Weißer Bildschirm Win XP Reatogo durchgeführt

Volvoc30 · 01.04.2012, 14:38

Hallo!
Danke für deine Hilfe. Der Trojaner scheint weg zu sein, aber ich habe keine Desktop-Icons. Auf den Befehl (rechte Maustaste) reagiert der Rechner leider nicht. Den Taskmanager kann ich auch nicht öffnen.
Noch einen Tipp?

Vielen Dank und Grüße!

Thomas

Zitat:

Zitat von Volvoc30

Hallo!
Danke für deine Hilfe. Der Trojaner scheint weg zu sein, aber ich habe keine Desktop-Icons. Auf den Befehl (rechte Maustaste) reagiert der Rechner leider nicht. Den Taskmanager kann ich auch nicht öffnen.
Noch einen Tipp?

Vielen Dank und Grüße!

Thomas

PS: anliegend noch ie OTL.TXTOTL Logfile:

Code:

ATTFilter

OTL logfile created on: 4/2/2012 12:45:53 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
479.00 Mb Total Physical Memory | 282.00 Mb Available Physical Memory | 59.00% Memory free
383.00 Mb Paging File | 297.00 Mb Available in Paging File | 77.00% Paging File free
Paging file location(s): C:\pagefile.sys 720 1440 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 37.25 Gb Total Space | 26.76 Gb Free Space | 71.84% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled] --  -- (HidServ)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto] -- C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2003/08/27 04:29:46 | 000,065,536 | ---- | M] (America Online, Inc.) [Auto] -- C:\WINDOWS\wanmpsvc.exe -- (WANMiniportService) WAN Miniport (ATW)
SRV - [2003/08/10 23:28:42 | 000,045,056 | ---- | M] ( ) [Auto] -- C:\WINDOWS\System32\slserv.exe -- (SLService)
SRV - [2003/03/09 16:31:02 | 000,065,795 | R--- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2002/02/21 08:12:30 | 000,049,152 | ---- | M] (Advanced Micro Devices) [Auto] -- C:\Program Files\AMD\PowerNow!\GemServ.exe -- (GemServ) AMD PowerNow! (tm)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (ulisa) Telekom ISDN-Adapter (USB)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] --  -- (dtwmnic5)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2004/08/03 17:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2004/08/03 17:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2004/08/03 17:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3SavageNB)
DRV - [2004/08/03 17:29:52 | 000,166,912 | ---- | M] (S3 Graphics, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s3gnbm.sys -- (S3Psddr)
DRV - [2004/02/26 14:36:09 | 000,082,380 | ---- | M] (Oak Technology Inc.) [Kernel | System] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/02/26 13:42:00 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2003/12/19 08:07:50 | 000,541,548 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2003/12/11 11:54:14 | 000,391,424 | ---- | M] (Sensaura Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003/09/15 03:45:40 | 001,302,192 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mtlstrm.sys -- (Mtlstrm)
DRV - [2003/09/11 00:40:12 | 000,550,088 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slntamr.sys -- (Slntamr)
DRV - [2003/08/17 21:35:32 | 000,086,512 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slnthal.sys -- (SlNtHal)
DRV - [2003/08/10 21:35:34 | 000,167,352 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ntmtlfax.sys -- (NtMtlFax)
DRV - [2003/07/16 00:30:26 | 000,221,736 | ---- | M] ( ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mtlmnt5.sys -- (Mtlmnt5)
DRV - [2003/07/02 04:12:52 | 000,039,348 | ---- | M] (Vireo Software) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\slwdmsup.sys -- (SlWdmSup)
DRV - [2003/04/23 13:52:16 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2003/04/02 02:02:26 | 000,007,040 | ---- | M] (EnE Technology Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ENECBPTH.sys -- (ENECBPTH)
DRV - [2002/08/28 17:59:26 | 000,154,624 | ---- | M] (Lucent Technologies) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wlluc48.sys -- (wlluc48)
DRV - [2002/03/19 16:20:00 | 000,027,648 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\VIAAGP1.SYS -- (viaagp1)
DRV - [2001/11/14 09:13:04 | 000,009,696 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\gemwdm.sys -- (gemwdm) AMD PowerNow! (tm)
DRV - [2001/10/22 04:31:06 | 000,029,696 | ---- | M] (VIA Technologies, Inc.              ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fetnd5a.sys -- (FETNDIS)
DRV - [2000/07/23 19:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://alice.aol.de
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator.NISMO23_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Thomas_Röhling_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://my.screenname.aol.com/_cqr/login/login.psp?sitedomain=sns.webmail.aol.com&lang=de&seamless=novl&offerId=webmail-de-de&authLev=0&siteState=ver%3A4%7Crt%3ASTANDARD%7Cat%3ASNS%7Cld%3Amail.aol.de%7Cuv%3AAOL%7Clc%3Ade-de%7Cmt%3AANGELIA%7Csnt%3AScreenName%7Csid%3Af6a33574-32cc-4f6c-9e32-b91adbe03696&locale=de
IE - HKU\Thomas_Röhling_ON_C\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
IE - HKU\Thomas_Röhling_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
 
 
 
O1 HOSTS File: ([2005/11/07 17:22:37 | 000,000,847 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKU\Thomas_Röhling_ON_C\..\Toolbar\WebBrowser: (no name) - {46AE04C0-BCFA-4728-90E7-00EB4A8B3863} - No CLSID value found.
O3 - HKU\Thomas_Röhling_ON_C\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe (AOL LLC)
O4 - HKLM..\Run: [BX6kRBeYBXtpN21]  File not found
O4 - HKLM..\Run: [HostManager] C:\Programme\Gemeinsame Dateien\aol\1185915038\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe ()
O4 - HKLM..\Run: [RealTray] C:\Programme\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [routcnf]  File not found
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Java\j2re1.4.2_03\bin\jusched.exe ()
O4 - HKU\Thomas_Röhling_ON_C..\Run: [BX6kRBeYBXtpN21]  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe (America Online, Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator.NISMO23_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Thomas_Röhling_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Thomas_Röhling_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Thomas_Röhling_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Thomas_Röhling_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -  File not found
O9 - Extra Button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Programme\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} hxxp://www3.snapfish.de/SnapfishActivia.cab (Snapfish Activia)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\Thomas Röhling\Anwendungsdaten\y6drxuj c7ti.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (C:\Dokumente und Einstellungen\Thomas Röhling\Anwendungsdaten\y6drxuj c7ti.exe) -  File not found
O20 - HKU\Thomas_Röhling_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\Thomas Röhling\Anwendungsdaten\y6drxuj c7ti.exe) -  File not found
O20 - HKU\Thomas_Röhling_ON_C Winlogon: UserInit - (C:\Dokumente und Einstellungen\Thomas Röhling\Anwendungsdaten\y6drxuj c7ti.exe) -  File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/04/01 17:04:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\IETldCache
[2012/04/01 16:54:32 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Anwendungsdaten\Microsoft
[2012/04/01 16:54:32 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\SendTo
[2012/04/01 16:54:32 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Recent
[2012/04/01 16:54:32 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Anwendungsdaten
[2012/04/01 16:54:32 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Startmenü\Programme\Zubehör
[2012/04/01 16:54:32 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Startmenü
[2012/04/01 16:54:32 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Favoriten
[2012/04/01 16:54:32 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Eigene Dateien\Eigene Musik
[2012/04/01 16:54:32 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Eigene Dateien
[2012/04/01 16:54:32 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Eigene Dateien\Eigene Bilder
[2012/04/01 16:54:32 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Startmenü\Programme\Autostart
[2012/04/01 16:54:32 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Cookies
[2012/04/01 16:54:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Vorlagen
[2012/04/01 16:54:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Netzwerkumgebung
[2012/04/01 16:54:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Lokale Einstellungen
[2012/04/01 16:54:32 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Druckumgebung
[2012/04/01 16:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\WINDOWS
[2012/04/01 16:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Anwendungsdaten\Sun
[2012/04/01 16:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012/04/01 16:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Anwendungsdaten\Macromedia
[2012/04/01 16:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Anwendungsdaten\Identities
[2012/04/01 16:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Desktop
[2012/04/01 16:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Lokale Einstellungen\Anwendungsdaten\ApplicationHistory
[2012/04/01 16:54:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Lokale Einstellungen\Anwendungsdaten\{7148F0A6-6813-11D6-A77B-00B0D0142030}
[2012/03/31 03:11:11 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\LocalService\Recent
[2012/03/31 01:39:04 | 002,237,440 | R--- | C] (OldTimer Tools) -- C:\OTLPE.exe
[2012/03/31 01:36:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2004/01/12 08:39:34 | 000,550,088 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2004/01/12 08:39:34 | 000,167,352 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2004/01/12 08:39:34 | 000,086,512 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2004/01/12 08:39:34 | 000,045,056 | ---- | C] ( ) -- C:\WINDOWS\System32\slserv.exe
[2004/01/12 08:39:33 | 001,302,192 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2004/01/12 08:39:33 | 000,221,736 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
 
========== Files - Modified Within 30 Days ==========
 
[2012/04/01 17:38:25 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/04/01 17:15:30 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/25 04:36:28 | 000,373,114 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012/03/25 04:36:28 | 000,365,410 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/25 04:36:28 | 000,056,056 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012/03/25 04:36:28 | 000,046,414 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/14 13:06:26 | 000,141,240 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/03/13 16:37:29 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
 
========== Files Created - No Company Name ==========
 
[2012/04/01 16:54:36 | 000,000,790 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/04/01 16:54:36 | 000,000,765 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk
[2012/04/01 16:54:36 | 000,000,079 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Desktop anzeigen.scf
[2012/04/01 16:54:34 | 000,000,141 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012/04/01 16:54:33 | 000,001,605 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Startmenü\Programme\Remoteunterstützung.lnk
[2012/04/01 16:54:33 | 000,000,753 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Startmenü\Programme\Internet Explorer.lnk
[2012/04/01 16:54:33 | 000,000,724 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator.NISMO23\Startmenü\Programme\Outlook Express.lnk
[2012/02/16 16:53:14 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2008/08/02 12:35:57 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2008/06/27 06:09:02 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2008/06/27 06:08:58 | 000,028,672 | ---- | C] () -- C:\WINDOWS\gscr.dll
[2008/04/25 10:40:37 | 000,000,111 | ---- | C] () -- C:\WINDOWS\telephon.ini
[2007/07/24 12:09:40 | 000,000,313 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2007/07/24 12:09:40 | 000,000,142 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2007/07/24 12:09:40 | 000,000,023 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2007/07/24 12:09:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bw5150d.ini
[2007/07/24 12:09:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2007/07/24 12:09:39 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2007/07/24 12:09:39 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL
[2007/07/24 12:09:39 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL
[2007/07/24 12:09:38 | 000,015,108 | ---- | C] () -- C:\WINDOWS\HL-5150D.INI
[2007/07/24 12:09:34 | 000,000,416 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2007/07/24 12:09:33 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2007/07/24 12:09:26 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\BRSS01A.ini
[2007/06/09 17:53:43 | 000,009,728 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas Röhling\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/08/18 15:22:26 | 000,000,026 | ---- | C] () -- C:\WINDOWS\HNetCtrl.INI
[2006/08/18 15:22:06 | 000,000,463 | ---- | C] () -- C:\WINDOWS\Capictrl.INI
[2005/05/11 11:02:31 | 000,000,044 | ---- | C] () -- C:\WINDOWS\NewSaver.ini
[2004/11/01 13:40:17 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2004/08/02 09:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/04/16 05:20:57 | 000,000,731 | ---- | C] () -- C:\WINDOWS\aolback.exe.lnk
[2004/02/27 12:42:05 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2004/02/26 14:01:30 | 000,000,059 | ---- | C] () -- C:\WINDOWS\WINPHONE.INI
[2004/02/26 13:40:57 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2004/02/26 13:40:02 | 000,000,147 | ---- | C] () -- C:\Dokumente und Einstellungen\Thomas Röhling\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2004/01/22 07:00:28 | 000,012,635 | ---- | C] () -- C:\WINDOWS\System32\DAntivirus.ini
[2004/01/12 08:48:10 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/01/12 08:39:34 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\slextspk.dll
[2004/01/12 08:39:34 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\SLGen.dll
[2004/01/12 08:39:34 | 000,024,576 | ---- | C] () -- C:\WINDOWS\slrundll.exe
[2004/01/12 08:39:33 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\coinst.dll
[2004/01/12 08:38:40 | 000,028,779 | ---- | C] () -- C:\WINDOWS\System32\javaw.exe
[2004/01/12 08:38:40 | 000,024,681 | ---- | C] () -- C:\WINDOWS\System32\java.exe
[2004/01/12 08:36:35 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/01/12 08:36:31 | 000,001,032 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2004/01/12 08:35:39 | 000,001,052 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2003/03/28 17:35:02 | 000,002,068 | ---- | C] () -- C:\WINDOWS\Ca533a.ini
[2003/03/27 10:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2003/03/09 16:31:04 | 000,561,152 | ---- | C] () -- C:\WINDOWS\System32\hpotscl.dll
[2002/09/17 00:40:10 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2002/09/17 00:38:41 | 000,141,240 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2002/09/17 00:33:29 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2002/09/17 00:30:04 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2002/09/16 23:57:36 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2002/09/16 23:48:55 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2002/09/16 14:22:23 | 000,373,114 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2002/09/16 14:22:23 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2002/09/16 14:22:23 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2002/09/16 14:22:23 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2002/09/16 14:21:47 | 000,365,410 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/09/16 14:21:47 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/09/16 14:21:46 | 000,046,414 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/09/16 14:21:46 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/09/16 14:21:45 | 000,004,678 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/09/16 14:21:44 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/09/16 14:21:41 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2002/09/16 14:21:31 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/09/16 14:21:31 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/09/16 14:21:16 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/09/16 14:21:04 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
 
========== LOP Check ==========
 
[2004/02/27 12:34:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas Röhling\Anwendungsdaten\InterVideo
[2008/06/18 17:49:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas Röhling\Anwendungsdaten\Snapfish
[2005/01/16 07:42:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Thomas Röhling\Anwendungsdaten\WholeSecurity
[2004/04/16 05:20:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
 
========== Purity Check ==========
 
 
< End of report >

--- --- ---

Weißer Bildschirm Win XP Reatogo durchgeführt

Plagegeister aller Art und deren Bekämpfung: Weißer Bildschirm Win XP Reatogo durchgeführt

Weißer Bildschirm Win XP Reatogo durchgeführt

Ähnliche Themen: Weißer Bildschirm Win XP Reatogo durchgeführt