| wurzelgnom08 | 04.08.2011 12:23 |
Bestimmte Internetseiten öffnen sich nicht mehr - aber ohne Fehlermeldung!
Hallo zusammen!
Nachdem ich alle Schritte befolgt habe, bin ich mir immer noch nicht sicher, ob ich auch alles richtig gemacht habe.
Es besteht folgendes Problem:
Ein paar bestimmte Internetseiten (Login ebay, reitforum.de, loesdau.de, Login Paypal etc) öffnen sich neuerdings nicht mehr.
Wenn ich die gewünschte Seite aufrufen möchte, lädt sie - oft stundenlang. Ohne abzubrechen oder sich aufzuhängen. Sie lädt einfach nur lustig vor sich hin.
Am Seitenbetreiber kanns nicht liegen - zuhause funktioniert alles einwandfrei! Und ich weiß nicht mehr weiter. Evtl. liegts auch gar nicht an unerwünschter Software auf dem PC.
Vielleicht könnt ihr mir helfen? Ich wäre euch super dankbar, da es so echt kein Zustand ist...
Hier noch die Inhalte von den Schritten, die ich wie von euch beschrieben vorgenommen habe: Extras.TxtOTL Logfile: Code:
OTL Extras logfile created on: 04.08.2011 11:23:39 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
479,48 Mb Total Physical Memory | 141,83 Mb Available Physical Memory | 29,58% Memory free
1,05 Gb Paging File | 0,60 Gb Available in Paging File | 57,56% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 0,84 Gb Free Space | 4,28% Space Free | Partition Type: NTFS
Drive E: | 129,51 Gb Total Space | 126,13 Gb Free Space | 97,39% Space Free | Partition Type: NTFS
Computer Name: KM-BUHA | User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1"
https [open] -- "C:\Programme\Google\Chrome\Application\chrome.exe" -- "%1"
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\MSN Messenger\msnmsgr.exe" = C:\Programme\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{00040407-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Disc 2
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{15EE79F4-4ED1-4267-9B0F-351009325D7D}" = HP Software Update
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1C32666E-3F65-4A9A-BC4D-FE293015FE7B}" = hp LaserJet all-in-one
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2405665A-16C9-4D3A-B70E-F006220E1472}" = Overland
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3AEF2F6C-F1D3-47CD-BF3B-A327F1FABE58}" = PSPrinters06
"{3CA9D105-113C-11D8-AB3E-000102B0F79A}" = Readiris Pro 9
"{41254D7B-EADF-4078-AE4A-BD73B300EE86}" = Unload
"{4774B277-92D9-4033-92E4-478037392F90}" = ScrewDrivers Client v4
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{59cde1a7-f5a4-4a3a-a24a-87a6f802f272}" = Nero 9 Essentials
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{98D451C4-4ACA-4273-BB47-57CFE46B048E}" = WD SmartWare
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}" = Photosmart 320,370,7400,8100,8400 Series (deu)
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{b2ec4a38-b545-4a00-8214-13fe0e915e6d}" = Advertising Center
"{bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}" = Nero ControlCenter
"{BF018D2F-C788-4AB1-AB95-1280EAB8F13E}" = TrayApp
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D83BD5E2-5AF4-49F6-B5C1-484A9760E73D}" = Brother MFL-Pro Suite
"{dba84796-8503-4ff0-af57-1747dd9a166d}" = Nero Online Upgrade
"{DD23CAA4-8872-4B95-B263-EA46FD82CF19}" = LaserAIO
"{e8a80433-302b-4ff1-815d-fcc8eac482ff}" = Nero Installer
"{F65787F3-B356-45EC-8DD0-0E6758EDBCEE}" = WebReg
"{FE3F3C9B-2C29-4FEE-A74F-11E436729F2C}" = Scan
"7-Zip" = 7-Zip 4.42
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIC_DeinstKey" = Saab AIC
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"EAC_DeinstKey" = Saab EAC
"ec@ros 2 - ASP (FFM)" = ec@ros 2 - ASP (FFM)
"ec@ros 2 - ASP (FFM) " = ec@ros 2 - ASP (FFM)
"EPC_DeinstKey" = Saab EPC
"EPSIBar" = EPSI Toolbar
"Hardlock Gerätetreiber" = Hardlock Gerätetreiber
"hp LaserJet-all-in-one" = hp LaserJet-all-in-one
"HP Photo & Imaging" = HP Image Zone 4.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MNU_DeinstKey" = MNU
"Mozilla Firefox 5.0.1 (x86 de)" = Mozilla Firefox 5.0.1 (x86 de)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"OrderReminder hp LaserJet 3015/3020/3030/3380" = OrderReminder hp LaserJet 3015/3020/3030/3380
"S3" = UniChrome Pro IGP Display Driver and Utilities
"ScrewDrivers Client v4" = ScrewDrivers Client v4
"SEAT7" = SEAT7
"STM_DeinstKey" = STM
"Uninstall_is1" = Uninstall 1.0.0.1
"Universal Document Converter_is1" = Universal Document Converter (Demo)
"VTDisplay" = S3 S3Display
"VTGamma2" = S3 S3Gamma2
"VTInfo2" = S3 S3Info2
"VTOverlay" = S3 S3Overlay
"VTTrayPlus" = S3 S3TrayPlus
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 08.01.2010 07:11:23 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 7.0.6000.16945, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.01.2010 07:11:23 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 7.0.6000.16945, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.01.2010 07:11:23 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 7.0.6000.16945, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.01.2010 07:14:23 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 7.0.6000.16945, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.01.2010 07:36:17 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 7.0.6000.16945, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 27.01.2010 08:12:08 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 7.0.6000.16981, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.02.2010 04:58:58 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 7.0.6000.16981, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.02.2010 04:58:58 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung iexplore.exe, Version 7.0.6000.16981, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 08.02.2010 04:59:10 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1669655770.
Error - 08.02.2010 04:59:12 | Computer Name = KM-BUHA | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich 1669655770.
[ System Events ]
Error - 04.08.2011 03:56:10 | Computer Name = KM-BUHA | Source = DCOM | ID = 10009
Description = DCOM konnte mit dem Computer "BUTORACNOTEBOOK" unter Verwendung eines
beliebigen, konfigurierten Protokolls keine Daten austauschen.
Error - 04.08.2011 04:09:33 | Computer Name = KM-BUHA | Source = DCOM | ID = 10009
Description = DCOM konnte mit dem Computer "BUTORACNOTEBOOK" unter Verwendung eines
beliebigen, konfigurierten Protokolls keine Daten austauschen.
Error - 04.08.2011 04:09:54 | Computer Name = KM-BUHA | Source = DCOM | ID = 10009
Description = DCOM konnte mit dem Computer "BUTORACNOTEBOOK" unter Verwendung eines
beliebigen, konfigurierten Protokolls keine Daten austauschen.
Error - 04.08.2011 04:10:18 | Computer Name = KM-BUHA | Source = DCOM | ID = 10009
Description = DCOM konnte mit dem Computer "BUTORACNOTEBOOK" unter Verwendung eines
beliebigen, konfigurierten Protokolls keine Daten austauschen.
Error - 04.08.2011 04:10:39 | Computer Name = KM-BUHA | Source = DCOM | ID = 10009
Description = DCOM konnte mit dem Computer "BUTORACNOTEBOOK" unter Verwendung eines
beliebigen, konfigurierten Protokolls keine Daten austauschen.
Error - 04.08.2011 04:11:01 | Computer Name = KM-BUHA | Source = DCOM | ID = 10009
Description = DCOM konnte mit dem Computer "BUTORACNOTEBOOK" unter Verwendung eines
beliebigen, konfigurierten Protokolls keine Daten austauschen.
Error - 04.08.2011 04:11:23 | Computer Name = KM-BUHA | Source = DCOM | ID = 10009
Description = DCOM konnte mit dem Computer "BUTORACNOTEBOOK" unter Verwendung eines
beliebigen, konfigurierten Protokolls keine Daten austauschen.
Error - 04.08.2011 04:22:15 | Computer Name = KM-BUHA | Source = DCOM | ID = 10010
Description = Der Server "{601AC3DC-786A-4EB0-BF40-EE3521E70BFB}" konnte innerhalb
des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error - 04.08.2011 05:10:16 | Computer Name = KM-BUHA | Source = DCOM | ID = 10009
Description = DCOM konnte mit dem Computer "BUTORACNOTEBOOK" unter Verwendung eines
beliebigen, konfigurierten Protokolls keine Daten austauschen.
Error - 04.08.2011 05:10:37 | Computer Name = KM-BUHA | Source = DCOM | ID = 10009
Description = DCOM konnte mit dem Computer "BUTORACNOTEBOOK" unter Verwendung eines
beliebigen, konfigurierten Protokolls keine Daten austauschen.
< End of report >
--- --- --- OTL.TxtOTL Logfile: Code:
OTL logfile created on: 04.08.2011 11:23:39 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
479,48 Mb Total Physical Memory | 141,83 Mb Available Physical Memory | 29,58% Memory free
1,05 Gb Paging File | 0,60 Gb Available in Paging File | 57,56% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 19,53 Gb Total Space | 0,84 Gb Free Space | 4,28% Space Free | Partition Type: NTFS
Drive E: | 129,51 Gb Total Space | 126,13 Gb Free Space | 97,39% Space Free | Partition Type: NTFS
Computer Name: KM-BUHA | User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.08.04 11:22:01 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\OTL.exe
PRC - [2011.07.20 11:28:55 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.07.08 09:31:38 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.06.06 12:55:28 | 000,937,920 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
PRC - [2011.04.21 07:53:10 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.21 07:52:36 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.04.08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.01.18 22:48:28 | 000,217,088 | ---- | M] (Tamara) -- C:\EPC\Toolbar\EPSIBar.exe
PRC - [2010.09.08 11:45:10 | 001,034,752 | ---- | M] () -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2010.09.08 11:44:50 | 000,484,352 | ---- | M] () -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2010.09.08 11:42:28 | 005,185,536 | ---- | M] (Western Digital Technologies, Inc.) -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
PRC - [2010.09.08 11:41:36 | 000,237,056 | ---- | M] (WDC) -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.09.18 14:55:07 | 000,020,572 | ---- | M] () -- C:\Programme\Hewlett-Packard\Toolbox\jre\bin\javaw.exe
PRC - [2007.08.24 17:57:51 | 000,098,304 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe
PRC - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2005.04.08 18:18:37 | 000,151,552 | ---- | M] (Hewlett-Packard) -- C:\Programme\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe
PRC - [2004.11.11 22:00:04 | 000,864,256 | ---- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\ControlCenter2\brctrcen.exe
PRC - [2004.10.01 10:31:54 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2004.06.21 20:57:16 | 000,143,360 | R--- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\VTTrayp.exe
PRC - [2004.05.12 16:18:54 | 000,135,168 | ---- | M] (Hewlett-Packard Company) -- C:\Programme\hp\hpcoretech\comp\hptskmgr.exe
PRC - [2000.10.23 13:25:08 | 000,102,400 | ---- | M] (GenRad Limited) -- C:\WINDOWS\system32\GRVSA.exe
========== Modules (SafeList) ==========
MOD - [2011.08.04 11:22:01 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads\OTL.exe
MOD - [2010.08.23 18:11:46 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011.07.20 11:28:55 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.21 07:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.09.08 11:45:10 | 001,034,752 | ---- | M] () [Auto | Running] -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010.09.08 11:44:50 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Programme\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2010.09.08 11:41:36 | 000,237,056 | ---- | M] (WDC) [Auto | Running] -- C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009.07.20 11:51:52 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2007.08.09 09:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - [2011.07.20 11:29:37 | 000,137,656 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.20 11:29:36 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.09.29 16:05:15 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009.02.13 13:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2007.09.11 14:40:30 | 000,238,976 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\akshasp.sys -- (akshasp)
DRV - [2007.09.11 14:40:30 | 000,014,976 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\aksusb.sys -- (aksusb)
DRV - [2006.11.22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2005.03.09 08:53:00 | 000,036,352 | R--- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.08.01 11:53:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2011.06.03 09:06:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2011.06.03 09:06:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions\mozswing@mozswing.org
[2011.08.01 11:53:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.06.10 11:30:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
[2010.01.15 18:00:17 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.03.12 04:00:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011.07.08 09:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2007.06.26 17:57:59 | 000,000,841 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 172.25.1.6 ec2default
O2 - BHO: (XTTBPos00 Class) - {055FD26D-3A88-4e15-963D-DC8493744B1D} - File not found
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ControlCenter2.0] C:\Programme\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe (HP)
O4 - HKLM..\Run: [HPHUPD06] c:\Programme\hp\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe (Hewlett-Packard)
O4 - HKLM..\Run: [OrderReminder] C:\Programme\Hewlett-Packard\OrderReminder\OrderReminder\OrderReminder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SetDefPrt] C:\Programme\Brother\Brmfl04g\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [StatusClient 2.6] C:\Programme\Hewlett-Packard\Toolbox\StatusClient\StatusClient.exe (Hewlett-Packard)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TomcatStartup 2.5] C:\Programme\Hewlett-Packard\Toolbox\hpbpsttp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKLM..\Run: [VTTrayp] C:\WINDOWS\System32\VTTrayp.exe (S3 Graphics Co., Ltd.)
O4 - HKCU..\Run: [MsnMsgr] File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\EPSI ToolBar.lnk = C:\EPC\Toolbar\EPSIBar.exe (Tamara)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SDASSIST.LNK = E:\SDII\D\D\EXE.W95\SDASSIST.exe (Deutsche Automobil Treuhand GmbH)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WDDMStatus.lnk = C:\Programme\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: gm.com ([]* in Vertrauenswürdige Sites)
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} hxxp://tky09.celartem.com/en/download/data/djvu_autoinstall/DjVuControl_de_DE.cab (DjVuCtl Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} hxxp://www.lokalisten.de/iup/ImageUploader4.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\hp\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\kraemer\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\kraemer\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.20 13:40:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {0e8d0700-75df-11d3-8b4a-0008c7450c4a} - Reg Error: Value error.
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {1325db73-d9f1-48f8-8895-6d814ec58889} - Sicherheitsupdate für Windows XP (KB913433)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.08.04 10:22:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\kraemer\Anwendungsdaten\Avira
[2011.08.04 10:11:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2011.08.04 10:10:41 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2011.08.04 10:10:30 | 000,137,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.08.04 10:10:30 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.08.04 10:10:30 | 000,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys
[2011.08.04 10:10:29 | 000,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys
[2011.08.04 10:10:15 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2011.08.04 10:10:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2011.08.03 07:53:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\PCHealth
[2011.08.02 17:31:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011.08.01 17:13:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011.08.01 16:35:33 | 000,000,000 | ---D | C] -- C:\Programme\msn
[2011.08.01 16:35:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2011.08.01 16:35:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2011.08.01 16:35:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2011.08.01 16:29:55 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2011.08.01 16:23:51 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2011.08.01 13:44:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\eSupport.com
[2011.08.01 09:50:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2011.07.25 15:15:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Babylon
[2011.07.14 10:26:02 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent
[2011.07.12 16:09:49 | 000,000,000 | ---D | C] -- C:\suzu-epc
[2011.07.05 13:30:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\Neuer Ordner (2)
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.08.04 11:19:19 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2011.08.04 10:49:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.04 10:11:11 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011.08.04 10:09:35 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.08.04 10:09:07 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.08.04 10:08:51 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.08.03 16:34:06 | 000,000,630 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2011.08.03 15:07:07 | 000,448,396 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.08.03 15:07:07 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.08.03 15:07:07 | 000,080,092 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.08.03 15:07:07 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.08.03 07:49:10 | 000,290,088 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.08.02 17:50:08 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011.08.01 16:29:30 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2011.08.01 11:53:29 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2011.07.20 11:29:37 | 000,137,656 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011.07.20 11:29:36 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011.07.15 09:41:20 | 000,126,858 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\img0543ww.jpg
[2011.07.12 10:36:48 | 000,000,097 | ---- | M] () -- C:\WINDOWS\ETKINST.INI
[2011.07.07 14:08:00 | 000,051,005 | ---- | M] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Autohaus Bieber.zip
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.08.04 11:19:19 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2011.08.04 10:11:11 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira AntiVir Control Center.lnk
[2011.08.01 16:27:29 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2011.08.01 11:53:29 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2011.08.01 11:53:29 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2011.08.01 09:39:06 | 000,001,092 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.08.01 09:39:06 | 000,001,088 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.15 09:41:18 | 000,126,858 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\img0543ww.jpg
[2011.07.12 12:54:00 | 001,253,301 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\CIMG7134.JPG
[2011.07.07 12:08:28 | 000,051,005 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Autohaus Bieber.zip
[2011.06.22 13:15:22 | 000,000,040 | ---- | C] () -- C:\WINDOWS\opt_2460.ini
[2011.06.14 08:45:01 | 000,000,051 | ---- | C] () -- C:\WINDOWS\brmx2001.ini
[2011.06.14 08:44:25 | 000,000,207 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2011.06.14 08:44:25 | 000,000,092 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2011.06.14 08:44:25 | 000,000,052 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011.06.14 08:43:32 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\BROSNMP.DLL
[2011.06.14 08:43:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2011.06.06 16:39:36 | 000,000,065 | ---- | C] () -- C:\WINDOWS\System32\BD7820N.DAT
[2011.04.16 14:52:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.06.02 13:23:47 | 000,000,630 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2010.06.02 13:23:47 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\BD2030.DAT
[2010.04.26 15:24:41 | 000,000,115 | ---- | C] () -- C:\WINDOWS\sdassist.ini
[2009.11.25 10:33:14 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.EXE
[2009.11.25 10:33:14 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\hlduinst.exe
[2009.11.25 10:33:14 | 000,006,836 | ---- | C] () -- C:\WINDOWS\System32\UNWISE.INI
[2008.12.18 11:25:00 | 000,093,405 | ---- | C] () -- C:\WINDOWS\HPHins03.dat
[2008.12.18 11:25:00 | 000,002,655 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat
[2008.10.02 12:02:40 | 000,013,312 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.09.09 11:49:10 | 000,555,156 | ---- | C] () -- C:\WINDOWS\etseun.EXE
[2008.09.09 11:47:39 | 000,000,097 | ---- | C] () -- C:\WINDOWS\ETKINST.INI
[2008.06.19 08:47:39 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\ACCUGNT5.DLL
[2008.06.19 08:35:15 | 000,119,808 | ---- | C] () -- C:\WINDOWS\System32\ICOMP.EXE
[2007.11.28 09:41:04 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.09.18 14:52:26 | 000,000,123 | ---- | C] () -- C:\WINDOWS\Readiris.ini
[2007.09.18 14:52:24 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll
[2007.08.28 10:45:00 | 000,000,403 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.08.24 17:57:22 | 000,074,752 | ---- | C] () -- C:\WINDOWS\System32\jst.dll
[2007.08.24 17:57:21 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\PMLJNI.dll
[2007.08.24 17:55:30 | 000,000,887 | ---- | C] () -- C:\WINDOWS\hplj3380.ini
[2007.08.24 17:55:07 | 000,000,375 | ---- | C] () -- C:\WINDOWS\hpbvspst.ini
[2007.08.24 17:54:58 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\hpbprnfx.exe
[2007.08.24 17:54:39 | 000,013,451 | ---- | C] () -- C:\WINDOWS\hpbins01.dat
[2007.08.24 17:54:39 | 000,001,380 | ---- | C] () -- C:\WINDOWS\hpbmdl01.dat
[2007.08.24 17:54:37 | 000,001,005 | ---- | C] () -- C:\WINDOWS\hpbvnstp.ini
[2007.08.24 17:54:32 | 000,221,184 | R--- | C] () -- C:\WINDOWS\System32\HP3AIOZ6.dll
[2007.08.24 17:54:32 | 000,000,412 | R--- | C] () -- C:\WINDOWS\System32\HP3AIOZ6.dat
[2006.09.20 16:57:18 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.09.20 14:20:36 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006.09.20 14:19:30 | 000,290,088 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006.09.20 13:43:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006.09.20 13:37:26 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006.02.28 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006.02.28 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006.02.28 14:00:00 | 000,448,396 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006.02.28 14:00:00 | 000,432,356 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006.02.28 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006.02.28 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006.02.28 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006.02.28 14:00:00 | 000,080,092 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006.02.28 14:00:00 | 000,067,312 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006.02.28 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006.02.28 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006.02.28 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006.02.28 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006.02.28 14:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006.02.28 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006.02.28 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004.07.14 02:46:04 | 000,009,505 | ---- | C] () -- C:\WINDOWS\System32\hphmon06.dat
[2003.09.26 14:42:46 | 000,002,421 | ---- | C] () -- C:\WINDOWS\System32\scrubber.ini
[2002.05.03 23:40:32 | 000,094,274 | ---- | C] () -- C:\WINDOWS\System32\HPBHEALR.DLL
[2001.10.24 11:49:32 | 000,000,032 | ---- | C] () -- C:\WINDOWS\hppcap.ini
[1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ==========
[2011.06.08 14:24:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avery
[2011.08.01 09:50:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2011.06.03 08:53:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Saab Automobile
[2007.08.28 10:53:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SBT
[2011.03.09 18:59:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Western Digital
[2011.06.08 14:10:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avery
[2011.07.25 15:19:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Babylon
[2011.06.03 09:22:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\CT
[2010.04.26 15:35:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\gnupg
[2009.05.07 16:09:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\gtk-2.0
[2009.07.27 09:12:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ICQ
[2008.12.18 11:18:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Image Zone Express
[2009.11.25 10:13:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\maxibilder.de.09E811A49857C99F38513E5AB8806E09FBF6F7FA.1
[2008.12.18 11:18:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Printer Info Cache
[2011.06.03 09:05:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Saab EPC
[2011.07.12 10:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\ScanSoft
[2010.07.22 08:03:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\UDC Profiles
[2011.06.01 16:40:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\XnView
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2010.10.05 09:37:36 | 000,000,000 | ---D | M] -- C:\2c24852eef1ea964939ad615ca
[2007.12.11 10:20:46 | 000,000,000 | ---D | M] -- C:\303b182c6c72a7b766
[2008.06.10 13:06:57 | 000,000,000 | ---D | M] -- C:\77534d1f07381c50e059084f339a673a
[2011.08.02 12:15:59 | 000,000,000 | ---D | M] -- C:\AIC
[2011.06.14 08:43:26 | 000,000,000 | ---D | M] -- C:\Brother
[2011.08.04 09:53:26 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2007.12.11 10:21:00 | 000,000,000 | ---D | M] -- C:\d0fc98bdc55c95b00b
[2007.09.03 16:09:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2011.08.03 17:40:30 | 000,000,000 | ---D | M] -- C:\EPC
[2008.06.10 13:05:21 | 000,000,000 | ---D | M] -- C:\f40f2b72b750ee7799e8f519e2
[2011.03.19 16:21:59 | 000,000,000 | ---D | M] -- C:\LocoSoft
[2011.08.02 12:16:11 | 000,000,000 | ---D | M] -- C:\MNU
[2010.07.22 07:58:36 | 000,000,000 | ---D | M] -- C:\Plugins
[2010.12.03 10:39:50 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.08.04 10:10:15 | 000,000,000 | R--D | M] -- C:\Programme
[2006.09.21 09:25:59 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011.08.03 14:59:01 | 000,000,000 | ---D | M] -- C:\STM
[2011.07.12 16:19:39 | 000,000,000 | ---D | M] -- C:\suzu-epc
[2006.09.20 13:44:50 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2008.12.18 11:24:00 | 000,000,000 | ---D | M] -- C:\temp
[2011.08.03 07:49:54 | 000,000,000 | ---D | M] -- C:\WINDOWS
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< MD5 for: EXPLORER.EXE >
[2006.02.28 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007.06.13 15:10:08 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=331ED93570BAF3CFE30340298762CD56 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\explorer.exe
[2007.06.13 15:21:45 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=64D320C0E301EEDC5A4ADBBDC5024F7F -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
< MD5 for: REGEDIT.EXE >
[2006.02.28 14:00:00 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=8193CE5FB09E83F2699FD65BBCBE2FD2 -- C:\WINDOWS\$NtServicePackUninstall$\regedit.exe
[2008.04.14 04:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\regedit.exe
[2008.04.14 04:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\ServicePackFiles\i386\regedit.exe
[2008.04.14 04:22:58 | 000,153,600 | ---- | M] (Microsoft Corporation) MD5=AD9226BF3CED13636083BB9C76E9D2A2 -- C:\WINDOWS\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\regedit.exe
< MD5 for: USERINIT.EXE >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2006.02.28 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2006.02.28 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\d7ca437757bb79190d8fe0f22734e38b\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-03 13:07:39
< >
< End of report >
--- --- --- GMER.Txt
GMER Logfile: Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2011-08-04 13:04:36
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD1600BB-00GUC0 rev.08.02D08
Running: 0jt6i6me.exe; Driver: C:\DOKUME~1\kraemer\LOKALE~1\Temp\pwrdqpog.sys
---- System - GMER 1.0.15 ----
SSDT F7AA689E ZwCreateKey
SSDT F7AA6894 ZwCreateThread
SSDT F7AA68A3 ZwDeleteKey
SSDT F7AA68AD ZwDeleteValueKey
SSDT F7AA68B2 ZwLoadKey
SSDT F7AA6880 ZwOpenProcess
SSDT F7AA6885 ZwOpenThread
SSDT F7AA68BC ZwReplaceKey
SSDT F7AA68B7 ZwRestoreKey
SSDT F7AA68A8 ZwSetValueKey
---- Kernel code sections - GMER 1.0.15 ----
.text C:\WINDOWS\system32\drivers\hardlock.sys section is writeable [0xF0F97400, 0x87EE2, 0xE8000020]
.protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xF103B620] C:\WINDOWS\system32\drivers\hardlock.sys entry point in ".protectÿÿÿÿhardlockentry point in ".protectÿÿÿÿhardlockentry point in ".p" section [0xF103B620]
.protectÿÿÿÿhardlockunknown last code section [0xF103B400, 0x5126, 0xE0000020] C:\WINDOWS\system32\drivers\hardlock.sys unknown last code section [0xF103B400, 0x5126, 0xE0000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Programme\Mozilla Firefox\firefox.exe[388] ntdll.dll!LdrLoadDll 7C92632D 5 Bytes JMP 00401410 C:\Programme\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation)
.text C:\Programme\Mozilla Firefox\plugin-container.exe[3768] USER32.dll!SetWindowLongA 7E37C29D 5 Bytes JMP 1068F0D7 C:\Programme\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Programme\Mozilla Firefox\plugin-container.exe[3768] USER32.dll!SetWindowLongW 7E37C2BB 5 Bytes JMP 1068F069 C:\Programme\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Programme\Mozilla Firefox\plugin-container.exe[3768] USER32.dll!GetWindowInfo 7E37C49C 5 Bytes JMP 104A56CB C:\Programme\Mozilla Firefox\xul.dll (Mozilla Foundation)
.text C:\Programme\Mozilla Firefox\plugin-container.exe[3768] USER32.dll!TrackPopupMenu 7E3B531E 5 Bytes JMP 104A5CE7 C:\Programme\Mozilla Firefox\xul.dll (Mozilla Foundation)
---- Devices - GMER 1.0.15 ----
Device \Driver\aksusb \Device\0000005e AKSCLASS.SYS (Aladdin Class Driver/Aladdin Knowledge Systems Ltd.)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
--- --- ---
Sagt ihr mir Bescheid, wenn ich was falsch gemacht habe?
Ich danke euch schon im Voraus!
Viele Grüße :) :) |
