RKIT/agent.depg.1, Spy.Banker.Gen und andere ...
Hallo Trojaner-Boarder!
ich hoffe, Ihr könnt mir helfen. Auf unserem Rechner scheinen sich Schädlinge auszubreiten.
Ich habe bisher folgendes gemacht:
Jeden Abend prüft Avira Free Antivirus und findet fast täglich seit ca. einer Woche Malware. Bisher habe ich die Dateien dann immer in Quarantäne geschoben, nicht gelöscht.
Heute habe ich den neuesten Fund mal gegoogelt (RKIT/agent.depg.1 in BAcroIEHelpe171.dll) und bin so zu Euch gekommen, weil ein anderer User hier exakt das Problem hat.
So habe ich dann auch zunächst, das getan, was ihm hier geraten wurde:
1. Vollscan mit Malwarebytes Anti-Malware, 9 Funde in Quarantäne verschoben
2. Systemscan mit OTL
Ich hoffe, ich habe alles richtig gemacht, auch bzgl. des Postings hier.
Wie kann ich jetzt weitermachen?
Vielen Dank jetzt schon für Eure Mühen :-)
Kathrin
Hier die Logfiles:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org
Datenbank Version: v2012.07.20.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
Katinka :: KATINKA-PC [Administrator]
Schutz: Aktiviert
20.07.2012 13:23:26
mbam-log-2012-07-20 (15-29-22).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 485774
Laufzeit: 2 Stunde(n), 4 Minute(n), 36 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Userinit (Trojan.Agent) -> Daten: C:\Users\Katinka\AppData\Roaming\appconf32.exe -> Keine Aktion durchgeführt.
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 8
C:\Users\Katrin\AppData\Roaming\ntuser.dat (Misused.Legit) -> Keine Aktion durchgeführt.
D:\Downloads\SmileyCentralPFSetup2.3.50.45.ZNfox000.exe (PUP.MyWebSearch) -> Keine Aktion durchgeführt.
H:\Sicherung alter PC Stand 280110\Sicherung Eigene Dateien\Lokale Einstellungen\Anwendungsdaten\Mozilla\Firefox\Profiles\i23lyo5g.default\Cache\D0AEA429d01 (PUP.MyWebSearch) -> Keine Aktion durchgeführt.
H:\Sicherung alter PC Stand 280110\Sicherung Laufwerk D\Downloads\SmileyCentralPFSetup2.3.50.45.ZNfox000.exe (PUP.MyWebSearch) -> Keine Aktion durchgeführt.
H:\Sicherung Laufwek D\Downloads\SmileyCentralPFSetup2.3.50.45.ZNfox000.exe (PUP.MyWebSearch) -> Keine Aktion durchgeführt.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Keine Aktion durchgeführt.
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Keine Aktion durchgeführt.
C:\Windows\Temp\{E9C1E1AC-C9B2-4c85-94DE-9C1518918D02}.tlb (Rootkit.Zeroaccess) -> Keine Aktion durchgeführt.
(Ende)
______________________________________OTL Logfile: Code:
OTL logfile created on: 20.07.2012 15:38:59 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Katinka\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,61% Memory free
4,00 Gb Paging File | 2,77 Gb Available in Paging File | 69,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 150,04 Gb Total Space | 111,55 Gb Free Space | 74,34% Space Free | Partition Type: NTFS
Drive D: | 108,88 Gb Total Space | 102,74 Gb Free Space | 94,36% Space Free | Partition Type: NTFS
Drive E: | 39,06 Gb Total Space | 35,30 Gb Free Space | 90,38% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive H: | 232,88 Gb Total Space | 176,72 Gb Free Space | 75,88% Space Free | Partition Type: NTFS
Computer Name: KATINKA-PC | User Name: Katinka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Katinka\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\ASUS\WLAN Card Utilities\Center.exe (ASUSTeK COMPUTER INC.)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\ASUS\WLAN Card Utilities\ASWLCCSVC.exe ()
========== Modules (No Company Name) ==========
MOD - C:\Users\Katinka\AppData\Roaming\13001.027\components\AcroFF027.dll ()
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
========== Win32 Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ASWLCCSvc) -- C:\Programme\ASUS\WLAN Card Utilities\ASWLCCSVC.exe ()
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (RkHit) -- C:\Windows\system32\drivers\RKHit.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (PCASp50) -- C:\Windows\System32\drivers\PcaSp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C4 5F 50 EF A1 5F CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.update: false
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.02.10 22:37:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.16 02:41:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.03.11 01:11:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.07.19 11:33:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\{9A207F60-3F1C-4ED0-972D-0A4CDFBFF803}: C:\Users\Katinka\AppData\Roaming\13001.027 [2012.07.18 12:36:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.16 02:41:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.03.11 01:11:11 | 000,000,000 | ---D | M]
[2012.05.12 12:59:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katinka\AppData\Roaming\mozilla\Extensions
[2012.07.14 02:31:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Katinka\AppData\Roaming\mozilla\Firefox\Profiles\taoop2g5.default\extensions
[2012.07.14 02:31:12 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Katinka\AppData\Roaming\mozilla\Firefox\Profiles\taoop2g5.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.05.02 22:12:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.18 12:36:56 | 000,000,000 | ---D | M] (Java Link Helper) -- C:\USERS\KATINKA\APPDATA\ROAMING\13001.027
[2012.06.16 02:41:25 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.04.03 16:03:54 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.29 19:21:33 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2011.05.07 00:50:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.07 00:50:12 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.05.07 00:50:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.07 00:50:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.07 00:50:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.07 00:50:12 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Control Center] C:\Programme\ASUS\WLAN Card Utilities\CenterAgent.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2592A00C-BF48-485F-99FA-3558E9C5DE43}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D91AA26A-92FE-462A-9F30-7FB7D71ED2D5}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.20 15:36:34 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Katinka\Desktop\OTL.exe
[2012.07.20 15:34:37 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.20 13:22:07 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\Malwarebytes
[2012.07.20 13:21:55 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.20 13:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.20 13:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.20 13:21:54 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.18 12:36:56 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\13001.027
[2012.07.17 17:48:17 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\13001.026
[2012.07.14 21:05:29 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\13001.025
[2012.07.14 02:31:15 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\QuickScan
[2012.07.14 02:10:12 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\Curiolab
[2012.07.13 17:03:10 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\13001.024
[2012.07.13 00:07:08 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\13001.023
[2012.07.13 00:06:39 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\xmldm
[2012.07.13 00:06:38 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\kock
[2012.07.12 03:02:23 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.11 10:34:46 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.11 10:34:44 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll
[2012.07.11 10:34:43 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll
[2012.07.08 19:56:39 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Roaming\Avira
[2012.07.08 19:53:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.07.08 19:52:40 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.07.08 19:52:39 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2012.07.08 19:52:39 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.07.08 19:52:39 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.07.08 19:52:39 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.06.24 01:09:45 | 000,000,000 | ---D | C] -- C:\Users\Katinka\AppData\Local\Macromedia
[1 C:\Users\Katinka\AppData\Roaming\*.tmp files -> C:\Users\Katinka\AppData\Roaming\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.20 15:40:25 | 000,015,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.20 15:40:25 | 000,015,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.20 15:36:41 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Katinka\Desktop\OTL.exe
[2012.07.20 15:34:37 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.20 15:33:14 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.20 15:33:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.20 15:32:55 | 1610,063,872 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.20 15:28:03 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.20 14:57:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.20 13:21:55 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.20 02:30:36 | 000,000,034 | ---- | M] () -- C:\Users\Katinka\AppData\Roaming\blckdom.res
[2012.07.18 18:00:02 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\SyncBack Gesamtsicherung.job
[2012.07.13 22:48:05 | 000,000,051 | ---- | M] () -- C:\Users\Katinka\AppData\Roaming\urhtps.dat
[2012.07.13 13:01:45 | 001,389,055 | ---- | M] () -- C:\Users\Katinka\Desktop\Kursinfo_S12.pdf
[2012.07.12 04:17:31 | 000,362,160 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.12 01:57:08 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.12 01:57:08 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.08 18:01:05 | 004,503,728 | ---- | M] () -- C:\ProgramData\go_0molg.pad
[2012.07.05 20:04:26 | 001,500,792 | R--- | M] () -- C:\Users\Katinka\Desktop\kinderyoga-postkarte2.pdf
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.24 16:24:28 | 000,344,407 | ---- | M] () -- C:\Users\Katinka\Desktop\pingus.jpg
[2012.06.24 16:21:08 | 004,383,046 | ---- | M] () -- C:\Users\Katinka\Desktop\P1030872.jpg
[2012.06.24 04:31:44 | 000,001,564 | ---- | M] () -- C:\Users\Katinka\Desktop\2_AnmeldeH12.lnk
[1 C:\Users\Katinka\AppData\Roaming\*.tmp files -> C:\Users\Katinka\AppData\Roaming\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.20 13:21:55 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.13 13:15:53 | 000,000,051 | ---- | C] () -- C:\Users\Katinka\AppData\Roaming\urhtps.dat
[2012.07.13 13:06:51 | 001,389,055 | ---- | C] () -- C:\Users\Katinka\Desktop\Kursinfo_S12.pdf
[2012.07.13 00:06:50 | 000,000,034 | ---- | C] () -- C:\Users\Katinka\AppData\Roaming\blckdom.res
[2012.07.08 17:54:22 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad
[2012.07.05 20:04:28 | 001,500,792 | R--- | C] () -- C:\Users\Katinka\Desktop\kinderyoga-postkarte2.pdf
[2012.06.24 04:31:49 | 000,001,564 | ---- | C] () -- C:\Users\Katinka\Desktop\2_AnmeldeH12.lnk
[2012.03.13 17:06:39 | 000,002,048 | -HS- | C] () -- C:\Users\Katrin\AppData\Local\b38b0acd\@
[2011.11.29 18:17:47 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB18105$] -> Error: Cannot create file handle -> Unknown point type
< End of report >
--- --- ---
____________________________________________________OTL Logfile: Code:
OTL Extras logfile created on: 20.07.2012 15:38:59 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\Katinka\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,05 Gb Available Physical Memory | 52,61% Memory free
4,00 Gb Paging File | 2,77 Gb Available in Paging File | 69,15% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 150,04 Gb Total Space | 111,55 Gb Free Space | 74,34% Space Free | Partition Type: NTFS
Drive D: | 108,88 Gb Total Space | 102,74 Gb Free Space | 94,36% Space Free | Partition Type: NTFS
Drive E: | 39,06 Gb Total Space | 35,30 Gb Free Space | 90,38% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive H: | 232,88 Gb Total Space | 176,72 Gb Free Space | 75,88% Space Free | Partition Type: NTFS
Computer Name: KATINKA-PC | User Name: Katinka | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14BDCAB6-561F-4767-A2ED-030CFB248297}" = rport=139 | protocol=6 | dir=out | app=system |
"{2158CCFA-8055-43A6-BA66-AAD633F77194}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{42D6D01E-017B-4F98-BA85-C1C09AD2541E}" = lport=137 | protocol=17 | dir=in | app=system |
"{4AE40ABE-94D1-4134-AE90-27A92F09FA29}" = rport=138 | protocol=17 | dir=out | app=system |
"{65221001-24EF-4ECD-9831-82BCCA4AA11B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{853FFA5D-5BF5-4970-8454-A85531C8EF47}" = lport=138 | protocol=17 | dir=in | app=system |
"{89A943C3-823C-4881-96A2-46DA8893F142}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{99BFCA4C-164C-4901-B984-8E168F9BEE3A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B36FBF6F-E58E-488F-9533-5DE3629EDDF5}" = rport=445 | protocol=6 | dir=out | app=system |
"{B81E2D02-0647-48F3-8483-C91F118B51D9}" = rport=137 | protocol=17 | dir=out | app=system |
"{D229E686-1D92-4560-A612-C3BDA46F26E7}" = lport=139 | protocol=6 | dir=in | app=system |
"{E7281FBB-8241-4831-A488-020538D0B0E8}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0627822A-D931-4997-9F69-5681C7C3CBCA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{0782BB23-3725-49BF-94FD-81F9F6ACC741}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{112DB564-2BB8-468E-99C4-5362B5F64C9C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{18F3751A-7245-44D9-A19D-6460F7EF638A}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{264CC154-D587-41DE-9252-CDF298099469}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{28B2BE97-14DC-42E5-94A4-4412E178591C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{2AF41BF9-CF77-49E1-BB4A-0FDA767943B6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{2E95A3A2-DD5A-4316-B899-9AD391F06B34}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{30D5496C-FEF0-43A7-9F3B-C16B7376DDB6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{3CBCD0D3-1AAD-4275-BFC7-EE2FA121BF4D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{3DF32514-B2BA-44EF-8D4F-3D9B370C9DA6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{46328EA7-9EBF-4A53-816D-23648EE17097}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{47456680-9685-4679-A80B-0AB44DE984ED}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{482E29B1-0A0F-4401-A3BC-94B9AB3FC928}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{523D9832-FE25-4130-8DC0-AC55F6350FF6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{69C4123F-3224-4D4A-A929-E79992CCE722}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{7AC3029F-ACD6-4219-83F3-ECC763A70915}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{7E9C41E7-7F1F-4401-946E-52EA91E9B5CA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{8A0898CA-7D73-4940-93AA-91C030FE222C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{8ADF6CA0-814F-4FEB-969B-7EE4755DC3E5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{9D69E1AB-3B01-490F-BEBB-D39BB0DA4D49}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{A1D48DE1-353D-4F27-AAFF-444A0978FF55}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{B64961CE-027D-4A68-AD8F-51C0C5F8DC5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{C799746A-6D41-4018-931E-0E20CE7A1793}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{CD47C803-4783-4F2B-A403-5480AFE9D52D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{DC5CF8F4-B1FF-413F-B87A-C8BDCFB8CAEA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{DD2BAD97-9225-46C7-84CF-CCFF34C07CB2}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{DD9CAA33-A940-4081-8C88-F9CEF7C5CFE0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{DF18DA88-6F5A-4E13-9B3B-E95D13A03CB9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{EC6AB9A0-D6FB-4027-86A7-DD531150CFE7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"TCP Query User{99DF5713-4189-4797-BCCA-4092D2D4CDE9}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{C8CCD53C-8426-416E-A407-4C8A3C8DFE09}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{E4F77B98-2B11-4FED-9D74-81AE69745F9B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{CAE49392-C2A4-4960-8238-232E51BEA3E4}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{EE72E0D4-CAB1-4625-828B-10BF610CCAF8}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{F087D791-3A32-449A-9B1F-5C3368142EA3}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8F722FA9-B994-4C9B-B292-FD32D6206EDF}" = ASUS WLAN Card Utilities/Driver
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"1&1 SmartFax" = 1&1 SmartFax
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BurnAware Free_is1" = BurnAware Free 2.4.3
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ElsterFormular für Privatanwender und Unternehmer 12.0.0.5880k" = ElsterFormular-Update
"Exterminate It!" = Exterminate It!
"FileZilla Client" = FileZilla Client 3.5.3
"Foxit Reader" = Foxit Reader
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Image Analyzer" = Image Analyzer
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"Mozilla Thunderbird 14.0 (x86 de)" = Mozilla Thunderbird 14.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NoteTab Light 6_is1" = NoteTab Light 6 (Remove only)
"RarZilla Free Unrar" = RarZilla Free Unrar
"Shop for HP Supplies" = Shop for HP Supplies
"Spesoft Free CD Ripper_is1" = Spesoft Free CD Ripper Version 2.60
"SyncBack_is1" = SyncBack
"VLC media player" = VLC media player 1.0.1
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 14.01.2012 08:52:42 | Computer Name = Katrin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 9.0.1.4371,
Zeitstempel: 0x4ef15e07 Name des fehlerhaften Moduls: FOXITR~1.OCX, Version: 1.0.1.1113,
Zeitstempel: 0x4afcef8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002ccd ID des fehlerhaften
Prozesses: 0x9ac Startzeit der fehlerhaften Anwendung: 0x01ccd2bb661c7b76 Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\plugin-container.exe Pfad
des fehlerhaften Moduls: C:\PROGRA~1\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX Berichtskennung:
a56a68fc-3eae-11e1-bdc2-001966ef2012
Error - 14.01.2012 12:46:51 | Computer Name = Katrin-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 14.01.2012 19:37:45 | Computer Name = Katrin-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\mozbackup\dll\DelZip179.dll".
Fehler in Manifest- oder Richtliniendatei "c:\program files\mozbackup\dll\DelZip179.dll"
in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist
ungültig.
Error - 14.01.2012 23:27:31 | Computer Name = Katrin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 9.0.1.4371,
Zeitstempel: 0x4ef15e07 Name des fehlerhaften Moduls: FOXITR~1.OCX, Version: 1.0.1.1113,
Zeitstempel: 0x4afcef8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002ccd ID des fehlerhaften
Prozesses: 0xddc Startzeit der fehlerhaften Anwendung: 0x01ccd3359b706a0c Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\plugin-container.exe Pfad
des fehlerhaften Moduls: C:\PROGRA~1\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX Berichtskennung:
dad27569-3f28-11e1-bdc2-001966ef2012
Error - 15.01.2012 08:11:06 | Computer Name = Katrin-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 16.01.2012 09:37:13 | Computer Name = Katrin-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 16.01.2012 11:01:39 | Computer Name = Katrin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 9.0.1.4371,
Zeitstempel: 0x4ef15e07 Name des fehlerhaften Moduls: FOXITR~1.OCX, Version: 1.0.1.1113,
Zeitstempel: 0x4afcef8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002ccd ID des fehlerhaften
Prozesses: 0x2bc Startzeit der fehlerhaften Anwendung: 0x01ccd45fbe3d0089 Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\plugin-container.exe Pfad
des fehlerhaften Moduls: C:\PROGRA~1\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX Berichtskennung:
fdd5bbd7-4052-11e1-81aa-001966ef2012
Error - 16.01.2012 19:48:44 | Computer Name = Katrin-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\mozbackup\dll\DelZip179.dll".
Fehler in Manifest- oder Richtliniendatei "c:\program files\mozbackup\dll\DelZip179.dll"
in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist
ungültig.
Error - 16.01.2012 21:58:21 | Computer Name = Katrin-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 16.01.2012 22:56:50 | Computer Name = Katrin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 9.0.1.4371,
Zeitstempel: 0x4ef15e07 Name des fehlerhaften Moduls: FOXITR~1.OCX, Version: 1.0.1.1113,
Zeitstempel: 0x4afcef8f Ausnahmecode: 0xc0000005 Fehleroffset: 0x00002ccd ID des fehlerhaften
Prozesses: 0x6c0 Startzeit der fehlerhaften Anwendung: 0x01ccd4c3a783c9b9 Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\plugin-container.exe Pfad
des fehlerhaften Moduls: C:\PROGRA~1\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX Berichtskennung:
e68ecf41-40b6-11e1-bd05-001966ef2012
[ System Events ]
Error - 20.07.2012 08:23:59 | Computer Name = Katinka-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 20.07.2012 08:24:05 | Computer Name = Katinka-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 20.07.2012 08:24:14 | Computer Name = Katinka-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 20.07.2012 08:24:20 | Computer Name = Katinka-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 20.07.2012 08:24:23 | Computer Name = Katinka-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 20.07.2012 08:24:33 | Computer Name = Katinka-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 20.07.2012 08:24:42 | Computer Name = Katinka-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 20.07.2012 08:24:48 | Computer Name = Katinka-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 20.07.2012 08:25:09 | Computer Name = Katinka-PC | Source = Disk | ID = 262151
Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error - 20.07.2012 09:32:54 | Computer Name = Katinka-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
an den Computerhersteller, um aktualisierte Firmware zu erhalten.
< End of report >
--- --- --- |
