -- D:\Temp
[2012/02/02 12:16:25 | 000,000,000 | ---D | M] -- D:\WINDOWS
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
< %systemroot%\*. /mp /s >
< MD5 for: AGP440.SYS >
[2004/08/03 16:10:00 | 018,782,319 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/14 02:03:54 | 020,108,202 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 02:03:54 | 020,108,202 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 18:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 18:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- D:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2004/08/03 16:10:00 | 018,782,319 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 02:03:54 | 020,108,202 | ---- | M] () .cab file -- D:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 02:03:54 | 020,108,202 | ---- | M] () .cab file -- D:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 18:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 18:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- D:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 13:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- D:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008/04/14 01:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- D:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/14 01:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- D:\WINDOWS\system32\eventlog.dll
[2004/08/03 15:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- D:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2004/08/03 15:57:54 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- D:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008/04/14 01:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- D:\WINDOWS\explorer.exe
[2008/04/14 01:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- D:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: IASTOR.SYS >
[2009/11/17 08:41:47 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- D:\WINDOWS\NLDRV\002\iastor.sys
[2010/02/09 07:45:04 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- D:\WINDOWS\NLDRV\003\iastor.sys
[2010/02/09 07:45:04 | 000,330,264 | ---- | M] (Intel Corporation) MD5=D483687EACE0C065EE772481A96E05F5 -- D:\WINDOWS\system32\drivers\iaStor.sys
[2008/07/09 06:43:25 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- D:\WINDOWS\NLDRV\001\iastor.sys
< MD5 for: NETLOGON.DLL >
[2008/04/14 01:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- D:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/14 01:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- D:\WINDOWS\system32\netlogon.dll
[2004/08/03 15:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- D:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008/04/14 01:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- D:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/14 01:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- D:\WINDOWS\system32\scecli.dll
[2004/08/03 15:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- D:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2004/08/03 15:57:38 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- D:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008/04/14 01:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- D:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/14 01:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- D:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008/04/14 01:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- D:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2011/07/06 12:55:12 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- D:\WINDOWS\system32\userinit.exe
[2004/08/03 15:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- D:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004/08/03 15:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- D:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2011/12/24 11:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- D:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/04/14 01:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- D:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/14 01:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- D:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2001/08/23 05:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- D:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001/08/23 05:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- D:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2010/02/16 07:36:11 | 000,094,208 | ---- | M] () -- D:\WINDOWS\System32\config\default.sav
[2010/02/16 07:36:11 | 000,663,552 | ---- | M] () -- D:\WINDOWS\System32\config\software.sav
[2010/02/16 07:36:10 | 000,450,560 | ---- | M] () -- D:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[2008/06/17 14:00:59 | 008,502,272 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- D:\WINDOWS\system32\shell32.dll
[3 D:\WINDOWS\system32\*.tmp files -> D:\WINDOWS\system32\*.tmp -> ]
Invalid Environment Variable: %USERPROFILE%\*.*
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[D:\WINDOWS\$NtUninstallKB49573$] -> -> Unknown point type
========== Alternate Data Streams ==========
@Alternate Data Stream - 145 bytes -> D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:430C6D84
@Alternate Data Stream - 127 bytes -> D:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:DFC5A2B2
< End of report >
Bitte um Hilfe. :dankeschoen: |
