| hangenstein | 19.07.2010 20:23 |
Hi,
danke für die Antwort. Habe Windows XP.
Hier die OTL Ausgabe:
OTL Logfile: Code:
OTL Extras logfile created on: 19.07.2010 20:43:31 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\xxx\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.014,00 Mb Total Physical Memory | 489,00 Mb Available Physical Memory | 48,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 93,16 Gb Total Space | 76,33 Gb Free Space | 81,94% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RAINER
Current User Name:xx
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Programme\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" =
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\EA GAMES\Battlefield Vietnam\bfvietnam.exe" = C:\Programme\EA GAMES\Battlefield Vietnam\bfvietnam.exe:*:Enabled:bfvietnam -- File not found
"C:\Programme\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe" = C:\Programme\EA GAMES\Medal of Honor Pacific Assault(tm)\mohpa.exe:*:Enabled:Medal of Honor Pacific Assault(tm) -- File not found
"C:\Programme\Toshiba\ConfigFree\CFXFER.exe" = C:\Programme\Toshiba\ConfigFree\CFXFER.exe:*:Enabled:ConfigFree SUMMIT Engine -- (TOSHIBA CORPORATION)
"C:\Programme\Plone 3\Python\python.exe" = C:\Programme\Plone 3\Python\python.exe:*:Enabled:python -- File not found
"C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpfccopy.exe:*:Disabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Programme\HP\Digital Imaging\bin\hpoews01.exe" = C:\Programme\HP\Digital Imaging\bin\hpoews01.exe:*:Disabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Programme\HP\Digital Imaging\bin\hpofxm08.exe:*:Disabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposfx08.exe" = C:\Programme\HP\Digital Imaging\bin\hposfx08.exe:*:Disabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hposid01.exe" = C:\Programme\HP\Digital Imaging\bin\hposid01.exe:*:Disabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Programme\HP\Digital Imaging\bin\hpqCopy.exe:*:Disabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Programme\HP\Digital Imaging\bin\hpzwiz01.exe:*:Disabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- File not found
"C:\Programme\JägerprüfungBW\Jägerprüfung-BW.EXE" = C:\Programme\JägerprüfungBW\Jägerprüfung-BW.EXE:*:Enabled:FileMaker Pro Runtime -- File not found
"C:\Programme\JägerprüfungNI\Jägerprüfung-NI.EXE" = C:\Programme\JägerprüfungNI\Jägerprüfung-NI.EXE:*:Enabled:FileMaker Pro Runtime -- File not found
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Programme\Winamp Remote\bin\Orb.exe" = C:\Programme\Winamp Remote\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Programme\Winamp Remote\bin\OrbTray.exe" = C:\Programme\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Programme\Winamp Remote\bin\OrbStreamerClient.exe" = C:\Programme\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{05C56753-F144-44BC-BA67-83CC5DBF395C}" = F300
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}" = Utility Common Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}" = LG PC Suite II
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{31D543E6-2234-47CA-B3F7-2C5765CA2D9B}" = LG PC Suite II
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"{3EB6332B-AF02-457C-A31C-835458C5B48B}" = TOSHIBA Benutzerhandbücher
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD-Speicherkarten-Formatierung
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisor Password
"{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"{5624C000-B109-11D4-9DB4-00E0290FCAC5}" = VPN Client
"{5809E7CF-4DCF-11D4-9875-00105ACE7734}" = Logitech MouseWare 9.80
"{59FDFDFB-52FE-45B1-8A2A-A00079B07FF0}" = TOSHIBA Power Saver Driver
"{5BCA8D15-BCB6-421E-9654-238B43456A4F}" = TOSHIBA Controls Driver
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{6059C682-4C5F-4106-8487-943E98225D3B}" = LG MC USB Modem driver
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zoom-Dienstprogramm
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6994491D-D491-48F1-AE1F-E179C1FFFC2F}" = HP Photosmart Essential
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey Utility
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = TouchPad On/Off Utility
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8FB1A5EA-7DA8-4D57-80FB-BD923CCCC852}" = OpenOffice.org 2.1
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{94FB906A-CF42-4128-A509-D353026A607E}" = REALTEK Gigabit and Fast Ethernet NIC Driver
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM-Treiber
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-A81200000003}" = Adobe Reader 8.1.2 - Deutsch
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{E18E644D-4FC1-4E7F-87B7-A0288A14A322}" = TIxx21/x515
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E5966E4C-0A93-4F59-A981-BD3173D4799F}" = F300_Help
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FCE19796-1ADF-42DF-81D8-3563867FC2C2}" = TOSHIBA Zooming Hook
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVIcodec" = AVIcodec (remove only)
"CCleaner" = CCleaner
"FEXtraderProLIVE" = FEXtrader Pro LIVE
"FRITZ!DSL" = AVM FRITZ!DSL
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"InstallShield_{3A57482F-BEBC-47E4-ADA1-6302403C7E50}" = TOSHIBA Accessibility
"InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}" = TOSHIBA Supervisorkennwort
"InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}" = TOSHIBA Hardware Setup
"InstallShield_{7900D3A6-A9E8-4954-ACCB-AB15867978BF}" = TOSHIBA Hotkey-Dienstprogramm
"InstallShield_{80977342-27E8-4FF7-8B6A-D8D89461DA7F}" = Touchpad EIN/AUS-Utility
"InstallShield_{E18E644D-4FC1-4E7F-87B7-A0288A14A322}" = Texas Instruments PCIxx21/x515 drivers.
"InstallWIX_{1A59064A-12A9-469F-99F6-04BF118DBCFF}" = Kaspersky PURE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MONOGRAM AMR Splitter/Decoder" = MONOGRAM AMR Splitter/Decoder (remove only)
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter (remove only)
"Orb" = Winamp Remote
"PC-Diagnose-Tool" = TOSHIBA PC-Diagnose-Tool
"Power Saver" = TOSHIBA Power Saver
"RealMedia" = RealMedia (remove only)
"RealPlayer 6.0" = RealPlayer
"Softonic_Deutsch Toolbar" = Softonic_Deutsch Toolbar
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"VLC media player" = VLC media player 0.9.9
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"ZoomPlayer" = Zoom Player (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11.07.2010 12:36:34 | Computer Name = RAINER | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 11.07.2010 12:36:34 | Computer Name = RAINER | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 11.07.2010 12:38:32 | Computer Name = RAINER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hpqste08.exe, Version 70.0.170.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00ccc5c5.
Error - 11.07.2010 15:30:34 | Computer Name = RAINER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung soffice.bin, Version 1.9.9090.500, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 12.07.2010 13:10:06 | Computer Name = RAINER | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 12.07.2010 13:10:06 | Computer Name = RAINER | Source = crypt32 | ID = 131083
Description = Die Extrahierung der Drittanbieterstammlisten aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
ist fehlgeschlagen mit dem Fehler: Ein erforderliches Zertifikat befindet sich
nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel
in der signierten Datei. .
Error - 12.07.2010 15:22:55 | Computer Name = RAINER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hpqste08.exe, Version 70.0.170.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00ccced8.
Error - 15.07.2010 04:51:50 | Computer Name = RAINER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung iexplore.exe, Version 6.0.2900.5512, fehlgeschlagenes
Modul mshtml.dll, Version 6.0.2900.5969, Fehleradresse 0x00274256.
Error - 15.07.2010 06:05:32 | Computer Name = RAINER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung mbam.exe, Version 1.46.0.1, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 19.07.2010 14:30:16 | Computer Name = RAINER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung hpqste08.exe, Version 70.0.170.0, fehlgeschlagenes
Modul unknown, Version 0.0.0.0, Fehleradresse 0x00ccb418.
[ System Events ]
Error - 12.07.2010 15:21:45 | Computer Name = RAINER | Source = W32Time | ID = 39452701
Description = Der Zeitanbieter "NtpClient" wurde für die Zeiterfassung von mehreren
Zeitquellen konfiguriert. Es ist jedoch Keine der Quellen verfügbar. Innerhalb der
nächsten 14 Minuten wird kein Versuch unternommen, eine Verbindung mit der Quelle
herzustellen. Der NtpClient verfügt über keine Quelle mit genauer Zeit.
Error - 12.07.2010 15:21:51 | Computer Name = RAINER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error - 15.07.2010 03:39:11 | Computer Name = RAINER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error - 16.07.2010 03:26:40 | Computer Name = RAINER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error - 17.07.2010 13:27:25 | Computer Name = RAINER | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.178.22 für die Netzwerkkarte mit der Netzwerkadresse
00166F8BA434 wurde durch den DHCP-Server 192.168.2.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
Error - 17.07.2010 13:27:57 | Computer Name = RAINER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error - 18.07.2010 12:36:49 | Computer Name = RAINER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error - 18.07.2010 14:28:25 | Computer Name = RAINER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
Error - 18.07.2010 14:29:14 | Computer Name = RAINER | Source = System Error | ID = 1003
Description = Fehlercode 00000006, 1. Parameter 00000000, 2. Parameter 00000000,
3. Parameter 00000000, 4. Parameter 00000000.
Error - 19.07.2010 14:27:45 | Computer Name = RAINER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
IntelIde
< End of report >
--- --- ---
OTL Logfile: Code:
OTL logfile created on: 19.07.2010 20:43:31 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Dokumente und Einstellungen\xxx\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.014,00 Mb Total Physical Memory | 489,00 Mb Available Physical Memory | 48,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 82,00% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 93,16 Gb Total Space | 76,33 Gb Free Space | 81,94% Space Free | Partition Type: NTFS
Unable to calculate disk information.
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: RAINER
Current User Name: xxx
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\xxx\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
PRC - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtblfs.exe (Kaspersky Lab)
PRC - C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
PRC - C:\Programme\Winamp\winampa.exe ()
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\DAEMON Tools\daemon.exe (DT Soft Ltd.)
PRC - C:\Programme\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
PRC - C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Toshiba\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
PRC - C:\Programme\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
PRC - C:\WINDOWS\system32\TCtrlIOHook.exe (TOSHIBA)
PRC - C:\WINDOWS\system32\TPSMain.exe (TOSHIBA Corporation)
PRC - C:\WINDOWS\system32\TPSBattM.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
PRC - C:\WINDOWS\system32\ZoomingHook.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\TOSHIBA Controls\TFncKy.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
PRC - C:\Programme\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation)
PRC - C:\Programme\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
PRC - C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
PRC - C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)
PRC - C:\Programme\Logitech\MouseWare\system\EM_EXEC.EXE (Logitech Inc.)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\xxx\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\system32\msvcp60.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Programme\Gemeinsame Dateien\Logitech\Scrolling\LGMSGHK.DLL (Logitech Inc.)
MOD - C:\Programme\Logitech\MouseWare\system\LgWndHk.dll (Logitech Inc.)
========== Win32 Services (SafeList) ==========
SRV - (HidServ) -- C:\WINDOWS\System32\hidserv.dll File not found
SRV - (AppMgmt) -- C:\WINDOWS\System32\appmgmts.dll File not found
SRV - (AVP) -- C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
SRV - (CSObjectsSrv) -- C:\Programme\Gemeinsame Dateien\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (Infowatch)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (AVM IGD CTRL Service) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE (AVM Berlin)
SRV - (de_serv) -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe (AVM Berlin)
SRV - (CVPND) -- C:\Programme\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (CFSvcs) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe (TOSHIBA CORPORATION)
SRV - (DVD-RAM_Service) -- C:\WINDOWS\system32\DVDRAMSV.exe (Matsushita Electric Industrial Co., Ltd.)
========== Driver Services (SafeList) ==========
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (CSCrySec) -- C:\WINDOWS\system32\DRIVERS\CSCrySec.sys (Infowatch)
DRV - (CSVirtualDiskDrv) -- C:\WINDOWS\system32\drivers\CSVirtualDiskDrv.sys (Infowatch)
DRV - (KLBG) -- C:\WINDOWS\system32\DRIVERS\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab)
DRV - (NwlnkIpx) -- C:\WINDOWS\system32\drivers\nwlnkipx.sys (Microsoft Corporation)
DRV - (nm) -- C:\WINDOWS\system32\drivers\nmnt.sys (Microsoft Corporation)
DRV - (USBModem) -- C:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\WINDOWS\system32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (NETFWDSL) -- C:\WINDOWS\system32\drivers\NETFWDSL.SYS (AVM Berlin)
DRV - (NETDSL) -- C:\WINDOWS\system32\drivers\netdsl.sys (Microsoft Corporation)
DRV - (CVPNDRVA) -- C:\WINDOWS\system32\drivers\CVPNDRVA.sys (Cisco Systems, Inc.)
DRV - (Tvs) -- C:\WINDOWS\system32\drivers\Tvs.sys (TOSHIBA Corporation)
DRV - (DNE) -- C:\WINDOWS\system32\drivers\dne2000.sys (Deterministic Networks, Inc.)
DRV - (tifm21) -- C:\WINDOWS\system32\drivers\tifm21.sys (Texas Instruments)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (TPwSav) -- C:\WINDOWS\system32\drivers\TPwSav.sys (TOSHIBA )
DRV - (meiudf) -- C:\WINDOWS\system32\drivers\meiudf.sys (Matsushita Electric Industrial Co.,Ltd.)
DRV - (tfsnudfa) -- C:\WINDOWS\system32\dla\tfsnudfa.sys (Sonic Solutions)
DRV - (tfsnudf) -- C:\WINDOWS\system32\dla\tfsnudf.sys (Sonic Solutions)
DRV - (tfsnifs) -- C:\WINDOWS\system32\dla\tfsnifs.sys (Sonic Solutions)
DRV - (tfsncofs) -- C:\WINDOWS\system32\dla\tfsncofs.sys (Sonic Solutions)
DRV - (tfsnboio) -- C:\WINDOWS\system32\dla\tfsnboio.sys (Sonic Solutions)
DRV - (tfsnopio) -- C:\WINDOWS\system32\dla\tfsnopio.sys (Sonic Solutions)
DRV - (tfsnpool) -- C:\WINDOWS\system32\dla\tfsnpool.sys (Sonic Solutions)
DRV - (tfsndrct) -- C:\WINDOWS\system32\dla\tfsndrct.sys (Sonic Solutions)
DRV - (tfsndres) -- C:\WINDOWS\system32\dla\tfsndres.sys (Sonic Solutions)
DRV - (CVirtA) -- C:\WINDOWS\system32\drivers\CVirtA.sys (Cisco Systems, Inc.)
DRV - (sscdbhk5) -- C:\WINDOWS\system32\drivers\sscdbhk5.sys (Sonic Solutions)
DRV - (ssrtln) -- C:\WINDOWS\system32\drivers\ssrtln.sys (Sonic Solutions)
DRV - (w29n51) Intel(R) -- C:\WINDOWS\system32\drivers\w29n51.sys (Intel® Corporation)
DRV - (drvmcdb) -- C:\WINDOWS\system32\drivers\drvmcdb.sys (Sonic Solutions)
DRV - (drvnddm) -- C:\WINDOWS\system32\drivers\drvnddm.sys (Sonic Solutions)
DRV - (tosrfec) -- C:\WINDOWS\system32\drivers\Tosrfec.sys (TOSHIBA Corporation)
DRV - (AgereSoftModem) -- C:\WINDOWS\system32\drivers\AGRSM.sys (Agere Systems)
DRV - (RTL8023xp) -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys (Realtek Semiconductor Corporation )
DRV - (vsdatant) -- C:\WINDOWS\system32\vsdatant.sys (Zone Labs LLC)
DRV - (ApfiltrService) -- C:\WINDOWS\system32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (NwlnkNb) -- C:\WINDOWS\system32\drivers\nwlnknb.sys (Microsoft Corporation)
DRV - (NwlnkSpx) -- C:\WINDOWS\system32\drivers\nwlnkspx.sys (Microsoft Corporation)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (SrvcSSIOMngr) -- C:\WINDOWS\system32\drivers\SSIOMngr.sys (COMPAL ELECTRONIC INC.)
DRV - (LMouFlt2) -- C:\WINDOWS\system32\drivers\LMouFlt2.Sys (Logitech, Inc.)
DRV - (LHidUsb) -- C:\WINDOWS\system32\drivers\LHidUsb.sys (Logitech, Inc.)
DRV - (LHidFlt2) -- C:\WINDOWS\system32\drivers\LHidFlt2.Sys (Logitech, Inc.)
DRV - (Pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.)
DRV - (Iviaspi) -- C:\WINDOWS\system32\drivers\iviaspi.sys (InterVideo, Inc.)
DRV - (tandpl) -- C:\WINDOWS\system32\drivers\tandpl.sys ()
DRV - (enodpl) -- C:\WINDOWS\system32\drivers\enodpl.sys ()
DRV - (Netdevio) -- C:\WINDOWS\system32\drivers\Netdevio.sys (TOSHIBA Corporation.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.web.de/"
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:3.5.0
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.192
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programme\Real\RealPlayer\browserrecord [2008.07.28 19:13:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.07.02 10:33:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.07.02 10:33:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: C:\Programme\Kaspersky Lab\Kaspersky PURE\THBExt [2010.07.05 22:49:22 | 000,000,000 | ---D | M]
[2008.12.24 13:02:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Rainer Burkhardt\Anwendungsdaten\Mozilla\Extensions
[2010.07.18 20:39:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\qox08tfv.default\extensions
[2009.09.13 16:18:19 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\qox08tfv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.08.11 21:28:03 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\qox08tfv.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2008.04.10 20:15:19 | 000,000,273 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Anwendungsdaten\Mozilla\Firefox\Profiles\qox08tfv.default\searchplugins\search.xml
[2010.07.18 20:39:43 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.07.05 22:50:28 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010.07.02 10:33:15 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.07.02 10:33:15 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.07.02 10:33:15 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.07.02 10:33:15 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.07.02 10:33:15 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Programme\Kaspersky Lab\Kaspersky PURE\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Toolbar) - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Programme\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Toolbar) - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} - C:\Programme\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Programme\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVP] C:\Programme\Kaspersky Lab\Kaspersky PURE\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [CeEKEY] C:\Programme\Toshiba\E-KEY\CeEKey.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [HWSetup] C:\Programme\TOSHIBA\TOSHIBA Applet\HWSetup.exe (TOSHIBA CO.,LTD.)
O4 - HKLM..\Run: [Logitech Utility] C:\WINDOWS\LOGI_MWX.EXE (Logitech Inc.)
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [PadTouch] C:\Programme\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SVPWUTIL] C:\Programme\Toshiba\Windows Utilities\SVPWUTIL.exe (TOSHIBA)
O4 - HKLM..\Run: [TCtryIOHook] C:\WINDOWS\System32\TCtrlIOHook.exe (TOSHIBA)
O4 - HKLM..\Run: [TFncKy] File not found
O4 - HKLM..\Run: [TPNF] C:\Programme\Toshiba\TouchPad\TPTray.exe (COMPAL ELECTRONIC INC.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Tvs] C:\Programme\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Zooming] C:\WINDOWS\System32\ZoomingHook.exe (TOSHIBA)
O4 - HKCU..\Run: [DAEMON Tools] C:\Programme\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU..\Run: [Orb] C:\Programme\Winamp Remote\bin\OrbTray.exe (Orb Networks)
O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKCU..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2007\MemOptimizer.exe File not found
O4 - HKCU..\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Cisco Systems VPN Client.lnk = C:\Programme\Cisco Systems\VPN Client\vpngui.exe (Cisco Systems, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Google Search - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Backward &Links - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Cac&hed Snapshot of Page - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Programme\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm ()
O8 - Extra context menu item: Si&milar Pages - C:\Programme\Google\GoogleToolbar1.dll (Google Inc.)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky PURE\klwtbbho.dll (Kaspersky Lab)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll) - C:\Programme\Kaspersky Lab\Kaspersky PURE\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\klogon: DllName - C:\WINDOWS\system32\klogon.dll - C:\WINDOWS\system32\klogon.dll (Kaspersky Lab)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.09.12 13:08:10 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010.07.19 20:42:27 | 000,574,976 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\xxx\Desktop\OTL.exe
[2010.07.18 22:34:05 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\xxx\Recent
[2010.07.17 20:06:30 | 000,499,712 | ---- | C] (eSage Lab) -- C:\WINDOWS\System32\remover.exe
[2010.07.17 20:04:12 | 000,499,712 | ---- | C] (eSage Lab) -- C:\Dokumente und Einstellungen\xxx\Desktop\remover.exe
[2010.07.17 19:59:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rainer Burkhardt\Desktop\Bootkick re
[2010.07.17 19:49:36 | 000,000,000 | ---D | C] -- C:\Programme\Trend Micro
[2010.07.16 11:28:29 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2010.07.16 10:01:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Conduit
[2010.07.16 10:01:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Real
[2010.07.16 10:01:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch
[2010.07.15 10:38:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Conduit
[2010.07.15 09:45:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Softonic_Deutsch
[2010.07.15 09:45:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Real
[2010.07.15 09:42:59 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.07.12 22:10:12 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.07.12 22:10:01 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.07.11 19:36:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Macromedia
[2010.07.05 22:49:28 | 000,039,352 | ---- | C] (Infowatch) -- C:\WINDOWS\System32\drivers\CSVirtualDiskDrv.sys
[2010.07.05 22:49:26 | 000,088,632 | ---- | C] (Infowatch) -- C:\WINDOWS\System32\drivers\CSCrySec.sys
[2010.07.05 22:49:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2010.07.05 22:48:36 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InfoWatch
[2010.07.05 22:48:35 | 000,000,000 | ---D | C] -- C:\Programme\Kaspersky Lab
[2010.07.05 22:48:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab
[2010.07.05 22:48:08 | 000,315,408 | ---- | C] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010.07.05 22:39:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kaspersky Lab Setup Files
[2010.07.04 22:05:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Macromedia
[2010.07.02 10:07:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rainer Burkhardt\Anwendungsdaten\Avira
[2010.07.02 09:36:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Rainer Burkhardt\Lokale Einstellungen\Anwendungsdaten\Conduit
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010.07.19 20:42:27 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\xxx\Desktop\OTL.exe
[2010.07.19 20:28:36 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.07.19 20:27:32 | 000,001,044 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010.07.19 20:27:13 | 000,001,104 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.19 20:27:09 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.07.19 20:27:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.07.18 23:20:17 | 004,194,304 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\NTUSER.DAT
[2010.07.18 23:19:55 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\xxx\ntuser.ini
[2010.07.18 23:02:00 | 000,001,108 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.18 22:00:35 | 000,002,571 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\OpenOffice.org Writer.lnk
[2010.07.18 18:39:39 | 002,767,958 | ---- | M] () -- C:\Rehbock2.JPG
[2010.07.18 18:39:32 | 002,623,683 | ---- | M] () -- C:\Rehbock.JPG
[2010.07.18 18:39:21 | 000,080,127 | ---- | M] () -- C:\P30-06-09_11.01.jpg
[2010.07.18 18:39:21 | 000,057,662 | ---- | M] () -- C:\P30-06-09_11.01[1].jpg
[2010.07.18 18:39:21 | 000,053,825 | ---- | M] () -- C:\P30-06-09_11.04[1].jpg
[2010.07.18 18:39:20 | 000,095,864 | ---- | M] () -- C:\P29-06-09_18.24.jpg
[2010.07.18 18:39:20 | 000,090,138 | ---- | M] () -- C:\P30-04-08_14.28.jpg
[2010.07.18 18:39:20 | 000,085,164 | ---- | M] () -- C:\P29-06-09_18.21.jpg
[2010.07.18 18:39:20 | 000,071,698 | ---- | M] () -- C:\P29-06-09_18.21[1].jpg
[2010.07.18 18:39:19 | 000,052,827 | ---- | M] () -- C:\P29-06-09_18.18[1].jpg
[2010.07.18 18:39:19 | 000,049,003 | ---- | M] () -- C:\P29-06-09_18.18[4].jpg
[2010.07.18 18:39:19 | 000,042,614 | ---- | M] () -- C:\P29-06-09_18.09[2].jpg
[2010.07.18 18:39:19 | 000,041,487 | ---- | M] () -- C:\P29-06-09_18.18[2].jpg
[2010.07.18 18:39:19 | 000,040,151 | ---- | M] () -- C:\P29-06-09_18.18[3].jpg
[2010.07.18 18:39:19 | 000,038,289 | ---- | M] () -- C:\P29-06-09_18.18.jpg
[2010.07.18 18:39:18 | 000,068,228 | ---- | M] () -- C:\P27-03-09_10.59[2].jpg
[2010.07.18 18:39:18 | 000,053,409 | ---- | M] () -- C:\P28-06-08_16.32.jpg
[2010.07.18 18:39:18 | 000,044,512 | ---- | M] () -- C:\P29-06-09_18.09.jpg
[2010.07.18 18:39:18 | 000,044,328 | ---- | M] () -- C:\P28-06-08_16.34.jpg
[2010.07.18 18:39:18 | 000,043,333 | ---- | M] () -- C:\P27-03-09_11.15[1].jpg
[2010.07.18 18:39:18 | 000,041,721 | ---- | M] () -- C:\P27-06-08_13.30.jpg
[2010.07.18 18:39:18 | 000,041,307 | ---- | M] () -- C:\P27-06-08_13.31.jpg
[2010.07.18 18:39:18 | 000,035,067 | ---- | M] () -- C:\P27-03-09_11.15.jpg
[2010.07.18 18:39:18 | 000,032,645 | ---- | M] () -- C:\P29-06-09_18.09[1].jpg
[2010.07.18 18:39:18 | 000,020,191 | ---- | M] () -- C:\P28-02-09_08.34.jpg
[2010.07.18 18:39:17 | 000,072,872 | ---- | M] () -- C:\P27-03-09_10.59[1].jpg
[2010.07.18 18:39:17 | 000,071,175 | ---- | M] () -- C:\P22-08-08_14.41.jpg
[2010.07.18 18:39:17 | 000,052,879 | ---- | M] () -- C:\P27-03-09_10.59.jpg
[2010.07.18 18:39:16 | 000,113,574 | ---- | M] () -- C:\P22-08-08_14.14[1].jpg
[2010.07.18 18:39:16 | 000,075,995 | ---- | M] () -- C:\P22-08-08_14.40.jpg
[2010.07.18 18:39:16 | 000,060,554 | ---- | M] () -- C:\P22-08-08_11.59.jpg
[2010.07.18 18:39:16 | 000,059,307 | ---- | M] () -- C:\P22-08-08_11.58.jpg
[2010.07.18 18:39:15 | 000,116,029 | ---- | M] () -- C:\P22-05-09_17.16.jpg
[2010.07.18 18:39:15 | 000,113,629 | ---- | M] () -- C:\P22-05-09_17.17.jpg
[2010.07.18 18:39:15 | 000,085,932 | ---- | M] () -- C:\P22-08-08_10.53.jpg
[2010.07.18 18:39:14 | 000,103,113 | ---- | M] () -- C:\P21-05-09_19.42[2].jpg
[2010.07.18 18:39:14 | 000,097,286 | ---- | M] () -- C:\P21-05-09_19.42[1].jpg
[2010.07.18 18:39:14 | 000,091,315 | ---- | M] () -- C:\P21-05-09_19.42.jpg
[2010.07.18 18:39:13 | 000,075,088 | ---- | M] () -- C:\P17-05-08_15.36.jpg
[2010.07.18 18:39:13 | 000,066,845 | ---- | M] () -- C:\P17-05-08_15.34.jpg
[2010.07.18 18:39:13 | 000,065,578 | ---- | M] () -- C:\P17-05-08_15.35.jpg
[2010.07.18 18:39:13 | 000,060,106 | ---- | M] () -- C:\P17-05-08_15.34[1].jpg
[2010.07.18 18:39:13 | 000,056,118 | ---- | M] () -- C:\P21-02-09_16.37.jpg
[2010.07.18 18:39:13 | 000,033,062 | ---- | M] () -- C:\P20-05-09_15.57.jpg
[2010.07.18 18:39:12 | 000,118,414 | ---- | M] () -- C:\P16-04-09_14.13[1].jpg
[2010.07.18 18:39:12 | 000,077,309 | ---- | M] () -- C:\P17-05-08_15.32.jpg
[2010.07.18 18:39:12 | 000,070,740 | ---- | M] () -- C:\P17-05-08_15.32[1].jpg
[2010.07.18 18:39:11 | 000,126,791 | ---- | M] () -- C:\P16-04-09_14.12[1].jpg
[2010.07.18 18:39:11 | 000,124,928 | ---- | M] () -- C:\P16-04-09_14.12.jpg
[2010.07.18 18:39:11 | 000,117,425 | ---- | M] () -- C:\P16-04-09_14.13.jpg
[2010.07.18 18:39:10 | 000,082,890 | ---- | M] () -- C:\P15-07-09_20.25.jpg
[2010.07.18 18:39:10 | 000,082,403 | ---- | M] () -- C:\P15-07-09_20.25[3].jpg
[2010.07.18 18:39:10 | 000,073,267 | ---- | M] () -- C:\P15-07-09_20.25[2].jpg
[2010.07.18 18:39:10 | 000,073,010 | ---- | M] () -- C:\P15-07-09_20.25[1].jpg
[2010.07.18 18:39:10 | 000,047,999 | ---- | M] () -- C:\P15-07-09_20.58.jpg
[2010.07.18 18:39:10 | 000,046,775 | ---- | M] () -- C:\P15-07-09_20.57.jpg
[2010.07.18 18:39:09 | 000,087,104 | ---- | M] () -- C:\P15-07-09_19.45[1].jpg
[2010.07.18 18:39:09 | 000,062,893 | ---- | M] () -- C:\P15-07-09_19.45[2].jpg
[2010.07.18 18:39:09 | 000,058,018 | ---- | M] () -- C:\P15-07-09_19.20.jpg
[2010.07.18 18:39:09 | 000,057,430 | ---- | M] () -- C:\P15-07-09_20.24.jpg
[2010.07.18 18:39:09 | 000,049,346 | ---- | M] () -- C:\P15-07-09_19.45.jpg
[2010.07.18 18:39:09 | 000,034,083 | ---- | M] () -- C:\P15-07-09_19.44.jpg
[2010.07.18 18:39:08 | 000,059,721 | ---- | M] () -- C:\P15-06-08_15.43.jpg
[2010.07.18 18:39:08 | 000,056,765 | ---- | M] () -- C:\P14-07-09_21.43[1].jpg
[2010.07.18 18:39:08 | 000,054,981 | ---- | M] () -- C:\P15-06-08_17.03.jpg
[2010.07.18 18:39:08 | 000,048,461 | ---- | M] () -- C:\P14-07-09_21.43[2].jpg
[2010.07.18 18:39:08 | 000,035,143 | ---- | M] () -- C:\P14-07-09_22.04.jpg
[2010.07.18 18:39:08 | 000,028,848 | ---- | M] () -- C:\P14-07-09_22.03[1].jpg
[2010.07.18 18:39:08 | 000,026,806 | ---- | M] () -- C:\P14-07-09_22.03.jpg
[2010.07.18 18:39:08 | 000,011,261 | ---- | M] () -- C:\P14-07-09_21.59[1].jpg
[2010.07.18 18:39:08 | 000,011,254 | ---- | M] () -- C:\P14-07-09_21.59.jpg
[2010.07.18 18:39:07 | 000,084,072 | ---- | M] () -- C:\P14-07-09_17.33.jpg
[2010.07.18 18:39:07 | 000,072,545 | ---- | M] () -- C:\P14-07-09_17.35.jpg
[2010.07.18 18:39:07 | 000,065,986 | ---- | M] () -- C:\P14-07-09_17.29.jpg
[2010.07.18 18:39:07 | 000,046,915 | ---- | M] () -- C:\P14-07-09_17.33[1].jpg
[2010.07.18 18:39:07 | 000,044,351 | ---- | M] () -- C:\P14-07-09_21.43.jpg
[2010.07.18 18:39:07 | 000,041,525 | ---- | M] () -- C:\P14-07-09_17.43.jpg
[2010.07.18 18:39:06 | 000,083,329 | ---- | M] () -- C:\P14-07-09_17.26.jpg
[2010.07.18 18:39:06 | 000,067,374 | ---- | M] () -- C:\P14-07-09_16.06[1].jpg
[2010.07.18 18:39:06 | 000,062,642 | ---- | M] () -- C:\P14-07-09_16.54.jpg
[2010.07.18 18:39:06 | 000,054,571 | ---- | M] () -- C:\P14-07-09_16.08.jpg
[2010.07.18 18:39:06 | 000,054,189 | ---- | M] () -- C:\P14-07-09_16.07.jpg
[2010.07.18 18:39:06 | 000,052,339 | ---- | M] () -- C:\P14-07-09_17.28.jpg
[2010.07.18 18:39:06 | 000,041,192 | ---- | M] () -- C:\P14-07-09_17.24[1].jpg
[2010.07.18 18:39:06 | 000,040,955 | ---- | M] () -- C:\P14-07-09_17.24.jpg
[2010.07.18 18:39:05 | 000,095,579 | ---- | M] () -- C:\P14-07-09_16.05.jpg
[2010.07.18 18:39:05 | 000,073,828 | ---- | M] () -- C:\P14-07-09_16.06.jpg
[2010.07.18 18:39:05 | 000,056,830 | ---- | M] () -- C:\P14-07-09_15.59[2].jpg
[2010.07.18 18:39:04 | 000,081,919 | ---- | M] () -- C:\P14-07-09_15.04.jpg
[2010.07.18 18:39:04 | 000,068,909 | ---- | M] () -- C:\P13-07-09_11.59.jpg
[2010.07.18 18:39:04 | 000,051,955 | ---- | M] () -- C:\P14-07-09_15.59.jpg
[2010.07.18 18:39:04 | 000,046,852 | ---- | M] () -- C:\P13-07-09_11.29.jpg
[2010.07.18 18:39:04 | 000,044,666 | ---- | M] () -- C:\P13-07-09_11.29[1].jpg
[2010.07.18 18:39:04 | 000,040,768 | ---- | M] () -- C:\P14-07-09_15.59[1].jpg
[2010.07.18 18:39:03 | 000,075,704 | ---- | M] () -- C:\P13-07-09_11.12[1].jpg
[2010.07.18 18:39:03 | 000,066,143 | ---- | M] () -- C:\P13-07-09_11.26.jpg
[2010.07.18 18:39:03 | 000,061,513 | ---- | M] () -- C:\P13-07-09_11.28.jpg
[2010.07.18 18:39:03 | 000,054,252 | ---- | M] () -- C:\P13-07-09_11.28[1].jpg
[2010.07.18 18:39:03 | 000,048,323 | ---- | M] () -- C:\P13-07-09_11.25.jpg
[2010.07.18 18:39:03 | 000,048,165 | ---- | M] () -- C:\P13-07-09_11.25[1].jpg
[2010.07.18 18:39:03 | 000,045,710 | ---- | M] () -- C:\P13-07-09_11.25[2].jpg
[2010.07.18 18:39:02 | 000,081,745 | ---- | M] () -- C:\P13-07-09_11.12.jpg
[2010.07.18 18:39:02 | 000,069,314 | ---- | M] () -- C:\P13-07-08_15.55.jpg
[2010.07.18 18:39:02 | 000,066,645 | ---- | M] () -- C:\P12-09-08_12.56[3].jpg
[2010.07.18 18:39:02 | 000,042,337 | ---- | M] () -- C:\P13-07-08_15.53.jpg
[2010.07.18 18:39:01 | 000,093,163 | ---- | M] () -- C:\P12-06-09_11.18[1].jpg
[2010.07.18 18:39:01 | 000,074,416 | ---- | M] () -- C:\P07-06-09_13.09[1].jpg
[2010.07.18 18:39:01 | 000,065,741 | ---- | M] () -- C:\P07-06-09_13.09[2].jpg
[2010.07.18 18:39:01 | 000,047,186 | ---- | M] () -- C:\P09-12-08_15.45.jpg
[2010.07.18 18:39:01 | 000,046,332 | ---- | M] () -- C:\P07-06-09_13.09.jpg
[2010.07.18 18:39:01 | 000,022,237 | ---- | M] () -- C:\P12-09-08_12.56[2].jpg
[2010.07.18 18:39:00 | 000,078,381 | ---- | M] () -- C:\P07-06-09_12.06.jpg
[2010.07.18 18:39:00 | 000,065,199 | ---- | M] () -- C:\P07-06-09_12.05.jpg
[2010.07.18 18:39:00 | 000,043,753 | ---- | M] () -- C:\P07-06-09_11.19[1].jpg
[2010.07.18 18:39:00 | 000,039,725 | ---- | M] () -- C:\P07-06-09_12.09.jpg
[2010.07.18 18:38:59 | 000,055,338 | ---- | M] () -- C:\P07-06-09_11.18.jpg
[2010.07.18 18:38:59 | 000,054,153 | ---- | M] () -- C:\P07-06-09_11.15[1].jpg
[2010.07.18 18:38:59 | 000,047,050 | ---- | M] () -- C:\P07-06-09_11.19.jpg
[2010.07.18 18:38:59 | 000,040,498 | ---- | M] () -- C:\P07-06-09_11.15.jpg
[2010.07.18 18:38:59 | 000,037,685 | ---- | M] () -- C:\P07-05-09_13.00.jpg
[2010.07.18 18:38:59 | 000,022,268 | ---- | M] () -- C:\P07-05-09_12.51.jpg
[2010.07.18 18:38:58 | 000,088,050 | ---- | M] () -- C:\P07-05-09_12.39.jpg
[2010.07.18 18:38:58 | 000,072,611 | ---- | M] () -- C:\P07-05-09_12.37[1].jpg
[2010.07.18 18:38:58 | 000,028,494 | ---- | M] () -- C:\P07-05-09_12.45.jpg
[2010.07.18 18:38:58 | 000,022,174 | ---- | M] () -- C:\P07-05-09_12.45[2].jpg
[2010.07.18 18:38:58 | 000,022,134 | ---- | M] () -- C:\P07-05-09_12.45[1].jpg
[2010.07.18 18:38:58 | 000,018,088 | ---- | M] () -- C:\P07-05-09_12.50.jpg
[2010.07.18 18:38:57 | 000,079,196 | ---- | M] () -- C:\P06-05-09_18.48.jpg
[2010.07.18 18:38:57 | 000,075,190 | ---- | M] () -- C:\P06-05-09_18.42[1].jpg
[2010.07.18 18:38:57 | 000,073,838 | ---- | M] () -- C:\P07-05-09_12.37.jpg
[2010.07.18 18:38:57 | 000,056,237 | ---- | M] () -- C:\P06-05-09_18.44.jpg
[2010.07.18 18:38:57 | 000,054,543 | ---- | M] () -- C:\P06-05-09_18.42.jpg
[2010.07.18 18:38:57 | 000,053,576 | ---- | M] () -- C:\P06-05-09_18.49.jpg
[2010.07.18 18:38:56 | 000,090,251 | ---- | M] () -- C:\P06-05-09_16.22[1].jpg
[2010.07.18 18:38:56 | 000,079,014 | ---- | M] () -- C:\P06-05-09_18.07.jpg
[2010.07.18 18:38:56 | 000,076,349 | ---- | M] () -- C:\P06-05-09_18.07[2].jpg
[2010.07.18 18:38:56 | 000,074,986 | ---- | M] () -- C:\P06-05-09_18.07[1].jpg
[2010.07.18 18:38:55 | 000,084,392 | ---- | M] () -- C:\P06-05-09_16.22.jpg
[2010.07.18 18:38:55 | 000,078,674 | ---- | M] () -- C:\P06-05-09_16.12.jpg
[2010.07.18 18:38:55 | 000,031,897 | ---- | M] () -- C:\P06-05-09_15.29.jpg
[2010.07.18 18:38:55 | 000,030,413 | ---- | M] () -- C:\P06-05-09_15.28[1].jpg
[2010.07.18 18:38:55 | 000,029,473 | ---- | M] () -- C:\P06-05-09_15.29[1].jpg
[2010.07.18 18:38:54 | 000,069,708 | ---- | M] () -- C:\P06-05-09_13.54.jpg
[2010.07.18 18:38:54 | 000,050,187 | ---- | M] () -- C:\P06-05-09_13.54[1].jpg
[2010.07.18 18:38:54 | 000,047,302 | ---- | M] () -- C:\P06-05-09_13.55.jpg
[2010.07.18 18:38:54 | 000,046,847 | ---- | M] () -- C:\P06-05-09_13.55[1].jpg
[2010.07.18 18:38:54 | 000,029,251 | ---- | M] () -- C:\P06-05-09_15.28.jpg
[2010.07.18 18:38:54 | 000,028,884 | ---- | M] () -- C:\P06-05-09_15.11[2].jpg
[2010.07.18 18:38:54 | 000,028,824 | ---- | M] () -- C:\P06-05-09_15.11.jpg
[2010.07.18 18:38:54 | 000,027,337 | ---- | M] () -- C:\P06-05-09_15.11[1].jpg
[2010.07.18 18:38:54 | 000,025,266 | ---- | M] () -- C:\P06-05-09_15.11[3].jpg
[2010.07.18 18:38:53 | 000,073,775 | ---- | M] () -- C:\P06-05-09_13.53[1].jpg
[2010.07.18 18:38:53 | 000,066,159 | ---- | M] () -- C:\P06-05-09_13.53.jpg
[2010.07.18 18:38:53 | 000,052,894 | ---- | M] () -- C:\P06-05-09_13.41.jpg
[2010.07.18 18:38:53 | 000,046,333 | ---- | M] () -- C:\P06-05-09_13.41[2].jpg
[2010.07.18 18:38:53 | 000,046,073 | ---- | M] () -- C:\P06-05-09_13.41[1].jpg
[2010.07.18 18:38:52 | 000,088,297 | ---- | M] () -- C:\P04-09-08_16.14.jpg
[2010.07.18 18:38:52 | 000,072,304 | ---- | M] () -- C:\P04-09-08_16.13.jpg
[2010.07.18 18:38:52 | 000,060,123 | ---- | M] () -- C:\P04-09-08_16.16.jpg
[2010.07.18 18:38:52 | 000,051,961 | ---- | M] () -- C:\P06-05-09_13.19[1].jpg
[2010.07.18 18:38:52 | 000,034,152 | ---- | M] () -- C:\P06-05-09_13.19.jpg
[2010.07.18 18:38:51 | 000,136,596 | ---- | M] () -- C:\P04-09-08_16.09.jpg
[2010.07.18 18:38:51 | 000,128,124 | ---- | M] () -- C:\P04-09-08_16.08.jpg
[2010.07.18 18:38:51 | 000,065,735 | ---- | M] () -- C:\P04-09-08_14.15.jpg
[2010.07.18 18:38:51 | 000,045,064 | ---- | M] () -- C:\P04-09-08_14.18[3].jpg
[2010.07.18 18:38:51 | 000,036,857 | ---- | M] () -- C:\P04-09-08_14.18[2].jpg
[2010.07.18 18:38:50 | 000,120,278 | ---- | M] () -- C:\P04-06-09_17.21.jpg
[2010.07.18 18:38:50 | 000,118,504 | ---- | M] () -- C:\P04-06-09_17.21[1].jpg
[2010.07.18 18:38:50 | 000,117,314 | ---- | M] () -- C:\P04-06-09_17.18.jpg
[2010.07.18 18:38:50 | 000,095,713 | ---- | M] () -- C:\P04-06-09_17.18[1].jpg
[2010.07.18 18:38:49 | 000,120,876 | ---- | M] () -- C:\P04-06-09_17.17.jpg
[2010.07.18 18:38:49 | 000,112,548 | ---- | M] () -- C:\P04-06-09_17.17[2].jpg
[2010.07.18 18:38:49 | 000,111,768 | ---- | M] () -- C:\P04-06-09_17.17[1].jpg
[2010.07.18 18:38:48 | 000,129,240 | ---- | M] () -- C:\P02-05-08_11.34.jpg
[2010.07.18 18:38:48 | 000,062,915 | ---- | M] () -- C:\P03-09-08_12.05.jpg
[2010.07.18 18:38:48 | 000,055,962 | ---- | M] () -- C:\P01-09-08_12.54.jpg
[2010.07.18 18:38:48 | 000,055,496 | ---- | M] () -- C:\P01-09-08_12.53[1].jpg
[2010.07.18 18:38:48 | 000,045,179 | ---- | M] () -- C:\P03-06-09_15.57.jpg
[2010.07.17 20:14:29 | 000,002,453 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\HiJackThis.lnk
[2010.07.16 11:28:47 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\xxx\Desktop\CCleaner.lnk
[2010.07.05 23:06:42 | 000,000,000 | ---- | M] () -- C:\WINDOWS\TPTray.INI
[2010.07.05 23:03:14 | 000,113,933 | ---- | M] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010.07.05 23:03:14 | 000,097,549 | ---- | M] () -- C:\WINDOWS\System32\drivers\klick.dat
[2010.07.05 22:48:08 | 000,315,408 | ---- | M] (Kaspersky Lab) -- C:\WINDOWS\System32\drivers\klif.sys
[2010.06.25 23:46:59 | 001,025,822 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.06.25 23:46:59 | 000,459,396 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.06.25 23:46:59 | 000,441,458 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.06.25 23:46:59 | 000,084,722 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.06.25 23:46:59 | 000,071,394 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.07.18 18:39:32 | 002,767,958 | ---- | C] () -- C:\Rehbock2.JPG
[2010.07.18 18:39:21 | 002,623,683 | ---- | C] () -- C:\Rehbock.JPG
[2010.07.18 18:39:21 | 000,057,662 | ---- | C] () -- C:\P30-06-09_11.01[1].jpg
[2010.07.18 18:39:21 | 000,053,825 | ---- | C] () -- C:\P30-06-09_11.04[1].jpg
[2010.07.18 18:39:20 | 000,095,864 | ---- | C] () -- C:\P29-06-09_18.24.jpg
[2010.07.18 18:39:20 | 000,090,138 | ---- | C] () -- C:\P30-04-08_14.28.jpg
[2010.07.18 18:39:20 | 000,080,127 | ---- | C] () -- C:\P30-06-09_11.01.jpg
[2010.07.18 18:39:20 | 000,071,698 | ---- | C] () -- C:\P29-06-09_18.21[1].jpg
[2010.07.18 18:39:19 | 000,085,164 | ---- | C] () -- C:\P29-06-09_18.21.jpg
[2010.07.18 18:39:19 | 000,052,827 | ---- | C] () -- C:\P29-06-09_18.18[1].jpg
[2010.07.18 18:39:19 | 000,049,003 | ---- | C] () -- C:\P29-06-09_18.18[4].jpg
[2010.07.18 18:39:19 | 000,041,487 | ---- | C] () -- C:\P29-06-09_18.18[2].jpg
[2010.07.18 18:39:19 | 000,040,151 | ---- | C] () -- C:\P29-06-09_18.18[3].jpg
[2010.07.18 18:39:19 | 000,038,289 | ---- | C] () -- C:\P29-06-09_18.18.jpg
[2010.07.18 18:39:18 | 000,053,409 | ---- | C] () -- C:\P28-06-08_16.32.jpg
[2010.07.18 18:39:18 | 000,044,512 | ---- | C] () -- C:\P29-06-09_18.09.jpg
[2010.07.18 18:39:18 | 000,044,328 | ---- | C] () -- C:\P28-06-08_16.34.jpg
[2010.07.18 18:39:18 | 000,043,333 | ---- | C] () -- C:\P27-03-09_11.15[1].jpg
[2010.07.18 18:39:18 | 000,042,614 | ---- | C] () -- C:\P29-06-09_18.09[2].jpg
[2010.07.18 18:39:18 | 000,041,721 | ---- | C] () -- C:\P27-06-08_13.30.jpg
[2010.07.18 18:39:18 | 000,041,307 | ---- | C] () -- C:\P27-06-08_13.31.jpg
[2010.07.18 18:39:18 | 000,035,067 | ---- | C] () -- C:\P27-03-09_11.15.jpg
[2010.07.18 18:39:18 | 000,032,645 | ---- | C] () -- C:\P29-06-09_18.09[1].jpg
[2010.07.18 18:39:18 | 000,020,191 | ---- | C] () -- C:\P28-02-09_08.34.jpg
[2010.07.18 18:39:17 | 000,072,872 | ---- | C] () -- C:\P27-03-09_10.59[1].jpg
[2010.07.18 18:39:17 | 000,068,228 | ---- | C] () -- C:\P27-03-09_10.59[2].jpg
[2010.07.18 18:39:17 | 000,052,879 | ---- | C] () -- C:\P27-03-09_10.59.jpg
[2010.07.18 18:39:16 | 000,113,574 | ---- | C] () -- C:\P22-08-08_14.14[1].jpg
[2010.07.18 18:39:16 | 000,075,995 | ---- | C] () -- C:\P22-08-08_14.40.jpg
[2010.07.18 18:39:16 | 000,071,175 | ---- | C] () -- C:\P22-08-08_14.41.jpg
[2010.07.18 18:39:16 | 000,060,554 | ---- | C] () -- C:\P22-08-08_11.59.jpg
[2010.07.18 18:39:15 | 000,113,629 | ---- | C] () -- C:\P22-05-09_17.17.jpg
[2010.07.18 18:39:15 | 000,085,932 | ---- | C] () -- C:\P22-08-08_10.53.jpg
[2010.07.18 18:39:15 | 000,059,307 | ---- | C] () -- C:\P22-08-08_11.58.jpg
[2010.07.18 18:39:14 | 000,116,029 | ---- | C] () -- C:\P22-05-09_17.16.jpg
[2010.07.18 18:39:14 | 000,103,113 | ---- | C] () -- C:\P21-05-09_19.42[2].jpg
[2010.07.18 18:39:14 | 000,097,286 | ---- | C] () -- C:\P21-05-09_19.42[1].jpg
[2010.07.18 18:39:13 | 000,091,315 | ---- | C] () -- C:\P21-05-09_19.42.jpg
[2010.07.18 18:39:13 | 000,075,088 | ---- | C] () -- C:\P17-05-08_15.36.jpg
[2010.07.18 18:39:13 | 000,065,578 | ---- | C] () -- C:\P17-05-08_15.35.jpg
[2010.07.18 18:39:13 | 000,060,106 | ---- | C] () -- C:\P17-05-08_15.34[1].jpg
[2010.07.18 18:39:13 | 000,056,118 | ---- | C] () -- C:\P21-02-09_16.37.jpg
[2010.07.18 18:39:13 | 000,033,062 | ---- | C] () -- C:\P20-05-09_15.57.jpg
[2010.07.18 18:39:12 | 000,077,309 | ---- | C] () -- C:\P17-05-08_15.32.jpg
[2010.07.18 18:39:12 | 000,070,740 | ---- | C] () -- C:\P17-05-08_15.32[1].jpg
[2010.07.18 18:39:12 | 000,066,845 | ---- | C] () -- C:\P17-05-08_15.34.jpg
[2010.07.18 18:39:11 | 000,126,791 | ---- | C] () -- C:\P16-04-09_14.12[1].jpg
[2010.07.18 18:39:11 | 000,118,414 | ---- | C] () -- C:\P16-04-09_14.13[1].jpg
[2010.07.18 18:39:11 | 000,117,425 | ---- | C] () -- C:\P16-04-09_14.13.jpg
[2010.07.18 18:39:10 | 000,124,928 | ---- | C] () -- C:\P16-04-09_14.12.jpg
[2010.07.18 18:39:10 | 000,082,403 | ---- | C] () -- C:\P15-07-09_20.25[3].jpg
[2010.07.18 18:39:10 | 000,073,267 | ---- | C] () -- C:\P15-07-09_20.25[2].jpg
[2010.07.18 18:39:10 | 000,073,010 | ---- | C] () -- C:\P15-07-09_20.25[1].jpg
[2010.07.18 18:39:10 | 000,047,999 | ---- | C] () -- C:\P15-07-09_20.58.jpg
[2010.07.18 18:39:10 | 000,046,775 | ---- | C] () -- C:\P15-07-09_20.57.jpg
[2010.07.18 18:39:09 | 000,087,104 | ---- | C] () -- C:\P15-07-09_19.45[1].jpg
[2010.07.18 18:39:09 | 000,082,890 | ---- | C] () -- C:\P15-07-09_20.25.jpg
[2010.07.18 18:39:09 | 000,062,893 | ---- | C] () -- C:\P15-07-09_19.45[2].jpg
[2010.07.18 18:39:09 | 000,057,430 | ---- | C] () -- C:\P15-07-09_20.24.jpg
[2010.07.18 18:39:09 | 000,049,346 | ---- | C] () -- C:\P15-07-09_19.45.jpg
[2010.07.18 18:39:09 | 000,034,083 | ---- | C] () -- C:\P15-07-09_19.44.jpg
[2010.07.18 18:39:08 | 000,059,721 | ---- | C] () -- C:\P15-06-08_15.43.jpg
[2010.07.18 18:39:08 | 000,058,018 | ---- | C] () -- C:\P15-07-09_19.20.jpg
[2010.07.18 18:39:08 | 000,054,981 | ---- | C] () -- C:\P15-06-08_17.03.jpg
[2010.07.18 18:39:08 | 000,048,461 | ---- | C] () -- C:\P14-07-09_21.43[2].jpg
[2010.07.18 18:39:08 | 000,035,143 | ---- | C] () -- C:\P14-07-09_22.04.jpg
[2010.07.18 18:39:08 | 000,028,848 | ---- | C] () -- C:\P14-07-09_22.03[1].jpg
[2010.07.18 18:39:08 | 000,026,806 | ---- | C] () -- C:\P14-07-09_22.03.jpg
[2010.07.18 18:39:08 | 000,011,261 | ---- | C] () -- C:\P14-07-09_21.59[1].jpg
[2010.07.18 18:39:08 | 000,011,254 | ---- | C] () -- C:\P14-07-09_21.59.jpg
[2010.07.18 18:39:07 | 000,084,072 | ---- | C] () -- C:\P14-07-09_17.33.jpg
[2010.07.18 18:39:07 | 000,072,545 | ---- | C] () -- C:\P14-07-09_17.35.jpg
[2010.07.18 18:39:07 | 000,056,765 | ---- | C] () -- C:\P14-07-09_21.43[1].jpg
[2010.07.18 18:39:07 | 000,046,915 | ---- | C] () -- C:\P14-07-09_17.33[1].jpg
[2010.07.18 18:39:07 | 000,044,351 | ---- | C] () -- C:\P14-07-09_21.43.jpg
[2010.07.18 18:39:07 | 000,041,525 | ---- | C] () -- C:\P14-07-09_17.43.jpg
[2010.07.18 18:39:06 | 000,083,329 | ---- | C] () -- C:\P14-07-09_17.26.jpg
[2010.07.18 18:39:06 | 000,065,986 | ---- | C] () -- C:\P14-07-09_17.29.jpg
[2010.07.18 18:39:06 | 000,062,642 | ---- | C] () -- C:\P14-07-09_16.54.jpg
[2010.07.18 18:39:06 | 000,054,571 | ---- | C] () -- C:\P14-07-09_16.08.jpg
[2010.07.18 18:39:06 | 000,054,189 | ---- | C] () -- C:\P14-07-09_16.07.jpg
[2010.07.18 18:39:06 | 000,052,339 | ---- | C] () -- C:\P14-07-09_17.28.jpg
[2010.07.18 18:39:06 | 000,041,192 | ---- | C] () -- C:\P14-07-09_17.24[1].jpg
[2010.07.18 18:39:06 | 000,040,955 | ---- | C] () -- C:\P14-07-09_17.24.jpg
[2010.07.18 18:39:05 | 000,095,579 | ---- | C] () -- C:\P14-07-09_16.05.jpg
[2010.07.18 18:39:05 | 000,073,828 | ---- | C] () -- C:\P14-07-09_16.06.jpg
[2010.07.18 18:39:05 | 000,067,374 | ---- | C] () -- C:\P14-07-09_16.06[1].jpg
[2010.07.18 18:39:05 | 000,056,830 | ---- | C] () -- C:\P14-07-09_15.59[2].jpg
[2010.07.18 18:39:04 | 000,081,919 | ---- | C] () -- C:\P14-07-09_15.04.jpg
[2010.07.18 18:39:04 | 000,068,909 | ---- | C] () -- C:\P13-07-09_11.59.jpg
[2010.07.18 18:39:04 | 000,051,955 | ---- | C] () -- C:\P14-07-09_15.59.jpg
[2010.07.18 18:39:04 | 000,044,666 | ---- | C] () -- C:\P13-07-09_11.29[1].jpg
[2010.07.18 18:39:04 | 000,040,768 | ---- | C] () -- C:\P14-07-09_15.59[1].jpg
[2010.07.18 18:39:03 | 000,066,143 | ---- | C] () -- C:\P13-07-09_11.26.jpg
[2010.07.18 18:39:03 | 000,061,513 | ---- | C] () -- C:\P13-07-09_11.28.jpg
[2010.07.18 18:39:03 | 000,054,252 | ---- | C] () -- C:\P13-07-09_11.28[1].jpg
[2010.07.18 18:39:03 | 000,048,323 | ---- | C] () -- C:\P13-07-09_11.25.jpg
[2010.07.18 18:39:03 | 000,048,165 | ---- | C] () -- C:\P13-07-09_11.25[1].jpg
[2010.07.18 18:39:03 | 000,046,852 | ---- | C] () -- C:\P13-07-09_11.29.jpg
[2010.07.18 18:39:03 | 000,045,710 | ---- | C] () -- C:\P13-07-09_11.25[2].jpg
[2010.07.18 18:39:02 | 000,081,745 | ---- | C] () -- C:\P13-07-09_11.12.jpg
[2010.07.18 18:39:02 | 000,075,704 | ---- | C] () -- C:\P13-07-09_11.12[1].jpg
[2010.07.18 18:39:02 | 000,069,314 | ---- | C] () -- C:\P13-07-08_15.55.jpg
[2010.07.18 18:39:02 | 000,042,337 | ---- | C] () -- C:\P13-07-08_15.53.jpg
[2010.07.18 18:39:01 | 000,093,163 | ---- | C] () -- C:\P12-06-09_11.18[1].jpg
[2010.07.18 18:39:01 | 000,074,416 | ---- | C] () -- C:\P07-06-09_13.09[1].jpg
[2010.07.18 18:39:01 | 000,066,645 | ---- | C] () -- C:\P12-09-08_12.56[3].jpg
[2010.07.18 18:39:01 | 000,065,741 | ---- | C] () -- C:\P07-06-09_13.09[2].jpg
[2010.07.18 18:39:01 | 000,047,186 | ---- | C] () -- C:\P09-12-08_15.45.jpg
[2010.07.18 18:39:01 | 000,022,237 | ---- | C] () -- C:\P12-09-08_12.56[2].jpg
[2010.07.18 18:39:00 | 000,078,381 | ---- | C] () -- C:\P07-06-09_12.06.jpg
[2010.07.18 18:39:00 | 000,065,199 | ---- | C] () -- C:\P07-06-09_12.05.jpg
[2010.07.18 18:39:00 | 000,046,332 | ---- | C] () -- C:\P07-06-09_13.09.jpg
[2010.07.18 18:39:00 | 000,039,725 | ---- | C] () -- C:\P07-06-09_12.09.jpg
[2010.07.18 18:38:59 | 000,055,338 | ---- | C] () -- C:\P07-06-09_11.18.jpg
[2010.07.18 18:38:59 | 000,054,153 | ---- | C] () -- C:\P07-06-09_11.15[1].jpg
[2010.07.18 18:38:59 | 000,047,050 | ---- | C] () -- C:\P07-06-09_11.19.jpg
[2010.07.18 18:38:59 | 000,043,753 | ---- | C] () -- C:\P07-06-09_11.19[1].jpg
[2010.07.18 18:38:59 | 000,040,498 | ---- | C] () -- C:\P07-06-09_11.15.jpg
[2010.07.18 18:38:59 | 000,037,685 | ---- | C] () -- C:\P07-05-09_13.00.jpg
[2010.07.18 18:38:59 | 000,022,268 | ---- | C] () -- C:\P07-05-09_12.51.jpg
[2010.07.18 18:38:58 | 000,088,050 | ---- | C] () -- C:\P07-05-09_12.39.jpg
[2010.07.18 18:38:58 | 000,028,494 | ---- | C] () -- C:\P07-05-09_12.45.jpg
[2010.07.18 18:38:58 | 000,022,174 | ---- | C] () -- C:\P07-05-09_12.45[2].jpg
[2010.07.18 18:38:58 | 000,022,134 | ---- | C] () -- C:\P07-05-09_12.45[1].jpg
[2010.07.18 18:38:58 | 000,018,088 | ---- | C] () -- C:\P07-05-09_12.50.jpg
[2010.07.18 18:38:57 | 000,079,196 | ---- | C] () -- C:\P06-05-09_18.48.jpg
[2010.07.18 18:38:57 | 000,075,190 | ---- | C] () -- C:\P06-05-09_18.42[1].jpg
[2010.07.18 18:38:57 | 000,073,838 | ---- | C] () -- C:\P07-05-09_12.37.jpg
[2010.07.18 18:38:57 | 000,072,611 | ---- | C] () -- C:\P07-05-09_12.37[1].jpg
[2010.07.18 18:38:57 | 000,056,237 | ---- | C] () -- C:\P06-05-09_18.44.jpg
[2010.07.18 18:38:57 | 000,053,576 | ---- | C] () -- C:\P06-05-09_18.49.jpg
[2010.07.18 18:38:56 | 000,090,251 | ---- | C] () -- C:\P06-05-09_16.22[1].jpg
[2010.07.18 18:38:56 | 000,079,014 | ---- | C] () -- C:\P06-05-09_18.07.jpg
[2010.07.18 18:38:56 | 000,076,349 | ---- | C] () -- C:\P06-05-09_18.07[2].jpg
[2010.07.18 18:38:56 | 000,074,986 | ---- | C] () -- C:\P06-05-09_18.07[1].jpg
[2010.07.18 18:38:56 | 000,054,543 | ---- | C] () -- C:\P06-05-09_18.42.jpg
[2010.07.18 18:38:55 | 000,084,392 | ---- | C] () -- C:\P06-05-09_16.22.jpg
[2010.07.18 18:38:55 | 000,078,674 | ---- | C] () -- C:\P06-05-09_16.12.jpg
[2010.07.18 18:38:55 | 000,031,897 | ---- | C] () -- C:\P06-05-09_15.29.jpg
[2010.07.18 18:38:55 | 000,029,473 | ---- | C] () -- C:\P06-05-09_15.29[1].jpg
[2010.07.18 18:38:54 | 000,050,187 | ---- | C] () -- C:\P06-05-09_13.54[1].jpg
[2010.07.18 18:38:54 | 000,047,302 | ---- | C] () -- C:\P06-05-09_13.55.jpg
[2010.07.18 18:38:54 | 000,046,847 | ---- | C] () -- C:\P06-05-09_13.55[1].jpg
[2010.07.18 18:38:54 | 000,030,413 | ---- | C] () -- C:\P06-05-09_15.28[1].jpg
[2010.07.18 18:38:54 | 000,029,251 | ---- | C] () -- C:\P06-05-09_15.28.jpg
[2010.07.18 18:38:54 | 000,028,884 | ---- | C] () -- C:\P06-05-09_15.11[2].jpg
[2010.07.18 18:38:54 | 000,028,824 | ---- | C] () -- C:\P06-05-09_15.11.jpg
[2010.07.18 18:38:54 | 000,027,337 | ---- | C] () -- C:\P06-05-09_15.11[1].jpg
[2010.07.18 18:38:54 | 000,025,266 | ---- | C] () -- C:\P06-05-09_15.11[3].jpg
[2010.07.18 18:38:53 | 000,073,775 | ---- | C] () -- C:\P06-05-09_13.53[1].jpg
[2010.07.18 18:38:53 | 000,069,708 | ---- | C] () -- C:\P06-05-09_13.54.jpg
[2010.07.18 18:38:53 | 000,066,159 | ---- | C] () -- C:\P06-05-09_13.53.jpg
[2010.07.18 18:38:53 | 000,046,333 | ---- | C] () -- C:\P06-05-09_13.41[2].jpg
[2010.07.18 18:38:53 | 000,046,073 | ---- | C] () -- C:\P06-05-09_13.41[1].jpg
[2010.07.18 18:38:52 | 000,088,297 | ---- | C] () -- C:\P04-09-08_16.14.jpg
[2010.07.18 18:38:52 | 000,060,123 | ---- | C] () -- C:\P04-09-08_16.16.jpg
[2010.07.18 18:38:52 | 000,052,894 | ---- | C] () -- C:\P06-05-09_13.41.jpg
[2010.07.18 18:38:52 | 000,051,961 | ---- | C] () -- C:\P06-05-09_13.19[1].jpg
[2010.07.18 18:38:52 | 000,034,152 | ---- | C] () -- C:\P06-05-09_13.19.jpg
[2010.07.18 18:38:51 | 000,136,596 | ---- | C] () -- C:\P04-09-08_16.09.jpg
[2010.07.18 18:38:51 | 000,128,124 | ---- | C] () -- C:\P04-09-08_16.08.jpg
[2010.07.18 18:38:51 | 000,072,304 | ---- | C] () -- C:\P04-09-08_16.13.jpg
[2010.07.18 18:38:51 | 000,045,064 | ---- | C] () -- C:\P04-09-08_14.18[3].jpg
[2010.07.18 18:38:51 | 000,036,857 | ---- | C] () -- C:\P04-09-08_14.18[2].jpg
[2010.07.18 18:38:50 | 000,120,278 | ---- | C] () -- C:\P04-06-09_17.21.jpg
[2010.07.18 18:38:50 | 000,118,504 | ---- | C] () -- C:\P04-06-09_17.21[1].jpg
[2010.07.18 18:38:50 | 000,095,713 | ---- | C] () -- C:\P04-06-09_17.18[1].jpg
[2010.07.18 18:38:50 | 000,065,735 | ---- | C] () -- C:\P04-09-08_14.15.jpg
[2010.07.18 18:38:49 | 000,117,314 | ---- | C] () -- C:\P04-06-09_17.18.jpg
[2010.07.18 18:38:49 | 000,112,548 | ---- | C] () -- C:\P04-06-09_17.17[2].jpg
[2010.07.18 18:38:49 | 000,111,768 | ---- | C] () -- C:\P04-06-09_17.17[1].jpg
[2010.07.18 18:38:48 | 000,129,240 | ---- | C] () -- C:\P02-05-08_11.34.jpg
[2010.07.18 18:38:48 | 000,120,876 | ---- | C] () -- C:\P04-06-09_17.17.jpg
[2010.07.18 18:38:48 | 000,062,915 | ---- | C] () -- C:\P03-09-08_12.05.jpg
[2010.07.18 18:38:48 | 000,055,962 | ---- | C] () -- C:\P01-09-08_12.54.jpg
[2010.07.18 18:38:48 | 000,055,496 | ---- | C] () -- C:\P01-09-08_12.53[1].jpg
[2010.07.18 18:38:48 | 000,045,179 | ---- | C] () -- C:\P03-06-09_15.57.jpg
[2010.07.17 19:49:37 | 000,002,453 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Desktop\HiJackThis.lnk
[2010.07.16 11:28:47 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\xxx\Desktop\CCleaner.lnk
[2010.07.05 23:06:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TPTray.INI
[2010.07.05 22:50:21 | 000,113,933 | ---- | C] () -- C:\WINDOWS\System32\drivers\klin.dat
[2010.07.05 22:50:21 | 000,097,549 | ---- | C] () -- C:\WINDOWS\System32\drivers\klick.dat
[2008.05.22 12:50:46 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\mcni.ini
[2008.05.13 22:32:48 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\mcbw.ini
[2008.01.10 17:46:09 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2007.11.12 15:38:11 | 000,077,824 | R--- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2007.10.06 19:52:56 | 000,000,099 | ---- | C] () -- C:\WINDOWS\abreg.ini
[2007.08.18 10:02:11 | 000,682,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2007.04.06 14:26:53 | 000,001,104 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007.04.06 14:19:56 | 000,007,552 | ---- | C] () -- C:\WINDOWS\System32\drivers\enodpl.sys
[2007.04.06 14:19:56 | 000,004,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\tandpl.sys
[2007.02.12 11:01:39 | 000,197,672 | ---- | C] () -- C:\WINDOWS\System32\vpnapi.dll
[2007.01.26 13:03:01 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2006.11.20 14:31:16 | 000,189,480 | ---- | C] () -- C:\WINDOWS\System32\CSGina.dll
[2006.08.20 13:26:18 | 000,000,635 | ---- | C] () -- C:\WINDOWS\Sof.INI
[2005.09.15 09:34:22 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.09.15 09:17:04 | 000,000,466 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini
[2005.09.15 08:02:27 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.09.14 16:26:44 | 000,000,236 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005.09.14 16:24:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005.09.14 16:24:18 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005.09.14 16:24:18 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005.09.14 16:24:18 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005.09.14 16:24:18 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005.09.14 16:24:18 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005.09.14 16:24:18 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005.09.14 16:16:49 | 000,051,840 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005.09.14 16:16:49 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005.09.14 15:34:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CeEKey.INI
[2005.09.14 15:28:47 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\EBLib.DLL
[2005.09.14 11:36:50 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005.09.14 11:35:11 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005.09.14 11:35:11 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005.09.14 11:35:11 | 000,010,161 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005.09.14 11:35:11 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005.09.12 13:17:32 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005.09.12 11:36:46 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2005.09.12 11:36:46 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005.08.11 04:02:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005.08.02 10:39:44 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\HWS_Ctrl.dll
[2005.06.20 10:24:48 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TPeculiarity.dll
[2005.06.13 09:11:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005.06.06 09:44:18 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\SPCtl.dll
[2005.06.06 09:39:40 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\EKECioCtl.dll
[2004.12.02 15:20:18 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004.10.27 00:39:05 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004.09.22 10:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004.07.20 17:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004.01.15 14:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003.07.29 15:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll
[2001.07.07 04:00:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:A11F741D
@Alternate Data Stream - 102 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:B5358C17
< End of report >
--- --- ---
Bei Malwarebites kommt folgende Fehlermeldung:
"Ein Fehler ist aufgetreten, bitte geben Sie folgenden Fehlercode an das Support Team weiter:
MBAM_ERROR_CHECK_INFECTED(0,9)."
Hoffe du kannst damit was anfangen-schonmal vielen Dank im Voraus.
Grüße Hangenstein |
