Erst einmal vielen Dank für die Antwort!
Das hier ist der Log des Vollscans mit malwarebytes: Code:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Datenbank Version: 4052
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
02/05/2010 02:07:46
mbam-log-2010-05-02 (02-07-46).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Durchsuchte Objekte: 304812
Laufzeit: 2 Stunde(n), 0 Minute(n), 46 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 4
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysReserve.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Programme\agm.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Programme\PSUT16.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
C:\Programme\PSUT9516.DLL (Spyware.OnlineGames) -> Quarantined and deleted successfully.
Und der erste log nach dem Scan mit OTL: Code:
OTL logfile created on: 02/05/2010 02:23:30 - Run 1
OTL by OldTimer - Version 3.2.4.0 Folder = C:\Dokumente und Einstellungen\XXX\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: Großbritannien | Language: ENG | Date Format: dd/MM/yyyy
446.00 Mb Total Physical Memory | 54.00 Mb Available Physical Memory | 12.00% Memory free
1.00 Gb Paging File | 0.00 Gb Available in Paging File | 47.00% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 186.31 Gb Total Space | 31.17 Gb Free Space | 16.73% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: XXX
Current User Name:XXX
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Dokumente und Einstellungen\XXX\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Programme\D-Link\AirPlus G\AirGCFG.exe (D-Link)
PRC - C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
PRC - C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
PRC - c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
PRC - C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
PRC - C:\Programme\Adobe\Acrobat 7.0e\Distillr\acrodist.exe (Adobe Systems Incorporated.)
PRC - C:\Programme\Adobe\Acrobat 7.0e\Distillr\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Programme\avmclient\bluefritz.exe (avm)
PRC - C:\Programme\avmclient\AvmObex.exe (AVM Berlin)
PRC - C:\Programme\avmclient\avmbtservice.exe (AVM Berlin)
PRC - C:\Programme\avmclient\AvmObexService.exe (AVM Berlin)
PRC - C:\Programme\avmclient\panapp.exe (AVM Berlin)
PRC - C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
PRC - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe (America Online, Inc)
PRC - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (America Online, Inc.)
PRC - C:\Programme\ScanSoft\OmniPageSE2.0\opwareSE2.exe (ScanSoft, Inc.)
PRC - C:\Programme\Norton SystemWorks\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
PRC - C:\Programme\Aveo\Attune\bin\attune_ce.exe (Aveo Inc.)
========== Modules (SafeList) ==========
MOD - C:\Dokumente und Einstellungen\XXX\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (Check Point Software Technologies)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll (Microsoft Corporation)
MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation)
MOD - C:\Programme\ScanSoft\OmniPageSE2.0\OpHookSE2.dll (ScanSoft, Inc.)
========== Win32 Services (SafeList) ==========
SRV - (vsmon) -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Programme\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company)
SRV - (ANIWZCSdService) -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe (Alpha Networks Inc.)
SRV - (CCALib8) -- C:\Programme\Canon\CAL\CALMAIN.exe (Canon Inc.)
SRV - (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) -- c:\Programme\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLBrowser) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation)
SRV - (MSSQLServerADHelper) -- c:\Programme\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation)
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (PsShutdownSvc) -- C:\WINDOWS\system32\PSSDNSVC.EXE (Systems Internals)
SRV - (AVM BT Connection Service) -- C:\Programme\avmclient\avmbtservice.exe (AVM Berlin)
SRV - (AvmObexService) -- C:\Programme\avmclient\AvmObexService.exe (AVM Berlin)
SRV - (AVM BT PAN Service) -- C:\Programme\avmclient\panapp.exe (AVM Berlin)
SRV - (AOL ACS) -- C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (America Online, Inc.)
SRV - (de_serv) -- C:\Programme\Gemeinsame Dateien\AVM\De_serv.exe (AVM Berlin)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (NProtectService) -- C:\Programme\Norton SystemWorks\Norton Utilities\NPROTECT.EXE (Symantec Corporation)
========== Driver Services (SafeList) ==========
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (Ltn_stk7070P) -- C:\WINDOWS\system32\drivers\Ltn_stk7070P.sys (LITEON)
DRV - (Ltn_stkrc) -- C:\WINDOWS\system32\drivers\Ltn_stkrc.sys (LITEON)
DRV - (ANIO) -- C:\WINDOWS\system32\ANIO.sys (Alpha Networks Inc.)
DRV - (RT73) -- C:\WINDOWS\system32\drivers\Dr71WU.sys (Ralink Technology, Corp.)
DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS (Realtek Semiconductor Corp.)
DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.)
DRV - (ASCTRM) -- C:\WINDOWS\system32\drivers\asctrm.sys (Windows (R) 2000 DDK provider)
DRV - (AmdK8) -- C:\WINDOWS\system32\drivers\AmdK8.sys (Advanced Micro Devices)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- C:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
DRV - (bfhubase) BlueFRITZ! USB 2.5(WinXP/2000) -- C:\WINDOWS\system32\drivers\bfhubase.sys (AVM Berlin)
DRV - (CAPI_CIP) -- C:\WINDOWS\system32\drivers\capi_cip.sys (AVM Berlin)
DRV - (AVMBTSERIAL) -- C:\WINDOWS\system32\drivers\avmbtser.sys (AVM GmbH)
DRV - (AVMBTPARALLEL) -- C:\WINDOWS\system32\drivers\avmbtpar.sys (AVM GmbH)
DRV - (AVMCOWAN) -- C:\WINDOWS\system32\drivers\avmcowan.sys (AVM GmbH)
DRV - (AVMBTSND) -- C:\WINDOWS\system32\drivers\avmbtsnd.sys (AVM GmbH)
DRV - (NETBFPAN) -- C:\WINDOWS\system32\drivers\netbfpan.sys (AVM Berlin)
DRV - (drvmcdb) -- C:\WINDOWS\system32\DRIVERS\drvmcdb.sys (Sonic Solutions)
DRV - (NETFWDSL) -- C:\WINDOWS\system32\drivers\NETFWDSL.SYS (AVM Berlin)
DRV - (aadev) -- C:\WINDOWS\system32\drivers\Aadev.sys (AVM Berlin)
DRV - (Cinemsup) -- C:\WINDOWS\system32\drivers\cinemsup.sys (Sonic Solutions)
DRV - (NETFRITZ) -- C:\WINDOWS\system32\drivers\NETFRITZ.SYS (AVM Berlin)
DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (NPDriver) -- C:\WINDOWS\system32\drivers\NPDRIVER.SYS (Symantec Corporation)
DRV - (SymEvent) -- C:\Programme\Symantec\SYMEVENT.SYS (Symantec Corporation)
DRV - (ATMhelpr) -- C:\WINDOWS\system32\drivers\ATMHELPR.SYS (Adobe Systems Incorporated)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "h**p://www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker [2010/05/01 23:00:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010/05/01 14:37:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010/05/01 14:37:43 | 000,000,000 | ---D | M]
[2009/10/29 16:31:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Mozilla\Extensions
[2009/10/29 16:31:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Mozilla\Firefox\Profiles\ac9ysccx.default\extensions
[2010/04/30 21:54:02 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010/04/17 12:00:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/04/17 12:00:32 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/04/01 18:54:38 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010/04/01 18:54:38 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010/04/01 18:54:38 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010/04/01 18:54:38 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010/04/01 18:54:38 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010/01/04 22:46:52 | 000,000,847 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (ZoneAlarm Toolbar Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar3.dll (Google Inc.)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programme\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Toolbar) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar3.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0e\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
O4 - HKLM..\Run: [AOLDialer] C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe (America Online, Inc)
O4 - HKLM..\Run: [AttuneClientEngine] C:\Programme\Aveo\Attune\bin\attune_ce.exe (Aveo Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMBlueClient] C:\Programme\avmclient\bluefritz.exe (avm)
O4 - HKLM..\Run: [AVMBLUEOBEX] C:\Programme\avmclient\AvmObex.exe (AVM Berlin)
O4 - HKLM..\Run: [Corel Reminder] File not found
O4 - HKLM..\Run: [D-Link AirPlus G] C:\Programme\D-Link\AirPlus G\AirGCFG.exe (D-Link)
O4 - HKLM..\Run: [ISUSPM Startup] c:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISW] C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [OpwareSE2] C:\Programme\ScanSoft\OmniPageSE2.0\OpwareSE2.exe (ScanSoft, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WordPerfect Office 1215] C:\Programme\WordPerfect Office 12\Programs\Registration.exe (Corel Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [EPSON SX100 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [swg] C:\Programme\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Programme\Canon\Easy-WebPrint\Resource.dll ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} h**p://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1230739952328 (WUWebControl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} h**p://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} h**p://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} h**p://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} h**p://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} h**p://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/01/18 21:30:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005/01/18 21:30:26 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.NS0 -- [ NTFS ]
O33 - MountPoints2\{32b1bec2-cab5-11de-9565-0022b060875b}\Shell\AutoRun\command - "" = J:\SamsungSoftware\APPInst.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/12/31 15:21:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2010/05/01 23:43:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\Malwarebytes
[2010/05/01 23:42:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/05/01 23:42:57 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/05/01 23:42:57 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010/05/01 23:42:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010/05/01 23:41:08 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\XXX\Desktop\OTL.exe
[2010/05/01 23:00:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Eigene Dateien\ForceField Shared Files
[2010/05/01 23:00:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\CheckPoint
[2010/05/01 22:59:55 | 000,000,000 | ---D | C] -- C:\Programme\CheckPoint
[2010/05/01 22:59:41 | 000,058,248 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2010/05/01 22:59:38 | 000,103,816 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2010/05/01 22:59:38 | 000,069,000 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2010/05/01 22:59:34 | 000,041,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2010/05/01 22:59:31 | 001,238,408 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2010/05/01 22:59:31 | 000,299,912 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2010/05/01 22:59:31 | 000,107,912 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2010/05/01 22:59:30 | 000,486,280 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2010/05/01 22:59:29 | 000,000,000 | ---D | C] -- C:\Programme\Zone Labs
[2010/05/01 22:58:41 | 000,227,720 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2010/05/01 22:58:40 | 000,621,960 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2010/05/01 16:38:03 | 000,000,000 | ---D | C] -- C:\Programme\HijackThis
[2010/04/30 23:52:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\workspace
[2010/04/25 13:33:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\.netbeans
[2010/04/25 13:33:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\.netbeans-registration
[2010/04/25 13:04:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\.nbi
[2010/04/20 09:44:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Desktop\toprint
[2010/04/17 23:30:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\XPSViewer
[2010/04/17 23:30:37 | 000,000,000 | ---D | C] -- C:\Programme\MSBuild
[2010/04/17 23:30:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2010/04/17 23:30:27 | 000,000,000 | ---D | C] -- C:\Programme\Reference Assemblies
[2010/04/17 23:29:34 | 000,597,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\printfilterpipelinesvc.exe
[2010/04/17 23:29:34 | 000,575,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpsshhdr.dll
[2010/04/17 23:29:34 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\prntvpt.dll
[2010/04/17 23:29:34 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\filterpipelineprintproc.dll
[2010/04/17 23:29:33 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xpssvcs.dll
[2010/04/17 23:29:33 | 001,676,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\xpssvcs.dll
[2010/04/17 23:29:33 | 000,000,000 | ---D | C] -- C:\8dc1892f6dbacfd16cd29fed7fca
[2010/04/17 12:48:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\_Christine\Eigene Dateien\workspace
[2010/04/17 12:46:14 | 000,000,000 | ---D | C] -- C:\Programme\eclipse-java-galileo-SR2-win32
[2010/04/17 12:01:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sun
[2010/04/17 12:01:18 | 000,000,000 | ---D | C] -- C:\Programme\Sun
[2010/04/17 12:00:51 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/04/17 12:00:51 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/17 12:00:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/17 12:00:51 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/17 12:00:51 | 000,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/04/16 18:43:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Anwendungsdaten\OpenOffice.org
[2010/04/16 18:35:09 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3
[2010/04/15 09:54:27 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010/04/14 13:39:28 | 000,017,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010/04/14 13:03:19 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010/04/13 22:20:44 | 000,000,000 | ---D | C] -- C:\Programme\Common Files
[2010/04/13 22:15:12 | 000,093,456 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\FPWPP.DLL
[2010/04/13 22:15:11 | 000,145,360 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WEBPOST.DLL
[2010/04/13 22:15:11 | 000,121,984 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\CRSWPP.DLL
[2010/04/13 22:15:11 | 000,112,064 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\WPWIZDLL.DLL
[2010/04/13 22:15:11 | 000,099,008 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\POSTWPP.DLL
[2010/04/13 22:15:11 | 000,098,960 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\FTPWPP.DLL
[2010/04/13 22:15:11 | 000,050,816 | R--- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PIPARSE.DLL
[2010/04/13 22:15:11 | 000,000,000 | ---D | C] -- C:\Programme\Web Publish
[2010/04/13 22:14:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2010/04/13 22:13:24 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio
[2010/04/12 19:18:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\XXX\Desktop\Studiumneu
[2010/04/07 23:38:39 | 000,028,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mdimon.dll
[2004/11/24 21:25:52 | 000,335,872 | ---- | C] ( ) -- C:\WINDOWS\System32\drvc.dll
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/05/02 02:16:58 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2010/05/02 02:14:08 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/02 02:14:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/02 02:12:42 | 014,680,064 | -H-- | M] () -- C:\Dokumente und Einstellungen\XXX\NTUSER.DAT
[2010/05/02 02:12:42 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\XXX\ntuser.ini
[2010/05/01 23:43:02 | 000,000,677 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/01 23:38:45 | 000,083,984 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
[2010/05/01 23:01:42 | 000,428,416 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/05/01 22:59:52 | 000,004,212 | -H-- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/05/01 22:59:51 | 000,000,712 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\ZoneAlarm Security.lnk
[2010/05/01 22:53:02 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\XXX\Desktop\OTL.exe
[2010/05/01 18:11:12 | 000,953,344 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\oop.doc
[2010/05/01 14:37:47 | 000,001,567 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2010/05/01 14:31:15 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{AE39D5FE-ECCB-4DF5-998C-238F8C015DA1}
[2010/05/01 13:10:32 | 000,000,011 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{AE39D5FE-ECCB-4DF5-998C-238F8C015DA1}
[2010/05/01 12:36:30 | 000,012,598 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/01 12:36:17 | 000,456,664 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/04/30 21:45:11 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\Microsoft Office Word 2003 (2).lnk
[2010/04/30 13:52:31 | 000,000,705 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/04/30 11:01:10 | 000,000,349 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\PCLECHAL.INI
[2010/04/29 22:54:26 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010/04/29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/04/29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/04/25 19:38:38 | 000,002,537 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\Microsoft Office Excel 2003 (2).lnk
[2010/04/24 16:22:06 | 000,094,720 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/24 15:13:28 | 000,022,528 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\ljpost.doc
[2010/04/24 14:54:28 | 000,029,696 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\mememoi.doc
[2010/04/24 10:39:07 | 000,085,504 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\We arrived in France at 6 April in the afternoo1.doc
[2010/04/22 12:40:13 | 000,019,968 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Eigene Dateien\Dok2.doc
[2010/04/22 11:38:55 | 000,028,672 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\meme.doc
[2010/04/17 23:35:58 | 001,172,620 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/04/17 23:35:58 | 000,516,122 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010/04/17 23:35:58 | 000,487,968 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/17 23:35:58 | 000,108,170 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010/04/17 23:35:58 | 000,088,838 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/17 12:49:38 | 000,000,790 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\Verknüpfung mit eclipse.lnk
[2010/04/17 12:18:34 | 097,290,250 | ---- | M] () -- C:\Programme\eclipse-java-galileo-SR2-win32.zip
[2010/04/17 12:00:31 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll
[2010/04/17 12:00:31 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010/04/17 12:00:31 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010/04/17 12:00:31 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010/04/17 12:00:31 | 000,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl
[2010/04/16 18:38:07 | 000,000,881 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010/04/14 13:45:53 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/14 13:15:38 | 000,070,656 | ---- | M] () -- C:\WINDOWS\System32\MSDATLST.oca
[2010/04/14 13:15:38 | 000,066,560 | ---- | M] () -- C:\WINDOWS\System32\MSDATGRD.oca
[2010/04/14 13:15:37 | 000,044,544 | ---- | M] () -- C:\WINDOWS\System32\MSDATREP.oca
[2010/04/14 13:15:37 | 000,036,352 | ---- | M] () -- C:\WINDOWS\System32\MSADODC.oca
[2010/04/14 13:14:37 | 000,000,037 | ---- | M] () -- C:\WINDOWS\vbaddin.ini
[2010/04/13 22:15:50 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2010/04/13 22:15:50 | 000,000,660 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2010/04/13 22:15:33 | 000,001,309 | ---- | M] () -- C:\WINDOWS\vb.ini
[2010/04/13 19:51:51 | 000,002,121 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2010/04/07 23:41:28 | 000,002,094 | ---- | M] () -- C:\Dokumente und Einstellungen\XXX\Desktop\Microsoft Office PowerPoint 2003 (2).lnk
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/12/31 15:23:49 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2010/05/01 23:43:02 | 000,000,677 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/01 22:59:51 | 000,000,712 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\ZoneAlarm Security.lnk
[2010/05/01 22:59:30 | 000,428,416 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2010/05/01 22:14:12 | 000,953,344 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\oop.doc
[2010/04/24 13:42:06 | 000,022,528 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\ljpost.doc
[2010/04/24 10:39:01 | 000,085,504 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\We arrived in France at 6 April in the afternoo1.doc
[2010/04/22 12:06:18 | 000,029,696 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\mememoi.doc
[2010/04/22 11:38:55 | 000,028,672 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\meme.doc
[2010/04/17 12:49:38 | 000,000,790 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\Verknüpfung mit eclipse.lnk
[2010/04/17 12:16:10 | 097,290,250 | ---- | C] () -- C:\Programme\eclipse-java-galileo-SR2-win32.zip
[2010/04/16 18:38:07 | 000,000,881 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\OpenOffice.org 3.2.lnk
[2010/04/14 13:15:38 | 000,070,656 | ---- | C] () -- C:\WINDOWS\System32\MSDATLST.oca
[2010/04/14 13:15:38 | 000,066,560 | ---- | C] () -- C:\WINDOWS\System32\MSDATGRD.oca
[2010/04/14 13:15:37 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\MSDATREP.oca
[2010/04/14 13:15:37 | 000,036,352 | ---- | C] () -- C:\WINDOWS\System32\MSADODC.oca
[2010/04/07 23:41:28 | 000,002,094 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\Microsoft Office PowerPoint 2003 (2).lnk
[2010/04/07 23:41:17 | 000,002,509 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\Microsoft Office Word 2003 (2).lnk
[2010/04/07 23:41:08 | 000,002,537 | ---- | C] () -- C:\Dokumente und Einstellungen\XXX\Desktop\Microsoft Office Excel 2003 (2).lnk
[2010/04/01 00:10:09 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SMMVSplitter.INI
[2010/02/24 22:54:41 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2010/02/23 16:39:47 | 000,000,689 | ---- | C] () -- C:\WINDOWS\H1D_Prof.INI
[2010/01/06 10:29:59 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
[2009/11/11 01:15:39 | 000,000,274 | ---- | C] () -- C:\WINDOWS\RETC.ini
[2009/11/11 01:13:45 | 000,010,496 | ---- | C] () -- C:\WINDOWS\System32\Machnm64.sys
[2009/11/11 01:13:45 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\Machnm32.sys
[2009/10/10 00:45:40 | 000,000,107 | ---- | C] () -- C:\WINDOWS\IfoEdit.INI
[2009/05/09 12:28:46 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2009/05/09 12:25:53 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDESX100DEFGIPS.ini
[2009/05/03 13:54:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/03/06 19:16:07 | 000,001,250 | ---- | C] () -- C:\WINDOWS\PVAStrumento.ini
[2009/03/06 19:15:54 | 000,001,091 | ---- | C] () -- C:\WINDOWS\cPVAS.INI
[2007/10/13 12:40:36 | 000,000,660 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/13 12:40:36 | 000,000,063 | ---- | C] () -- C:\WINDOWS\mdm.ini
[2007/09/06 02:01:22 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/08/23 18:55:34 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/08/23 18:50:04 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2007/08/23 18:50:04 | 000,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2007/04/20 15:54:25 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2007/03/20 13:29:56 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2006/12/26 19:45:09 | 000,373,248 | ---- | C] () -- C:\WINDOWS\EyeCand3.INI
[2006/08/21 17:00:21 | 000,000,045 | ---- | C] () -- C:\WINDOWS\3D Text Factory.INI
[2006/02/26 13:35:01 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005/11/30 21:17:26 | 000,000,090 | ---- | C] () -- C:\WINDOWS\EZPHOTO.INI
[2005/09/25 10:35:26 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\CNMVS6f.DLL
[2005/09/25 10:33:30 | 000,000,516 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2005/09/08 19:25:59 | 000,000,022 | ---- | C] () -- C:\WINDOWS\_ISNU.INI
[2005/09/08 19:25:24 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Venice.ini
[2005/09/08 19:11:46 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2005/09/08 19:11:46 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\Dc50ip32.dll
[2005/09/08 19:11:46 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\ImgLibLead.dll
[2005/09/08 19:11:46 | 000,000,178 | ---- | C] () -- C:\WINDOWS\kpcms.ini
[2005/09/08 18:30:42 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2005/07/27 15:06:51 | 000,541,696 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2005/06/22 14:45:23 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/06/22 10:15:37 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2005/02/01 12:21:49 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005/01/18 21:17:38 | 000,001,256 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/12/20 12:08:28 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2004/12/20 12:03:26 | 000,679,936 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2004/11/15 15:46:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/10/12 08:40:58 | 002,255,360 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2004/10/12 08:39:48 | 000,028,160 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2004/10/12 08:39:08 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\ff_theora.dll
[2004/10/09 08:40:16 | 000,454,144 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2004/10/05 10:16:08 | 000,395,776 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2004/10/03 19:50:54 | 000,129,024 | ---- | C] () -- C:\WINDOWS\System32\ff_mpeg2enc.dll
[2003/12/19 03:00:00 | 000,013,387 | ---- | C] () -- C:\WINDOWS\System32\CinemSup.sys
[2003/02/20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/24 02:00:00 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lockout.dll
[2001/08/14 12:47:08 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\vxpsapi.dll
[2000/10/16 23:16:38 | 000,225,280 | ---- | C] () -- C:\WINDOWS\System32\Scint100.dll
[2000/10/16 23:16:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\sccres100.dll
[1998/06/10 00:00:00 | 000,015,120 | ---- | C] () -- C:\WINDOWS\System32\REPUTIL.DLL
[1997/09/04 00:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/09/04 00:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
< End of report > |