| |  Windowsystem wurde Blockiert
 Hallo,
ich bin absolut verzweifelt und obendrei auch noch schrecklich unwissend
was das Medium Computer angeht.
Ich habe mir beim surfen, den hier schon oft genannten Trojaner mit der Windowssystemblockade eingefangen. Hier der genaue Text:
Achtung aus Sicherheitsgründen wurde ihr Windowssystem blockiert.
Durch das Besuchen von Seiten mit infizierten und pornografischen Inhalten
ist das Computersystem an eine kritische Grenze angekommen,
nach der das System zusammenbrechen und die ganzen Daten verloren gehen könnten.
Um das System wieder herstellen zu können, müssen sie ein zusätzliches Sicherheitsupdate herrunter laden.
Dieses Update ist ein kostenpflichtiges Upgrade für besonders infizierte Windowssysteme.
Es schützt das System vollständig von Virus und Schadprogrammen, stabilisiert ihr Computersystem und verhindert den Datenverlust.
Im Anschluss daran, werde ich aufgefordert 50€ in Form einer Karte (die an Tankstellen zu kaufen ist) zu bezahlen, damit mein Computer wieder freigeschaltet werden kann.
Ich habe schon eine menge Forenbeiträge gelesen, das Problem ist leider nur, dass dort scheinbar überall Fachmänner oder -frauen am Werk waren und ich den Anweisungen nicht folgen konnte. Was ich allerdings gemacht habe ist, dass ich mir OTL von Oldtimer runtergeladen und ausgeführt habe.
Hier mein OTL.Txt PHP-Code: OTL logfile created on: 22.01.2012 14:50:46 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Anna-Katharina\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 87,06% Memory free
6,19 Gb Paging File | 5,96 Gb Available in Paging File | 96,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 192,55 Gb Free Space | 82,68% Space Free | Partition Type: NTFS
Computer Name: AK-PC | User Name: Anna-Katharina | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012.01.22 14:47:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Anna-Katharina\Desktop\OTL.exe
PRC - [2009.04.11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2011.05.28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - [2011.10.19 16:56:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.10.19 16:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.12 15:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV - [2011.01.12 15:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.17 17:15:08 | 000,087,968 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Programme\Realtek\Audio\HDA\AERTSrv.exe -- (AERTFilters)
SRV - [2008.07.29 09:11:00 | 000,071,512 | ---- | M] (O2Micro International) [Auto | Stopped] -- C:\Windows\System32\drivers\o2flash.exe -- (o2flash)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2011.10.19 16:56:15 | 000,134,344 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.10.19 16:56:15 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.19 16:56:15 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.12.21 14:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)
DRV - [2010.12.21 14:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)
DRV - [2010.12.21 12:47:38 | 000,095,384 | ---- | M] (ESET) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV - [2010.06.23 08:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.06.16 13:59:00 | 009,768,640 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.04.03 22:04:10 | 000,718,336 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009.01.20 14:36:12 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008.07.29 09:10:14 | 000,051,288 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2008.06.12 08:28:56 | 000,043,608 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2sd.sys -- (O2SDRDR)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [String data over 1000 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 35 0A 13 02 84 56 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011.08.09 12:39:55 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Programme\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Programme\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Programme\IMinent Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe (Iminent)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [{F8BD5D6C-C26F-11E0-8912-806E6F6E6963}] C:\Users\Anna-Katharina\AppData\Roaming\Microsoft\loadhst.exe (TrueCrypt Foundation)
O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Anna-Katharina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Anna-Katharina\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{067F751A-D6D1-4357-8A3D-83B32B96A6BF}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8FE33021-7E3C-41AA-8D0B-13C38C81517C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E4A0E54A-8467-43F4-B9AA-2568178CFED9}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Anna-Katharina\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Anna-Katharina\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5a9a9eeb-c346-11e0-a0b2-002170ad4721}\Shell - "" = AutoRun
O33 - MountPoints2\{5a9a9eeb-c346-11e0-a0b2-002170ad4721}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\DVR/AutoRun.exe start.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Error creating restore point.
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012.01.22 14:47:03 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Anna-Katharina\Desktop\OTL.exe
[2012.01.22 14:04:05 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.22 13:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.01.22 13:54:10 | 000,134,344 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.01.22 13:54:10 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.01.22 13:54:10 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.01.22 13:54:10 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.01.22 13:54:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.01.22 13:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.01.17 22:30:40 | 000,000,000 | ---D | C] -- C:\Users\Anna-Katharina\AppData\Local\ESET
[2012.01.17 22:30:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft
[2012.01.17 22:30:00 | 000,000,000 | ---D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2012.01.17 22:25:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojancheck 6
[2012.01.17 22:25:58 | 000,000,000 | ---D | C] -- C:\Program Files\Trojancheck 6
[2012.01.17 16:55:52 | 000,000,000 | ---D | C] -- C:\Program Files\IMinent Toolbar
[2012.01.17 16:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2012.01.17 16:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IMinent
[2012.01.17 16:55:38 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2012.01.17 16:48:28 | 001,929,192 | ---- | C] (Iminent) -- C:\Users\Anna-Katharina\Desktop\Bootstrapper_0-uvdhqmaP_.exe
[2012.01.15 16:21:51 | 000,000,000 | ---D | C] -- C:\Users\Anna-Katharina\Desktop\Mama Unterlagen
[2012.01.10 12:37:23 | 000,000,000 | ---D | C] -- C:\Users\Anna-Katharina\Desktop\Bewerbung
[2011.12.27 21:30:26 | 000,000,000 | ---D | C] -- C:\Users\Anna-Katharina\AppData\Roaming\WinRAR
[2011.12.27 21:30:26 | 000,000,000 | ---D | C] -- C:\Users\Anna-Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.12.27 21:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.12.27 21:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.12.27 13:31:49 | 000,000,000 | ---D | C] -- C:\Users\Anna-Katharina\AppData\Roaming\redsn0w
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012.01.22 14:48:38 | 000,627,682 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.01.22 14:48:38 | 000,595,386 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.01.22 14:48:38 | 000,125,858 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.01.22 14:48:38 | 000,103,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.01.22 14:47:03 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Anna-Katharina\Desktop\OTL.exe
[2012.01.22 14:44:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.22 14:00:16 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.22 14:00:16 | 000,003,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.22 14:00:16 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.22 13:54:30 | 000,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.01.18 13:38:14 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.17 22:41:30 | 000,001,868 | ---- | M] () -- C:\Users\Anna-Katharina\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.01.17 22:41:30 | 000,001,797 | ---- | M] () -- C:\Users\Anna-Katharina\Desktop\Avira DE-Cleaner.lnk
[2012.01.17 22:30:14 | 000,000,936 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012.01.17 22:25:59 | 000,000,808 | ---- | M] () -- C:\Users\Anna-Katharina\Desktop\Trojancheck.lnk
[2012.01.17 16:54:43 | 001,929,192 | ---- | M] (Iminent) -- C:\Users\Anna-Katharina\Desktop\Bootstrapper_0-uvdhqmaP_.exe
[2012.01.17 16:54:26 | 084,419,032 | ---- | M] () -- C:\Users\Anna-Katharina\Desktop\avira_free_antivirus_de1200861.exe
[2012.01.12 22:39:18 | 000,000,000 | -H-- | M] () -- C:\Users\Anna-Katharina\Documents\Default.rdp
[2012.01.10 22:49:20 | 000,075,105 | ---- | M] () -- C:\Users\Anna-Katharina\Desktop\Wallpaperart_inspiration_artisy_greno2.jpg
[2012.01.10 22:44:29 | 000,090,393 | ---- | M] () -- C:\Users\Anna-Katharina\Desktop\armreifen.jpg
[2011.12.27 19:05:00 | 000,000,680 | ---- | M] () -- C:\Users\Anna-Katharina\AppData\Local\d3d9caps.dat
[2011.12.27 10:38:12 | 003,610,840 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012.01.22 13:54:30 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.01.17 22:41:30 | 000,001,868 | ---- | C] () -- C:\Users\Anna-Katharina\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012.01.17 22:41:30 | 000,001,797 | ---- | C] () -- C:\Users\Anna-Katharina\Desktop\Avira DE-Cleaner.lnk
[2012.01.17 22:30:14 | 000,000,936 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012.01.17 22:25:59 | 000,000,808 | ---- | C] () -- C:\Users\Anna-Katharina\Desktop\Trojancheck.lnk
[2012.01.17 16:48:28 | 084,419,032 | ---- | C] () -- C:\Users\Anna-Katharina\Desktop\avira_free_antivirus_de1200861.exe
[2012.01.12 22:39:18 | 000,000,000 | -H-- | C] () -- C:\Users\Anna-Katharina\Documents\Default.rdp
[2012.01.10 22:49:30 | 000,075,105 | ---- | C] () -- C:\Users\Anna-Katharina\Desktop\Wallpaperart_inspiration_artisy_greno2.jpg
[2012.01.10 22:38:48 | 000,090,393 | ---- | C] () -- C:\Users\Anna-Katharina\Desktop\armreifen.jpg
[2011.12.21 13:48:00 | 000,008,704 | ---- | C] () -- C:\Users\Anna-Katharina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.10 14:08:15 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2011.08.09 12:02:41 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
[2011.08.09 12:02:41 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe
[2011.08.09 11:53:33 | 000,028,694 | ---- | C] () -- C:\ProgramData\nvModes.001
[2011.08.09 11:53:32 | 000,028,694 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011.08.09 11:48:05 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2011.08.09 11:48:04 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2011.08.09 11:23:18 | 000,000,680 | ---- | C] () -- C:\Users\Anna-Katharina\AppData\Local\d3d9caps.dat
[2009.12.03 08:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.04.11 17:54:15 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.04.11 17:54:14 | 000,627,682 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.04.11 17:54:14 | 000,125,858 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.04.11 17:54:14 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.04.11 14:18:12 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.04.11 14:18:12 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2009.04.11 14:18:11 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 003,610,840 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,595,386 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,103,460 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[color=#E56717]========== LOP Check ==========[/color]
[2011.08.09 12:00:53 | 000,000,000 | ---D | M] -- C:\Users\Anna-Katharina\AppData\Roaming\Canneverbe Limited
[2011.12.21 15:21:06 | 000,000,000 | ---D | M] -- C:\Users\Anna-Katharina\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.12.21 12:49:57 | 000,000,000 | ---D | M] -- C:\Users\Anna-Katharina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.11.29 22:49:36 | 000,000,000 | ---D | M] -- C:\Users\Anna-Katharina\AppData\Roaming\DVDVideoSoft
[2011.11.29 22:48:46 | 000,000,000 | ---D | M] -- C:\Users\Anna-Katharina\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.08.10 23:59:05 | 000,000,000 | ---D | M] -- C:\Users\Anna-Katharina\AppData\Roaming\LolClient
[2011.08.09 12:49:01 | 000,000,000 | ---D | M] -- C:\Users\Anna-Katharina\AppData\Roaming\OpenOffice.org
[2011.12.27 13:31:49 | 000,000,000 | ---D | M] -- C:\Users\Anna-Katharina\AppData\Roaming\redsn0w
[2011.10.15 19:20:33 | 000,000,000 | ---D | M] -- C:\Users\Anna-Katharina\AppData\Roaming\Windows Live Writer
[2012.01.22 14:05:04 | 000,032,558 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2011.08.09 11:23:36 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.08.09 13:41:26 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.01.22 14:44:03 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2011.08.09 11:37:53 | 000,000,000 | ---D | M] -- C:\Dell
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.08.09 11:21:18 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.08.09 11:28:31 | 000,000,000 | ---D | M] -- C:\Intel
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.01.22 13:54:09 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.01.22 13:54:09 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.08.09 11:21:18 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.08.10 22:45:17 | 000,000,000 | ---D | M] -- C:\Riot Games
[2012.01.17 19:27:40 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.08.09 11:23:16 | 000,000,000 | R--D | M] -- C:\Users
[2012.01.17 19:40:51 | 000,000,000 | ---D | M] -- C:\Windows
[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]
[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
[color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
[2009.04.11 14:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 14:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 14:18:00 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[color=#A23BEC]< MD5 for: CNGAUDIT.DLL >[/color]
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009.04.11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 14:18:30 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[color=#A23BEC]< MD5 for: IASTORV.SYS >[/color]
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
[color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
[2009.04.11 14:18:21 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 14:18:21 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[color=#A23BEC]< MD5 for: NVSTOR.SYS >[/color]
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
[color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
[2009.04.11 14:18:47 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 14:18:47 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[color=#A23BEC]< MD5 for: USER32.DLL >[/color]
[2009.04.11 14:18:28 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009.04.11 14:18:28 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2009.04.11 14:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 14:18:46 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[color=#A23BEC]< MD5 for: WS2IFSL.SYS >[/color]
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
[color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
[2009.04.11 15:08:12 | 023,552,000 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2009.04.11 15:07:55 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2009.04.11 15:08:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[color=#A23BEC]< %USERPROFILE%\*.* >[/color]
[2011.08.09 13:42:08 | 000,786,432 | -HS- | M] () -- C:\Users\Anna-Katharina\NTUSER.bak
[2012.01.22 14:58:43 | 001,310,720 | ---- | M] () -- C:\Users\Anna-Katharina\NTUSER.DAT
[2012.01.22 14:58:43 | 000,262,144 | -H-- | M] () -- C:\Users\Anna-Katharina\ntuser.dat.LOG1
[2011.08.09 11:23:16 | 000,000,000 | -H-- | M] () -- C:\Users\Anna-Katharina\ntuser.dat.LOG2
[2011.08.09 13:42:06 | 000,065,536 | -HS- | M] () -- C:\Users\Anna-Katharina\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2011.08.09 13:42:06 | 000,524,288 | -HS- | M] () -- C:\Users\Anna-Katharina\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2011.08.09 11:42:21 | 000,524,288 | -HS- | M] () -- C:\Users\Anna-Katharina\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2012.01.22 14:05:08 | 000,065,536 | -HS- | M] () -- C:\Users\Anna-Katharina\NTUSER.DAT{6d4b9f42-c282-11e0-869b-002170ad4721}.TM.blf
[2012.01.22 14:05:08 | 000,524,288 | -HS- | M] () -- C:\Users\Anna-Katharina\NTUSER.DAT{6d4b9f42-c282-11e0-869b-002170ad4721}.TMContainer00000000000000000001.regtrans-ms
[2011.08.09 14:09:48 | 000,524,288 | -HS- | M] () -- C:\Users\Anna-Katharina\NTUSER.DAT{6d4b9f42-c282-11e0-869b-002170ad4721}.TMContainer00000000000000000002.regtrans-ms
[2011.08.09 11:23:17 | 000,000,020 | -HS- | M] () -- C:\Users\Anna-Katharina\ntuser.ini
[2011.08.09 13:41:28 | 000,000,000 | -H-- | M] () -- C:\Users\Anna-Katharina\NTUSER.tmp.LOG1
[2011.08.09 13:41:28 | 000,000,000 | -H-- | M] () -- C:\Users\Anna-Katharina\NTUSER.tmp.LOG2
[color=#A23BEC]< %USERPROFILE%\Local Settings\Temp\*.exe >[/color]
[color=#A23BEC]< %USERPROFILE%\Local Settings\Temp\*.dll >[/color]
[color=#A23BEC]< %USERPROFILE%\Application Data\*.exe >[/color]
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >[/color]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
[color=#A23BEC]< >[/color]
< End of report >
und hier mein Extras.Txt PHP-Code: OTL Extras logfile created on: 22.01.2012 14:50:46 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Anna-Katharina\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 87,06% Memory free
6,19 Gb Paging File | 5,96 Gb Available in Paging File | 96,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 192,55 Gb Free Space | 82,68% Space Free | Partition Type: NTFS
Computer Name: AK-PC | User Name: Anna-Katharina | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[color=#E56717]========== Authorized Applications List ==========[/color]
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4D55CCD0-D8A5-40E8-81BF-714C654ACF15}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9D271A83-D37F-4681-80A9-66BE8248122E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{4189797B-4550-44D6-9CF5-3E50E7E9EEBF}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{4EF6ABAE-2757-4438-8269-796342FBD992}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{542FF567-052A-40DE-82E2-09575FC78DF1}" = protocol=6 | dir=out | app=c:\program files\iminent\mmserver\iminent.mmserver.exe |
"{56F26027-E8D9-40EB-B7A0-E70C25411143}" = protocol=6 | dir=in | app=c:\program files\iminent\imbooster\imbooster.exe |
"{57BD7B33-45A0-425D-9510-AFB1B9C0A90C}" = protocol=6 | dir=out | app=c:\program files\iminent\imbooster\imbooster.exe |
"{73BEE723-34DE-4EB8-BA1D-8B5636D20AFD}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{83B24572-538D-4573-A17E-610653E493A1}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{85706BEC-B833-474E-950C-81E0B3B96173}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{9800BF66-9416-4711-A416-0BC1D6E3FDE2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9D4B8792-4F9B-4727-9869-4E8A2F0AE70A}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A4BB89BC-3B54-4EC9-A37A-093B0BCF0402}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{B8099809-78C3-4804-B89F-9137FE02518E}" = protocol=6 | dir=in | app=c:\program files\iminent\mmserver\iminent.mmserver.exe |
"{C76381D4-EB3A-4AFD-825B-83624516A89B}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{DED5AD0C-0EE5-4D8D-895C-4B9C0FA601BC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 30
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{36DCC61E-53B6-41D4-9590-9894BCE17068}" = ESET NOD32 Antivirus
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8686D4FE-62EF-46FB-B9FD-00679EB381FF}_is1" = Trojan Killer 2.1
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}" = IMinent Toolbar
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD4CEACE-8B19-4B1C-AE82-DE0FC5787D4C}" = Iminent
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1845F1C-068C-F8F4-D31D-D3540D47C453}" = Adobe Download Assistant
"{E2867240-F889-4D76-9AAF-252D9A1A623E}" = O2Micro Flash Memory Card Reader Driver (x86)
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Avira AntiVir Desktop" = Avira Free Antivirus
"Broadcom 802.11b Network Adapter" = Dienstprogramm für Dell Wireless WLAN Karte
"CDAEB792A294454523DEF203B713DA0D3B4FB5D2" = Windows-Treiberpaket - Ralink (netr28u) Net (04/03/2009 2.03.02.0000)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free Studio_is1" = Free Studio version 5.3.1
"Free YouTube Download_is1" = Free YouTube Download version 3.0.16.923
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.00" = GPL Ghostscript 9.00
"IMBoosterARP" = Iminent
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Trojancheck_is1" = Trojancheck 6
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ]
Error - 17.01.2012 13:23:13 | Computer Name = AK-PC | Source = EventSystem | ID = 4621
Description =
Error - 17.01.2012 13:26:42 | Computer Name = AK-PC | Source = EventSystem | ID = 4621
Description =
Error - 17.01.2012 14:41:20 | Computer Name = AK-PC | Source = EventSystem | ID = 4609
Description =
Error - 17.01.2012 14:44:12 | Computer Name = AK-PC | Source = EventSystem | ID = 4609
Description =
Error - 17.01.2012 17:26:37 | Computer Name = AK-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tc6.exe, Version 6.0.0.0, Zeitstempel 0x2a425e19,
fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18449, Zeitstempel 0x4da47967,
Ausnahmecode 0xc0000005, Fehleroffset 0x000bfea5, Prozess-ID 0x768, Anwendungsstartzeit
01ccd55e9bfaaf92.
Error - 17.01.2012 17:33:16 | Computer Name = AK-PC | Source = EventSystem | ID = 4621
Description =
Error - 17.01.2012 17:50:39 | Computer Name = AK-PC | Source = EventSystem | ID = 4621
Description =
Error - 22.01.2012 08:09:08 | Computer Name = AK-PC | Source = EventSystem | ID = 4609
Description =
Error - 22.01.2012 08:14:19 | Computer Name = AK-PC | Source = EventSystem | ID = 4609
Description =
Error - 22.01.2012 09:44:38 | Computer Name = AK-PC | Source = EventSystem | ID = 4609
Description =
[ Broadcom Wireless LAN Events ]
Error - 05.12.2011 16:53:05 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 21:53:05, Mon, Dec 05, 11 Error - User "" does not have administrative
privileges on this system
Error - 08.12.2011 06:32:48 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 11:32:48, Thu, Dec 08, 11 Error - User "" does not have administrative
privileges on this system
Error - 08.12.2011 20:05:19 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 01:05:19, Fri, Dec 09, 11 Error - User "" does not have administrative
privileges on this system
Error - 17.01.2012 10:44:06 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 15:44:06, Tue, Jan 17, 12 Error - User "" does not have administrative
privileges on this system
Error - 17.01.2012 10:46:53 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 15:46:53, Tue, Jan 17, 12 Error - User "" does not have administrative
privileges on this system
Error - 17.01.2012 11:08:34 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 16:08:34, Tue, Jan 17, 12 Error - User "" does not have administrative
privileges on this system
Error - 17.01.2012 11:27:25 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 16:27:25, Tue, Jan 17, 12 Error - User "" does not have administrative
privileges on this system
Error - 17.01.2012 13:25:13 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 18:25:13, Tue, Jan 17, 12 Error - User "" does not have administrative
privileges on this system
Error - 17.01.2012 13:44:26 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 18:44:26, Tue, Jan 17, 12 Error - User "" does not have administrative
privileges on this system
Error - 17.01.2012 13:44:26 | Computer Name = AK-PC | Source = WLAN-Tray | ID = 0
Description = 18:44:26, Tue, Jan 17, 12 Error - User "" does not have administrative
privileges on this system
[ System Events ]
Error - 29.12.2011 14:56:52 | Computer Name = AK-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 01.01.2012 12:43:37 | Computer Name = AK-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 31.12.2011 um 15:22:34 unerwartet heruntergefahren.
Error - 01.01.2012 12:45:14 | Computer Name = AK-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 01.01.2012 12:45:14 | Computer Name = AK-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 03.01.2012 17:08:49 | Computer Name = AK-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 01.01.2012 um 21:21:32 unerwartet heruntergefahren.
Error - 03.01.2012 17:10:24 | Computer Name = AK-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 03.01.2012 17:10:24 | Computer Name = AK-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 03.01.2012 18:27:19 | Computer Name = AK-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 03.01.2012 18:27:19 | Computer Name = AK-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 05.01.2012 15:03:21 | Computer Name = AK-PC | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.36 für die Netzwerkkarte mit der Netzwerkadresse
000CF685A7BE wurde durch den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server
hat eine DHCPNACK-Meldung gesendet).
< End of report >
Ich wäre über die Maßen dankbar, wenn mir irgendwer helfen könnte, diesen Mist wieder loszuwerden.
Ganz liebe Grüße
Anna
P.s.: Achja, ich weiß nicht wie wichtig es ist, oder ob man das aus den Anhängen rauslesen kann, aber ich verwende auf meinem Laptop Windows Vista.
|
22.01.2012, 15:33
Baum-Darstellung